Rozšíření, které nejde odstranit z prohlížeče google chrome

[lada1379]

Dobrý den,
nechtěně jsem si do google chrome natahal několik rozšíření, vymazal jsem to co jsem zvládl, ale jedno rozšíření zůstalo a nešlo vymazat (Nainstalováno podnikovými zásadami.). Pošlu vám sem log z FRST podle postupu tady z fóra, tak bych poprosil o pomoc při zbavování se toho. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Kostra (administrator) on KUBA (04-09-2017 17:06:21)
Running from C:\Users\Kostra\Desktop
Loaded Profiles: Kostra (Available Profiles: Kostra & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Kostra\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-01-05] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-04-19] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {62166bf1-7915-11e7-ab89-2c4d5458da91} - D:\Autorun.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e00cf949-40be-11e7-84d6-806e6f6e6963} - D:\Bin\Instv2.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e1a6619e-8fcb-11e7-9606-2c4d5458da91} - E:\setup.exe
HKU\S-1-5-18\...\Run: [Free Download Manager] => "C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-05-25] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{664BD440-510A-4BD1-8298-F22FC705A0FA}: [NameServer] 10.255.255.10,10.255.255.20

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3379645968-3260110219-3458388111-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF DefaultProfile: pulzv5w9.default
FF ProfilePath: C:\Users\Kostra\AppData\Roaming\Mozilla\Firefox\Profiles\pulzv5w9.default [2017-09-04]
FF Extension: (Firefox Screenshots) - C:\Users\Kostra\AppData\Roaming\Mozilla\Firefox\Profiles\pulzv5w9.default\features\{c3931705-5ad1-48c1-a818-90858281a186}\screenshots@mozilla.org.xpi [2017-09-04]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default [2017-09-04]
CHR Extension: (Prezentace Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-04]
CHR Extension: (Dokumenty Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-04]
CHR Extension: (Disk Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-04]
CHR Extension: (YouTube) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-04]
CHR Extension: (Tabs 2 Grid) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh [2017-09-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-04]
CHR HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-01-22] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe [2394072 2016-09-20] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-07-26] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-06-04] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-04-04] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-01-05] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-06-04] (BitRaider)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32240 2017-01-05] (Intel Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [25920 2017-01-26] (ASUSTeK Computer Inc.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-06] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 17:06 - 2017-09-04 17:06 - 000013640 _____ C:\Users\Kostra\Desktop\FRST.txt
2017-09-04 17:05 - 2017-09-04 17:06 - 000000000 ____D C:\FRST
2017-09-04 17:03 - 2017-09-04 17:03 - 000112640 _____ (forum.viry.cz) C:\Users\Kostra\Desktop\FRSTLauncher.exe
2017-09-04 17:02 - 2017-09-04 17:02 - 002395648 _____ (Farbar) C:\Users\Kostra\Desktop\FRST64.exe
2017-09-04 16:37 - 2017-09-04 16:37 - 001130328 _____ (Google Inc.) C:\Users\Kostra\Downloads\ChromeSetup.exe
2017-09-04 16:37 - 2017-09-04 16:37 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-04 16:37 - 2017-09-04 16:37 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-04 16:37 - 2017-09-04 16:37 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-04 16:37 - 2017-09-04 16:37 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-04 16:36 - 2017-09-04 16:41 - 000000000 ____D C:\Users\Kostra\AppData\Local\Mozilla
2017-09-04 16:36 - 2017-09-04 16:36 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-04 16:36 - 2017-09-04 16:36 - 000000924 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-04 16:36 - 2017-09-04 16:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-04 16:35 - 2017-09-04 16:35 - 000245920 _____ (Mozilla) C:\Users\Kostra\Downloads\Firefox Installer.exe
2017-09-04 16:24 - 2017-09-04 16:24 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-09-04 16:21 - 2017-09-04 16:21 - 000001085 _____ C:\Users\Kostra\Desktop\The Escapists 2.lnk
2017-09-04 16:21 - 2017-09-04 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Escapists 2
2017-09-04 16:21 - 2017-09-04 16:21 - 000000000 ____D C:\Program Files (x86)\The Escapists 2
2017-09-04 16:03 - 2017-09-04 16:06 - 000000000 ____D C:\Users\Kostra\Downloads\plaza-the.escapists.2
2017-09-04 15:17 - 2017-09-04 15:35 - 000000000 ____D C:\Users\Kostra\Documents\The Escapists
2017-09-04 15:17 - 2017-09-04 15:17 - 000000000 ____D C:\Users\Kostra\Downloads\The.Escapists.v1.24.Incl.5.DLCs
2017-09-04 15:17 - 2017-09-04 15:17 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\WinRAR
2017-09-04 15:17 - 2017-09-04 15:17 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\MMFApplications
2017-09-04 15:14 - 2017-09-04 15:14 - 104655363 _____ C:\Users\Kostra\Downloads\The.Escapists.v1.24.Incl.5.DLCs.rar
2017-09-04 10:35 - 2017-01-26 13:27 - 000025920 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2017-09-02 16:35 - 2017-09-02 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call Of Duty Modern Warfare 2
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\Program Files\WinRAR
2017-09-02 16:27 - 2017-09-02 16:27 - 000809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpAE4D.tmp
2017-09-02 16:27 - 2017-09-02 16:27 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000000000 ____D C:\Program Files (x86)\OpenAL
2017-09-02 16:26 - 2017-09-02 16:29 - 000000000 ____D C:\Program Files (x86)\Call Of Duty Modern Warfare 2
2017-09-02 16:01 - 2017-09-02 16:02 - 000000000 ____D C:\Users\Kostra\Downloads\Call Of Duty Modern Warfare 2 - t2k9
2017-09-02 15:00 - 2017-09-02 15:03 - 1543228352 _____ C:\Users\Kostra\Downloads\A.Dogs.Purpose.2017.BRRip.XviD.AC3.CZ-PiRaTE.avi
2017-09-02 14:52 - 2017-09-02 14:52 - 000000000 ____D C:\Users\Kostra\AppData\Local\CallofDuty4MW
2017-09-02 14:14 - 2017-09-02 14:14 - 000002990 _____ C:\Windows\System32\Tasks\elbyExecuteWithUAC
2017-09-02 14:11 - 2017-09-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-09-02 14:03 - 2017-09-02 14:18 - 000000000 ____D C:\Users\Kostra\Downloads\Call of duty 4 Multiplayer
2017-09-01 16:31 - 2017-09-01 16:34 - 000000000 ____D C:\Users\Kostra\AppData\Local\Jyrkaa
2017-09-01 15:20 - 2017-09-01 15:20 - 000000000 ____D C:\Users\Kostra\Documents\Square Enix
2017-09-01 14:35 - 2017-09-01 14:35 - 000003122 _____ C:\Windows\System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB}
2017-08-31 19:48 - 2017-08-31 19:49 - 000000000 ____D C:\Users\Kostra\Downloads\Harwia.cz - Klient v0.1
2017-08-29 14:46 - 2017-08-29 14:46 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Unity
2017-08-29 14:46 - 2017-08-29 14:46 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Noble Empire
2017-08-28 22:20 - 2017-08-28 22:20 - 000000000 __RHD C:\Users\Kostra\AppData\Roaming\SecuROM
2017-08-28 21:42 - 2017-08-28 21:42 - 001700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-08-28 21:42 - 2017-08-28 21:42 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2017-08-28 21:42 - 2017-08-28 21:42 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcr71.dll
2017-08-28 21:38 - 2017-08-28 21:38 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2017-08-28 16:33 - 2017-08-28 16:33 - 000000000 ____D C:\Users\Kostra\Documents\Eek
2017-08-28 16:33 - 2017-08-28 16:33 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Eek
2017-08-28 11:17 - 2017-09-03 21:04 - 000000000 ____D C:\Users\Kostra\Desktop\Hry
2017-08-26 21:36 - 2017-08-26 22:46 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\discord
2017-08-26 21:36 - 2017-08-26 21:36 - 000002165 _____ C:\Users\Kostra\Desktop\Discord.lnk
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Local\SquirrelTemp
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Local\Discord
2017-08-24 21:46 - 2017-08-24 21:46 - 000000000 ____D C:\Users\Kostra\Documents\DayZ Other Profiles
2017-08-24 21:38 - 2017-08-26 19:20 - 000000000 ____D C:\Users\Kostra\AppData\Local\DayZ
2017-08-24 21:34 - 2017-08-24 21:35 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\SmartSteamEmu
2017-08-24 21:33 - 2017-08-25 21:19 - 000000000 ____D C:\Users\Kostra\Documents\DayZ
2017-08-20 22:16 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-08-20 20:04 - 2017-08-20 20:04 - 000000000 ____D C:\bin
2017-08-20 15:09 - 2017-08-20 15:11 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Heroes and Generals
2017-08-20 15:08 - 2017-08-20 15:08 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Macromedia
2017-08-20 10:57 - 2017-08-20 15:45 - 000000000 ____D C:\Users\Kostra\AppData\Local\PAYDAY 2
2017-08-08 22:05 - 2017-08-08 22:05 - 000000000 ____D C:\Users\Kostra\AppData\Local\Targem
2017-08-08 21:49 - 2017-08-08 23:09 - 000000000 ____D C:\Users\Kostra\AppData\Local\Crossout
2017-08-08 21:49 - 2017-08-08 21:49 - 000000000 ____D C:\ProgramData\Gaijin
2017-08-07 23:38 - 2017-08-20 15:10 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\NVIDIA
2017-08-07 23:36 - 2017-08-07 23:36 - 000000000 ____D C:\ProgramData\VS Revo Group
2017-08-07 23:30 - 2017-08-17 20:11 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-08-07 23:30 - 2017-08-07 23:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-07 23:30 - 2017-05-18 09:33 - 000513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-08-07 23:30 - 2017-05-18 09:33 - 000418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 006437824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 002479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 001762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000548984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-08-07 23:30 - 2017-05-18 07:21 - 000134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-08-07 23:30 - 2017-05-16 20:09 - 007993157 _____ C:\Windows\system32\nvcoproc.bin
2017-08-07 23:30 - 2017-03-10 23:17 - 000536864 _____ C:\Windows\system32\vulkan-1.dll
2017-08-07 23:30 - 2017-03-10 23:17 - 000525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-08-07 23:30 - 2017-03-10 23:17 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-08-07 23:30 - 2017-03-10 23:17 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-08-05 17:30 - 2017-08-05 17:30 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-08-05 17:27 - 2017-08-29 19:59 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-08-05 17:27 - 2017-08-05 17:27 - 000001090 _____ C:\Users\Kostra\Desktop\MSI Afterburner.lnk
2017-08-05 17:27 - 2017-08-05 17:27 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-08-05 17:03 - 2017-08-05 17:03 - 000007888 _____ C:\Users\Kostra\AppData\Local\recently-used.xbel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 16:37 - 2017-05-25 00:05 - 000000000 ____D C:\Users\Kostra\AppData\Local\Google
2017-09-04 16:37 - 2017-05-25 00:05 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-04 16:36 - 2017-07-22 11:43 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Mozilla
2017-09-04 16:36 - 2017-07-22 11:43 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Mozilla
2017-09-04 16:36 - 2017-07-22 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 16:33 - 2017-05-24 22:20 - 000001397 _____ C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-04 16:24 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-04 16:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-09-04 16:22 - 2017-07-26 18:31 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-04 16:21 - 2017-07-29 02:50 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\uTorrent
2017-09-04 12:25 - 2017-05-25 00:30 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-04 12:21 - 2017-07-26 18:49 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\.minecraft
2017-09-04 10:43 - 2009-07-14 06:45 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-04 10:43 - 2009-07-14 06:45 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-04 10:41 - 2009-07-14 17:18 - 000669176 _____ C:\Windows\system32\perfh005.dat
2017-09-04 10:41 - 2009-07-14 17:18 - 000141334 _____ C:\Windows\system32\perfc005.dat
2017-09-04 10:41 - 2009-07-14 07:13 - 001585684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-04 10:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-04 10:35 - 2017-05-25 19:39 - 000002972 _____ C:\Windows\System32\Tasks\GPU Tweak II
2017-09-04 10:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-03 01:03 - 2017-08-03 19:32 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\TS3Client
2017-09-02 19:32 - 2017-06-06 20:54 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\vlc
2017-09-02 16:42 - 2017-05-26 16:02 - 000000000 ____D C:\Users\Kostra\AppData\Local\CrashDumps
2017-09-02 16:27 - 2009-06-03 11:25 - 000809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpAE4C.tmp
2017-09-02 14:18 - 2017-07-27 19:19 - 000000000 ____D C:\Users\Kostra\AppData\Local\PunkBuster
2017-09-02 14:11 - 2017-08-04 16:39 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-09-02 13:13 - 2017-05-24 22:20 - 000000000 ____D C:\Users\Kostra\AppData\Local\VirtualStore
2017-09-01 16:42 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-01 16:34 - 2017-05-24 22:20 - 000000000 ____D C:\Users\Kostra
2017-08-29 19:59 - 2017-07-28 22:53 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-08-29 17:06 - 2017-05-28 22:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-28 22:25 - 2017-06-05 20:21 - 000000000 ____D C:\Users\Kostra\Documents\Rockstar Games
2017-08-28 22:22 - 2017-06-05 20:21 - 000000000 ____D C:\Users\Kostra\AppData\Local\Rockstar Games
2017-08-28 22:21 - 2017-05-25 00:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-28 11:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-08-27 19:22 - 2017-05-25 20:25 - 000000022 _____ C:\Windows\GPU-Z.INI
2017-08-25 15:07 - 2017-05-25 00:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-24 19:50 - 2017-05-25 20:47 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-24 19:50 - 2017-05-25 00:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-24 19:50 - 2017-05-25 00:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-24 19:48 - 2009-07-14 07:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-23 17:43 - 2017-08-03 19:31 - 000000000 ____D C:\Users\Kostra\AppData\Local\TeamSpeak 3 Client
2017-08-20 22:25 - 2017-05-26 16:02 - 000000000 ____D C:\Users\Kostra\Documents\My Games
2017-08-20 14:44 - 2017-07-01 09:39 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Skype
2017-08-19 21:32 - 2017-05-28 22:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-18 06:37 - 2017-05-25 20:47 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-08-18 06:36 - 2017-07-25 17:05 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-08-18 06:36 - 2017-07-25 17:05 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-08-17 18:26 - 2017-05-25 20:47 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-08-08 18:19 - 2017-08-03 16:57 - 000000000 ____D C:\Users\Kostra\Downloads\BeamNG.drive v0.9.0.5
2017-08-07 23:44 - 2017-05-25 00:30 - 000000000 ____D C:\Users\Kostra\AppData\Local\NVIDIA Corporation
2017-08-07 23:33 - 2017-05-25 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-07 23:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Help
2017-08-07 21:56 - 2017-08-03 17:04 - 000000000 ____D C:\Users\Kostra\Documents\BeamNG.drive
2017-08-05 17:30 - 2017-07-28 22:53 - 000000000 ___HD C:\Windows\msdownld.tmp
2017-08-05 17:30 - 2017-06-05 20:19 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-08-05 17:18 - 2017-07-29 03:23 - 000000000 ____D C:\Users\Kostra\.gimp-2.8
2017-08-05 16:59 - 2017-08-03 19:37 - 000000000 ____D C:\Users\Kostra\AppData\Local\gtk-2.0

==================== Files in the root of some directories =======

2017-08-05 17:03 - 2017-08-05 17:03 - 000007888 _____ () C:\Users\Kostra\AppData\Local\recently-used.xbel
2017-05-25 18:12 - 2017-05-25 18:12 - 000007602 _____ () C:\Users\Kostra\AppData\Local\Resmon.ResmonCfg
2017-05-25 00:07 - 2017-05-25 00:07 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-08-28 22:20 - 2017-08-28 22:20 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Kostra\AppData\Local\Temp\drm_dyndata_7370014.dll
2017-08-31 20:16 - 2017-08-31 20:16 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Kostra\AppData\Local\Temp\jansi-64-7069307973780323457.dll
2017-07-25 17:09 - 2017-07-19 00:38 - 000758472 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvSCPAPI.dll
2017-07-25 17:09 - 2017-07-19 00:38 - 000873136 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvSCPAPI64.dll
2017-07-25 17:07 - 2017-07-19 00:38 - 000368760 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvStInst.exe
2017-08-03 19:31 - 2017-08-03 19:31 - 000065280 _____ () C:\Users\Kostra\AppData\Local\Temp\utils.dll
2017-07-22 12:11 - 2017-07-22 12:11 - 015301888 _____ (Microsoft Corporation) C:\Users\Kostra\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-23 16:08

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:238.37 GB) (Free:30.35 GB) NTFS
Drive e: (The Escapists 2) (CDROM) (Total:1.24 GB) (Free:0 GB) UDF

Available physical RAM: 13264.9 MB
Total physical RAM: 16327.2 MB
Percentage of memory in use: 18%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: D5BF8D32)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Kostra:Heroes & Generals [38]

==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kostra\Desktop" je 4327 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FMClickerPro_Updater_1
C:\Users\Kostra\AppData\Roaming\FMClickerPro_v_1\FMClickerPro_Updater_1.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kostra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ts3server.exe - z stupce.lnk
C:\teamspeak3-server_win64\ts3server.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zderavím!

Nainstalováno podnikovými zásadami

Chcete říci, že tento stroj je firemní?

[lada1379]

Chcete říci, že tento stroj je firemní?

Stroj není firemní, je to můj osobní počítač u mě doma.
Místo tlačítka na odstranění rozšíření z chromu je tam tlačítko, které nejde zmáčnout s popisem "Nainstalováno podnikovými zásadami".
Vím že jsem si to tam rozhodně nedal chtěně stejně tak jako teď vymazávám procesy a programy po spuštění, které mě navštívili zřejmě společně s tímto.
Antivirus nemám, ale uvažuju o nějakém pokud je nějaký freeware, můžete mi ho doporučit. Hlavně prosím o kontrole toho logu a zbavení se toho rozšíření. Děkuji

[Rudy]

OK. Z free antivirů doporučuji buď Avast: https://www.avast.com/cs-cz/lp-ppc-nbu- ... dwodddcAAA , nebo Aviru: https://www.avira.com/ . Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[lada1379]

# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 04 18:07:08 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Guest\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Guest\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\Kostra\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESTsoft
Deleted: C:\ProgramData\ESTsoft
Deleted: C:\ProgramData\Application Data\ESTsoft
Deleted: C:\Program Files (x86)\ESTsoft
Deleted: C:\Users\All Users\ESTsoft
Deleted: C:\Users\Kostra\AppData\Roaming\ESTsoft


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Users\Kostra\AppData\Local\Temp\Utils.dll


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D143699B-B10E-42EF-A9E2-CB2D5CD3A8FB}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{94134FB2-2F76-461F-B113-5F6013E5E70D}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2930 B] - [2017/9/4 18:6:10]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

Dejte nový log FRST.

[lada1379]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Kostra (administrator) on KUBA (04-09-2017 20:15:53)
Running from C:\Users\Kostra\Desktop
Loaded Profiles: Kostra (Available Profiles: Kostra & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-01-05] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-04-19] (Intel Corporation)
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {62166bf1-7915-11e7-ab89-2c4d5458da91} - D:\Autorun.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e00cf949-40be-11e7-84d6-806e6f6e6963} - D:\Bin\Instv2.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e1a6619e-8fcb-11e7-9606-2c4d5458da91} - E:\setup.exe
HKU\S-1-5-18\...\Run: [Free Download Manager] => "C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-05-25] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{664BD440-510A-4BD1-8298-F22FC705A0FA}: [NameServer] 10.255.255.10,10.255.255.20

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3379645968-3260110219-3458388111-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF DefaultProfile: vkog180d.default-1504545804122
FF ProfilePath: C:\Users\Kostra\AppData\Roaming\Mozilla\Firefox\Profiles\vkog180d.default-1504545804122 [2017-09-04]
FF Extension: (Firefox Screenshots) - C:\Users\Kostra\AppData\Roaming\Mozilla\Firefox\Profiles\vkog180d.default-1504545804122\features\{16dc6607-0a10-4f9f-bf27-01fd77c5300c}\screenshots@mozilla.org.xpi [2017-09-04]
FF ProfilePath: C:\Users\Kostra\AppData\Roaming\K-Meleon\v0emf4mj.default [2017-09-04]
FF user.js: detected! => C:\Users\Kostra\AppData\Roaming\K-Meleon\v0emf4mj.default\user.js [2006-04-06]
FF Extension: (No Name) - C:\Program Files (x86)\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [not found]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default [2017-09-04]
CHR Extension: (Prezentace Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-04]
CHR Extension: (Dokumenty Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-04]
CHR Extension: (Disk Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-04]
CHR Extension: (YouTube) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky Google) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-04]
CHR Extension: (Tabs 2 Grid) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh [2017-09-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Kostra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-04]
CHR HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-01-22] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.17\AsusFanControlService.exe [2394072 2016-09-20] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-07-26] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-06-04] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-04-04] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-01-05] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-06-04] (BitRaider)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32240 2017-01-05] (Intel Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [25920 2017-01-26] (ASUSTeK Computer Inc.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-06] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 20:15 - 2017-09-04 20:15 - 000000000 ____D C:\Users\Kostra\Desktop\a
2017-09-04 20:05 - 2017-09-04 20:07 - 000000000 ____D C:\AdwCleaner
2017-09-04 20:04 - 2017-09-04 20:05 - 008182736 _____ (Malwarebytes) C:\Users\Kostra\Downloads\adwcleaner_7.0.2.1.exe
2017-09-04 19:31 - 2017-09-04 19:31 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-09-04 19:31 - 2017-09-04 19:31 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Team 17 Digital ltd_
2017-09-04 19:31 - 2017-09-04 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Escapists 2
2017-09-04 19:30 - 2017-09-04 19:31 - 000000000 ____D C:\Program Files (x86)\The Escapists 2
2017-09-04 19:05 - 2017-09-04 19:05 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\K-Meleon
2017-09-04 19:05 - 2017-09-04 19:05 - 000000000 ____D C:\Users\Kostra\AppData\Local\K-Meleon
2017-09-04 17:38 - 2017-01-26 13:27 - 000025920 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2017-09-04 17:06 - 2017-09-04 20:16 - 000013072 _____ C:\Users\Kostra\Desktop\FRST.txt
2017-09-04 17:05 - 2017-09-04 20:15 - 000000000 ____D C:\FRST
2017-09-04 17:03 - 2017-09-04 17:03 - 000112640 _____ (forum.viry.cz) C:\Users\Kostra\Desktop\FRSTLauncher.exe
2017-09-04 17:02 - 2017-09-04 17:02 - 002395648 _____ (Farbar) C:\Users\Kostra\Desktop\FRST64.exe
2017-09-04 16:37 - 2017-09-04 16:37 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-04 16:37 - 2017-09-04 16:37 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-04 16:37 - 2017-09-04 16:37 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-04 16:36 - 2017-09-04 16:41 - 000000000 ____D C:\Users\Kostra\AppData\Local\Mozilla
2017-09-04 16:36 - 2017-09-04 16:36 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-04 16:36 - 2017-09-04 16:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-04 16:24 - 2017-09-04 16:24 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-09-04 15:17 - 2017-09-04 15:35 - 000000000 ____D C:\Users\Kostra\Documents\The Escapists
2017-09-04 15:17 - 2017-09-04 15:17 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\WinRAR
2017-09-04 15:17 - 2017-09-04 15:17 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\MMFApplications
2017-09-02 16:35 - 2017-09-02 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call Of Duty Modern Warfare 2
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 16:33 - 2017-09-02 16:33 - 000000000 ____D C:\Program Files\WinRAR
2017-09-02 16:27 - 2017-09-02 16:27 - 000809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpAE4D.tmp
2017-09-02 16:27 - 2017-09-02 16:27 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-09-02 16:27 - 2017-09-02 16:27 - 000000000 ____D C:\Program Files (x86)\OpenAL
2017-09-02 16:26 - 2017-09-02 16:29 - 000000000 ____D C:\Program Files (x86)\Call Of Duty Modern Warfare 2
2017-09-02 14:52 - 2017-09-02 14:52 - 000000000 ____D C:\Users\Kostra\AppData\Local\CallofDuty4MW
2017-09-02 14:14 - 2017-09-02 14:14 - 000002990 _____ C:\Windows\System32\Tasks\elbyExecuteWithUAC
2017-09-02 14:11 - 2017-09-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-09-02 14:03 - 2017-09-04 19:14 - 000000000 ____D C:\Users\Kostra\Downloads\Call of duty 4 Multiplayer
2017-09-01 16:31 - 2017-09-01 16:34 - 000000000 ____D C:\Users\Kostra\AppData\Local\Jyrkaa
2017-09-01 15:20 - 2017-09-01 15:20 - 000000000 ____D C:\Users\Kostra\Documents\Square Enix
2017-09-01 14:35 - 2017-09-01 14:35 - 000003122 _____ C:\Windows\System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB}
2017-08-31 19:48 - 2017-08-31 19:49 - 000000000 ____D C:\Users\Kostra\Downloads\Harwia.cz - Klient v0.1
2017-08-29 14:46 - 2017-08-29 14:46 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Unity
2017-08-29 14:46 - 2017-08-29 14:46 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Noble Empire
2017-08-28 22:20 - 2017-08-28 22:20 - 000000000 __RHD C:\Users\Kostra\AppData\Roaming\SecuROM
2017-08-28 21:42 - 2017-08-28 21:42 - 001700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-08-28 21:42 - 2017-08-28 21:42 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2017-08-28 21:42 - 2017-08-28 21:42 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msvcr71.dll
2017-08-28 21:38 - 2017-08-28 21:38 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2017-08-28 16:33 - 2017-08-28 16:33 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Eek
2017-08-28 11:17 - 2017-09-04 20:05 - 000000000 ____D C:\Users\Kostra\Desktop\Hry
2017-08-26 21:36 - 2017-08-26 22:46 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\discord
2017-08-26 21:36 - 2017-08-26 21:36 - 000002165 _____ C:\Users\Kostra\Desktop\Discord.lnk
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Local\SquirrelTemp
2017-08-26 21:36 - 2017-08-26 21:36 - 000000000 ____D C:\Users\Kostra\AppData\Local\Discord
2017-08-24 21:46 - 2017-08-24 21:46 - 000000000 ____D C:\Users\Kostra\Documents\DayZ Other Profiles
2017-08-24 21:38 - 2017-08-26 19:20 - 000000000 ____D C:\Users\Kostra\AppData\Local\DayZ
2017-08-24 21:34 - 2017-08-24 21:35 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\SmartSteamEmu
2017-08-24 21:33 - 2017-08-25 21:19 - 000000000 ____D C:\Users\Kostra\Documents\DayZ
2017-08-20 22:16 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-08-20 20:04 - 2017-08-20 20:04 - 000000000 ____D C:\bin
2017-08-20 15:09 - 2017-08-20 15:11 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Heroes and Generals
2017-08-20 15:08 - 2017-08-20 15:08 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Macromedia
2017-08-20 10:57 - 2017-08-20 15:45 - 000000000 ____D C:\Users\Kostra\AppData\Local\PAYDAY 2
2017-08-08 22:05 - 2017-08-08 22:05 - 000000000 ____D C:\Users\Kostra\AppData\Local\Targem
2017-08-08 21:49 - 2017-08-08 23:09 - 000000000 ____D C:\Users\Kostra\AppData\Local\Crossout
2017-08-08 21:49 - 2017-08-08 21:49 - 000000000 ____D C:\ProgramData\Gaijin
2017-08-07 23:38 - 2017-08-20 15:10 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\NVIDIA
2017-08-07 23:36 - 2017-08-07 23:36 - 000000000 ____D C:\ProgramData\VS Revo Group
2017-08-07 23:30 - 2017-08-17 20:11 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-08-07 23:30 - 2017-08-07 23:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-07 23:30 - 2017-05-18 09:33 - 000513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-08-07 23:30 - 2017-05-18 09:33 - 000418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 006437824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 002479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 001762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000548984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-08-07 23:30 - 2017-05-18 07:48 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-08-07 23:30 - 2017-05-18 07:21 - 000134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-08-07 23:30 - 2017-05-16 20:09 - 007993157 _____ C:\Windows\system32\nvcoproc.bin
2017-08-07 23:30 - 2017-03-10 23:17 - 000536864 _____ C:\Windows\system32\vulkan-1.dll
2017-08-07 23:30 - 2017-03-10 23:17 - 000525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-08-07 23:30 - 2017-03-10 23:17 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-08-07 23:30 - 2017-03-10 23:17 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-08-05 17:30 - 2017-08-05 17:30 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-08-05 17:27 - 2017-08-29 19:59 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-08-05 17:27 - 2017-08-05 17:27 - 000001090 _____ C:\Users\Kostra\Desktop\MSI Afterburner.lnk
2017-08-05 17:27 - 2017-08-05 17:27 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-08-05 17:03 - 2017-08-05 17:03 - 000007888 _____ C:\Users\Kostra\AppData\Local\recently-used.xbel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 20:14 - 2009-07-14 17:18 - 000669176 _____ C:\Windows\system32\perfh005.dat
2017-09-04 20:14 - 2009-07-14 17:18 - 000141334 _____ C:\Windows\system32\perfc005.dat
2017-09-04 20:14 - 2009-07-14 07:13 - 001585684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-04 20:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-04 20:08 - 2017-07-22 11:43 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\Mozilla
2017-09-04 20:08 - 2017-05-25 19:39 - 000002972 _____ C:\Windows\System32\Tasks\GPU Tweak II
2017-09-04 20:08 - 2017-05-25 00:30 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-04 20:08 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-04 20:07 - 2017-06-30 20:21 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\IObit
2017-09-04 20:07 - 2017-06-29 23:42 - 000000000 ____D C:\Users\Guest\AppData\Roaming\IObit
2017-09-04 20:07 - 2017-05-25 18:07 - 000000000 ____D C:\Users\Kostra\AppData\LocalLow\IObit
2017-09-04 20:07 - 2017-05-25 18:07 - 000000000 ____D C:\ProgramData\IObit
2017-09-04 18:52 - 2017-07-26 18:31 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-04 17:46 - 2009-07-14 06:45 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-04 17:46 - 2009-07-14 06:45 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-04 16:37 - 2017-05-25 00:05 - 000000000 ____D C:\Users\Kostra\AppData\Local\Google
2017-09-04 16:37 - 2017-05-25 00:05 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-04 16:36 - 2017-07-22 11:43 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Mozilla
2017-09-04 16:36 - 2017-07-22 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 16:33 - 2017-05-24 22:20 - 000001397 _____ C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-04 16:24 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-04 16:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-09-04 16:21 - 2017-07-29 02:50 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\uTorrent
2017-09-04 12:21 - 2017-07-26 18:49 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\.minecraft
2017-09-03 01:03 - 2017-08-03 19:32 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\TS3Client
2017-09-02 19:32 - 2017-06-06 20:54 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\vlc
2017-09-02 16:42 - 2017-05-26 16:02 - 000000000 ____D C:\Users\Kostra\AppData\Local\CrashDumps
2017-09-02 16:27 - 2009-06-03 11:25 - 000809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpAE4C.tmp
2017-09-02 14:18 - 2017-07-27 19:19 - 000000000 ____D C:\Users\Kostra\AppData\Local\PunkBuster
2017-09-02 14:11 - 2017-08-04 16:39 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-09-02 13:13 - 2017-05-24 22:20 - 000000000 ____D C:\Users\Kostra\AppData\Local\VirtualStore
2017-09-01 16:42 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-01 16:34 - 2017-05-24 22:20 - 000000000 ____D C:\Users\Kostra
2017-08-29 19:59 - 2017-07-28 22:53 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-08-29 17:06 - 2017-05-28 22:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-28 22:25 - 2017-06-05 20:21 - 000000000 ____D C:\Users\Kostra\Documents\Rockstar Games
2017-08-28 22:22 - 2017-06-05 20:21 - 000000000 ____D C:\Users\Kostra\AppData\Local\Rockstar Games
2017-08-28 22:21 - 2017-05-25 00:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-28 11:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-08-27 19:22 - 2017-05-25 20:25 - 000000022 _____ C:\Windows\GPU-Z.INI
2017-08-25 15:07 - 2017-05-25 00:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-24 19:50 - 2017-05-25 20:47 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-24 19:50 - 2017-05-25 20:47 - 000001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-24 19:50 - 2017-05-25 00:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-24 19:50 - 2017-05-25 00:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-24 19:48 - 2009-07-14 07:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-23 17:43 - 2017-08-03 19:31 - 000000000 ____D C:\Users\Kostra\AppData\Local\TeamSpeak 3 Client
2017-08-20 22:25 - 2017-05-26 16:02 - 000000000 ____D C:\Users\Kostra\Documents\My Games
2017-08-20 14:44 - 2017-07-01 09:39 - 000000000 ____D C:\Users\Kostra\AppData\Roaming\Skype
2017-08-19 21:32 - 2017-05-28 22:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-18 06:37 - 2017-05-25 20:47 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-08-18 06:37 - 2017-05-25 20:47 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-08-18 06:36 - 2017-07-25 17:05 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-08-18 06:36 - 2017-07-25 17:05 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-08-17 18:26 - 2017-05-25 20:47 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-08-08 18:19 - 2017-08-03 16:57 - 000000000 ____D C:\Users\Kostra\Downloads\BeamNG.drive v0.9.0.5
2017-08-07 23:44 - 2017-05-25 00:30 - 000000000 ____D C:\Users\Kostra\AppData\Local\NVIDIA Corporation
2017-08-07 23:33 - 2017-05-25 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-07 23:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Help
2017-08-07 21:56 - 2017-08-03 17:04 - 000000000 ____D C:\Users\Kostra\Documents\BeamNG.drive
2017-08-05 17:30 - 2017-07-28 22:53 - 000000000 ___HD C:\Windows\msdownld.tmp
2017-08-05 17:30 - 2017-06-05 20:19 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-08-05 17:18 - 2017-07-29 03:23 - 000000000 ____D C:\Users\Kostra\.gimp-2.8
2017-08-05 16:59 - 2017-08-03 19:37 - 000000000 ____D C:\Users\Kostra\AppData\Local\gtk-2.0

==================== Files in the root of some directories =======

2017-08-05 17:03 - 2017-08-05 17:03 - 000007888 _____ () C:\Users\Kostra\AppData\Local\recently-used.xbel
2017-05-25 18:12 - 2017-05-25 18:12 - 000007602 _____ () C:\Users\Kostra\AppData\Local\Resmon.ResmonCfg
2017-05-25 00:07 - 2017-05-25 00:07 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-08-28 22:20 - 2017-08-28 22:20 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Kostra\AppData\Local\Temp\drm_dyndata_7370014.dll
2017-08-31 20:16 - 2017-08-31 20:16 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Kostra\AppData\Local\Temp\jansi-64-7069307973780323457.dll
2017-07-25 17:09 - 2017-07-19 00:38 - 000758472 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvSCPAPI.dll
2017-07-25 17:09 - 2017-07-19 00:38 - 000873136 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvSCPAPI64.dll
2017-07-25 17:07 - 2017-07-19 00:38 - 000368760 _____ (NVIDIA Corporation) C:\Users\Kostra\AppData\Local\Temp\nvStInst.exe
2017-07-22 12:11 - 2017-07-22 12:11 - 015301888 _____ (Microsoft Corporation) C:\Users\Kostra\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-23 16:08

==================== End of FRST.txt ============================

[lada1379]

Spustil jsem to přes FRST64, ne z FRSTLauncher. Nedělá to problém?

[Rudy]

Nevadí. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {62166bf1-7915-11e7-ab89-2c4d5458da91} - D:\Autorun.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e00cf949-40be-11e7-84d6-806e6f6e6963} - D:\Bin\Instv2.exe
HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\MountPoints2: {e1a6619e-8fcb-11e7-9606-2c4d5458da91} - E:\setup.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Toolbar: HKU\S-1-5-21-3379645968-3260110219-3458388111-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\DP45977C.lfl
C:\Users\Kostra\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Archiv, v kterém je zabalen Addition, je poškozen. Nelze otevřít.

[lada1379]

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Kostra (04-09-2017 21:10:57) Run:1
Running from C:\Users\Kostra\Desktop
Loaded Profiles: Kostra (Available Profiles: Kostra & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 G - Gsetup.exe
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {62166bf1-7915-11e7-ab89-2c4d5458da91} - DAutorun.exe
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {e00cf949-40be-11e7-84d6-806e6f6e6963} - DBinInstv2.exe
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {e1a6619e-8fcb-11e7-9606-2c4d5458da91} - Esetup.exe
GroupPolicy Restriction - Chrome ==== ATTENTION
Toolbar HKUS-1-5-21-3379645968-3260110219-3458388111-1000 - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin @microsoft.comGENUINE - disabled [No File]
FF Plugin-x32 @microsoft.comGENUINE - disabled [No File]
CProgramDataDP45977C.lfl
CUsersKostraAppDataLocalTemp

EmptyTemp
End
*****************

HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 G - Gsetup.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {62166bf1-7915-11e7-ab89-2c4d5458da91} - DAutorun.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {e00cf949-40be-11e7-84d6-806e6f6e6963} - DBinInstv2.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3379645968-3260110219-3458388111-1000...MountPoints2 {e1a6619e-8fcb-11e7-9606-2c4d5458da91} - Esetup.exe => Error: No automatic fix found for this entry.
GroupPolicy Restriction - Chrome ==== ATTENTION => Error: No automatic fix found for this entry.
Toolbar HKUS-1-5-21-3379645968-3260110219-3458388111-1000 - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File => Error: No automatic fix found for this entry.
FF Plugin @microsoft.comGENUINE - disabled [No File] => Error: No automatic fix found for this entry.
FF Plugin-x32 @microsoft.comGENUINE - disabled [No File] => Error: No automatic fix found for this entry.
CProgramDataDP45977C.lfl => Error: No automatic fix found for this entry.
CUsersKostraAppDataLocalTemp => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.

==== End of Fixlog 21:10:57 ====

[lada1379]

Omlouvám se pokud nebudu dnes už reagovat na příspěvek, uvidím jak to stihnu, kdybyste byl ochoten mi ještě pomoct tak tu budu až v sobotu. Respektive k pc se dostanu až v sobotu.

[Rudy]

OK. V sobotu tu ale nebudu, naše fórum má sraz. Poté kdykoli. Archiv je opět nečitelný pro winrar.

[lada1379]

Archiv je opět nečitelný pro winrar.

Nevím jak to udělat, zkusím 7-zip.

Už to zvládnu jedině takhle:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Kostra (04-09-2017 20:56:02)
Running from C:\Users\Kostra\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-05-24 20:20:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3379645968-3260110219-3458388111-500 - Administrator - Disabled)
Guest (S-1-5-21-3379645968-3260110219-3458388111-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3379645968-3260110219-3458388111-1004 - Limited - Enabled)
Kostra (S-1-5-21-3379645968-3260110219-3458388111-1000 - Administrator - Enabled) => C:\Users\Kostra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Aliens vs. Predator" (HKLM-x32\...\{A7C055C2-99B6-44B3-9604-736DF84B2A5E}_is1) (Version: - )
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.52 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
ALTools Update (HKLM-x32\...\ALUpdate_is1) (Version: v11.4.28.1 - ESTsoft Corp.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Discord (HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.7.1042 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.29 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 55.0.3 (x64 cs)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.2 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Ovládací panel NVIDIA 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.33 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version: - )
Primal Carnage (HKLM\...\Steam App 215470) (Version: - Lukewarm Media)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.6.0 (HKLM-x32\...\RTSS) (Version: 6.6.0 - Unwinder)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH)
The Escapists 2 (HKLM-x32\...\The Escapists 2_is1) (Version: - )
The Long Dark (HKLM\...\Steam App 305620) (Version: - Hinterland Studio Inc.)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-18] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0650EC04-0E00-4D18-B40C-6C94554F7ACD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {0E78ED49-9118-4E63-AD33-368D58E78E42} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] ()
Task: {0F2E8166-F820-4A23-BC61-FE646E660D4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04] (Google Inc.)
Task: {134A9308-C684-4AB7-9049-D09AEEE0E089} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {16F51E5B-5166-4DD5-80C1-514589396552} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {18556F70-AC94-4516-8EFE-21B0DF7915C8} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-04-12] (TODO: <Company name>)
Task: {22B3BE04-C1EC-4CD3-B0B4-BCC7BB1862E4} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2016-09-20] ()
Task: {327F57D2-AF87-4E4A-9F13-4F8354A2CFC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {4456AC47-2985-471E-B5E6-12D923C1401B} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe
Task: {45D0BC24-6B11-48EB-96A1-C219B5BE1550} - System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\STALKER - Shadow of Chernobyl\unins000.exe"
Task: {59112D37-EAA2-438F-9C5D-C1D293940409} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {6EBC8D17-3167-49B5-A41A-97B8B496AB96} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {88D5A2F8-A6A9-43F2-8F9D-6F822A23D68C} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2016-08-04] ()
Task: {896772EA-EC89-4203-B0B5-BE1F19D52D74} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {8D8D2824-03BB-4925-BF54-26C42A1D654A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {9F037993-9C53-472D-935E-B7695BD9D50D} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2016-09-18] (TODO: <Company name>)
Task: {AC9069E2-6BBE-4A5E-9024-89C0A02F6549} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {B14B6ADA-C9F8-4822-B5F2-F0D8B0DB1B3A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {E4A165D3-571B-49A3-96EF-9797FAD1A0D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04] (Google Inc.)
Task: {E9D3D7F6-D2F8-4337-B838-3B55CCAD9A40} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-22] ()
Task: {F6777E98-7893-409F-BFFD-3F558DA3647E} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2016-09-20] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-05-25 19:39 - 2017-01-22 15:20 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2017-05-28 16:32 - 2016-09-20 17:19 - 001269208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-05-28 16:31 - 2016-08-04 14:49 - 001454592 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2017-05-25 20:47 - 2017-08-18 06:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-25 19:39 - 2017-09-04 20:08 - 000035624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-05-25 19:39 - 2015-09-17 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2017-05-28 16:32 - 2016-09-20 18:19 - 000268248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2017-05-28 16:32 - 2016-07-27 17:51 - 000786416 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2017-05-28 16:32 - 2016-09-20 18:19 - 000886232 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2017-05-28 16:32 - 2016-07-27 17:51 - 000828376 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2017-05-28 16:32 - 2016-09-20 18:19 - 000848344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2017-05-28 16:32 - 2016-09-06 17:05 - 000684032 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccToolHelper.dll
2017-05-28 16:31 - 2015-09-17 10:58 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2017-05-28 16:31 - 2015-09-17 10:58 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-05-28 16:32 - 2016-09-20 17:19 - 004758488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2017-05-28 16:32 - 2016-07-27 17:51 - 000091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2017-05-28 16:31 - 2016-07-14 16:10 - 001139712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2017-05-28 16:31 - 2015-09-17 10:58 - 000838456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2017-05-28 16:32 - 2016-09-06 17:05 - 000061440 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.26\Exeio.dll
2017-05-28 16:32 - 2016-09-06 17:05 - 001752576 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.26\Vender.dll
2017-05-28 16:31 - 2016-08-05 15:25 - 000669656 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMLib.dll
2017-05-28 16:31 - 2016-07-14 16:14 - 005808460 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2017-05-28 16:31 - 2016-07-14 16:10 - 000621056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll
2017-05-28 16:31 - 2016-07-14 16:09 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2017-02-09 10:39 - 2017-02-09 10:39 - 000065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2017-03-28 17:51 - 2017-03-28 17:51 - 001753088 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2017-05-25 20:47 - 2017-08-18 06:36 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-05-25 20:47 - 2017-08-18 06:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 20:25 - 2016-09-14 20:25 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kostra:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3379645968-3260110219-3458388111-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kostra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^Kostra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ts3server.exe – zástupce.lnk => C:\Windows\pss\ts3server.exe – zástupce.lnk.Startup
MSCONFIG\startupreg: FMClickerPro_Updater_1 => C:\Users\Kostra\AppData\Roaming\FMClickerPro_v_1\FMClickerPro_Updater_1.exe
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{93848278-97EC-4890-BCB6-9CED051F6CB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FC72D371-2503-48F8-9971-AF108D00F9E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CEEEF368-602D-49DB-864C-79573AE550C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{ECA61D65-A082-495B-AEA6-D77382097687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C909710-27DD-4FE5-839A-848C12452F5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{ACEF09A0-FD5A-4011-A184-305219165F04}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{3A4F54B0-F03E-4F86-8D72-C9A868D2381D}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{E8A16A3A-227A-404A-BA71-2003688BFA33}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{4485174E-B253-4075-84C5-C3993A0C4DFB}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe
FirewallRules: [{52508E52-0A8F-47EF-8920-1B19F84C4D7A}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{0A238451-958D-4C9E-8309-C755A9E7D0AB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{3743ACBB-9533-4B95-91D7-366434D5D861}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{32FE035B-0E6E-4199-B295-4C95A58270A7}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{F8F49E44-917C-483B-80E7-C097679DDE62}C:\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\teamspeak3-server_win64\ts3server.exe
FirewallRules: [UDP Query User{AB87B98F-622D-4CB1-85E9-32AF01E3C0E0}C:\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\teamspeak3-server_win64\ts3server.exe
FirewallRules: [{DEC3793B-C59B-4279-A34B-E8F528B4AC6A}] => (Allow) LPort=10011
FirewallRules: [{F2107604-E1E7-49DC-A3DD-231127C2F434}] => (Allow) LPort=30033
FirewallRules: [{D8A69850-CC76-4CA3-97E6-C7882F398629}] => (Allow) LPort=9987
FirewallRules: [{9ED8501C-9BB6-4BD8-8408-0ECDFCD22B6B}] => (Allow) C:\teamspeak3-server_win64\ts3server.exe
FirewallRules: [TCP Query User{81D49F28-6612-4323-AD8A-7795720193A5}C:\skywar\server\apache\bin\apache.exe] => (Allow) C:\skywar\server\apache\bin\apache.exe
FirewallRules: [UDP Query User{D79CD31E-CEA0-4942-A5B3-2C8935C3BCE1}C:\skywar\server\apache\bin\apache.exe] => (Allow) C:\skywar\server\apache\bin\apache.exe
FirewallRules: [TCP Query User{D5DC784A-C830-4012-9BE1-2EC7C75665CC}C:\skywar\server\mysql\bin\mysqld.exe] => (Allow) C:\skywar\server\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{F171E9EC-0F2A-4485-A430-89D7F5961D66}C:\skywar\server\mysql\bin\mysqld.exe] => (Allow) C:\skywar\server\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{5F78B9C0-1AAE-493B-9817-5DEBBA93F2C7}C:\skywar\mangos-server\realmd.exe] => (Allow) C:\skywar\mangos-server\realmd.exe
FirewallRules: [UDP Query User{3B2E3F4F-BEFE-4FAF-AA53-9B5D3A718D9D}C:\skywar\mangos-server\realmd.exe] => (Allow) C:\skywar\mangos-server\realmd.exe
FirewallRules: [TCP Query User{074B868E-DE58-464B-A8D8-EFFF827556BD}C:\skywar\mangos-server\mangosd.exe] => (Allow) C:\skywar\mangos-server\mangosd.exe
FirewallRules: [UDP Query User{600F3BE8-3E51-4A45-B14B-F21C38CFB122}C:\skywar\mangos-server\mangosd.exe] => (Allow) C:\skywar\mangos-server\mangosd.exe
FirewallRules: [TCP Query User{344875CD-A97D-49BA-A53B-2D539C4FCE44}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{0EBE5208-F247-4B7B-9305-E7CE6E384BBB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F2708B32-428F-468F-97A2-6D5E005CE511}] => (Allow) C:\Users\Kostra\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C863297E-36D7-4E44-8357-8B884DDE6924}] => (Allow) C:\Users\Kostra\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CCCD7ECF-F6CD-454C-93AC-B752760D2FB9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DDE25CB-5E33-42A7-957C-A19F5C65B20F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3EC831B5-6B42-413D-BBBC-DAA7AABD6FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{88B72F56-0F98-43EB-8ADD-3139CD83A4D1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{481A7AF7-DFD5-466C-B91D-13DD0D94A2AF}C:\users\kostra\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kostra\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{16F87E2E-170D-4E4E-B74D-B983DA2A8A50}C:\users\kostra\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kostra\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{55BACC3D-DE0A-49D2-971F-531DF3540037}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B8B3FCD-4A5F-45FE-B11F-74F3F029A98C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{BCE31844-6B52-4FA6-B8CC-B11DFFF46B4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{61584085-DE40-4CE0-AE55-61B1111255BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{63752994-E10B-4E1B-89A2-4199F3BC04F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{59B5C96F-C9E1-42FA-89E0-756A8AD46779}C:\users\kostra\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kostra\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D91F38E6-331C-4DD4-BE2A-D859051DEFBA}C:\users\kostra\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kostra\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{93A40F30-3884-4691-B7EA-F223B5BF177D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{1296481B-8479-474E-A7C2-82F24B502246}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{6CC9BED4-A2B0-4A02-9289-7EC53640DE63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{0CEDC736-7DF2-4975-8FD8-35AEAB548562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{BBC0F7EC-607E-47B2-8649-A624A0CFB5E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{3B1B819A-7E89-4D30-80D0-482DBE0D2208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{85D1395B-548C-4E1F-A8E0-44C38F2C4610}D:\kuba\farcry 3\bin\farcry3.exe] => (Block) D:\kuba\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{034AED76-C6CA-4C15-A5DC-F928F8E00694}D:\kuba\farcry 3\bin\farcry3.exe] => (Block) D:\kuba\farcry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{23F2AA86-1910-4677-9410-1C7A0E84D7DA}C:\users\kostra\desktop\farcry 3\bin\farcry3.exe] => (Allow) C:\users\kostra\desktop\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{058422AB-B61A-46E2-BB4E-0674A5A4D569}C:\users\kostra\desktop\farcry 3\bin\farcry3.exe] => (Allow) C:\users\kostra\desktop\farcry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{6197CAC9-1578-4BD8-9B87-726206103BB5}C:\users\kostra\desktop\farcry 3\bin\farcry3.exe] => (Allow) C:\users\kostra\desktop\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{0A2B5E06-FBFA-469C-AB0D-249513842E2B}C:\users\kostra\desktop\farcry 3\bin\farcry3.exe] => (Allow) C:\users\kostra\desktop\farcry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{8476364A-C52F-4DC4-B70D-69D40BAAD036}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{37610428-2670-4C9B-AB36-12115EF4C624}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{67265927-9C5B-4658-8BCD-FE2639EC3900}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FA4D16B0-C33B-4B97-92D5-20952C145084}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DA8C23E5-53F6-4325-90E1-B0CBD51EA4BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{31719D37-55A7-4A40-8F1A-002A7D0A3597}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2563C987-6B47-4385-B338-78641CB9F32C}] => (Allow) C:\Program Files (x86)\Aliens vs. Predator\AvP.exe
FirewallRules: [{5C78EBDF-7C3F-4974-8B37-459A5076DA7A}] => (Allow) C:\Program Files (x86)\Aliens vs. Predator\AvP.exe
FirewallRules: [{8FEB3E90-359D-412E-B653-5917C973EE79}] => (Allow) C:\Program Files (x86)\Aliens vs. Predator\AvP_DX11.exe
FirewallRules: [{3E5A7292-4B0E-4572-90F2-37C1FFA14F0E}] => (Allow) C:\Program Files (x86)\Aliens vs. Predator\AvP_DX11.exe
FirewallRules: [TCP Query User{72122D7E-83FC-4464-B6E3-733E1FBDE2CA}C:\users\kostra\downloads\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) C:\users\kostra\downloads\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [UDP Query User{3A2349F9-1156-4CB7-A1C2-A2B051AB2D88}C:\users\kostra\downloads\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) C:\users\kostra\downloads\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [{887E2D82-26BE-4C08-B5F9-F6208D75AE78}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E5E71A21-63DF-439E-9EB2-A0FBA620D8DF}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{C9687D27-06FF-4713-98D9-6EED94FF3CE6}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{803B1AEB-9607-46A0-9765-70A516C07949}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{8008D409-7319-4D2B-B64D-2234698D64AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{9D97C58C-0495-4762-87DD-11FB641CB0A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{43F15C2D-DD1D-4628-A5EB-4E24E2D63A0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B350D015-1026-484D-901F-6F6A09442466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{E9C13BDD-A653-427D-BCAB-9F55A5976DC7}C:\users\kostra\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kostra\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{942B698F-1F6B-437A-8751-DF6652A80174}C:\users\kostra\appdata\local\crossout\launcher.exe] => (Allow) C:\users\kostra\appdata\local\crossout\launcher.exe
FirewallRules: [TCP Query User{22E1700D-79C6-4B74-B571-F0AD7BCC4FB5}C:\users\kostra\desktop\hry\farcry 3\bin\farcry3.exe] => (Block) C:\users\kostra\desktop\hry\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{DB5413C1-DF14-44F2-890A-97F72E944E9E}C:\users\kostra\desktop\hry\farcry 3\bin\farcry3.exe] => (Block) C:\users\kostra\desktop\hry\farcry 3\bin\farcry3.exe
FirewallRules: [{B2F84C0A-FFB1-4B38-B5D2-E5048814AC8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{65BD02BF-204B-4BDE-95E1-A7BBAFE78CA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E08F34D-D322-4E73-9056-49B6BDB934E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{4ECF1D44-3B40-4CF6-9178-B4C347B2C965}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{7C22882A-163B-40CF-A82E-B11A7F63014C}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{68BF382F-379C-4928-AE92-01E6866372D8}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{A233E54F-1770-46E2-954B-A706AF435880}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{9DF6DCAE-7B2B-457B-98EC-5168CE78E2A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{71FA3456-9DB7-4469-9F49-5261E27AEACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{6BE81E3E-CCBA-4E29-AEC4-E717169FABD0}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{DC64ABE1-4C48-4E8A-B238-DDB33E466349}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{C2348082-A9D4-4FED-8E8B-4EAFDBCCF3FE}C:\users\kostra\downloads\call of duty 4 multiplayer\iw3mp.exe] => (Allow) C:\users\kostra\downloads\call of duty 4 multiplayer\iw3mp.exe
FirewallRules: [UDP Query User{3E9E7646-6058-48AE-8FDD-AF2C0A73BE23}C:\users\kostra\downloads\call of duty 4 multiplayer\iw3mp.exe] => (Allow) C:\users\kostra\downloads\call of duty 4 multiplayer\iw3mp.exe
FirewallRules: [{E63A76DE-7948-4370-BD21-0C3204614A7B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7225A124-0C6B-4342-B599-C2C2BB2CBD43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EA053F-B43B-4CB6-B05D-B4AFDC292169}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{96A70F48-B93E-499C-8857-99918C359A84}C:\program files (x86)\the escapists 2\theescapists2.exe] => (Allow) C:\program files (x86)\the escapists 2\theescapists2.exe
FirewallRules: [UDP Query User{560430E8-9CEE-4F83-A938-E1074A085688}C:\program files (x86)\the escapists 2\theescapists2.exe] => (Allow) C:\program files (x86)\the escapists 2\theescapists2.exe

==================== Restore Points =========================

02-09-2017 13:17:03 Installed Call of Duty(R) 4 - Modern Warfare(TM)
02-09-2017 13:30:17 Installed Call of Duty(R) 4 - Modern Warfare(TM)
02-09-2017 13:41:04 Installed Call of Duty(R) 4 - Modern Warfare(TM)

==================== Faulty Device Manager Devices =============

Name: 690LC
Description: 690LC
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2017 04:40:46 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 90080108).

Error: (09/04/2017 03:57:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (09/03/2017 08:59:55 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (09/03/2017 02:10:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 90080108).

Error: (09/03/2017 01:42:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (09/02/2017 04:42:07 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program autorun.exe.

Program: autorun.exe
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C0000102
Typ disku: 0

Error: (09/02/2017 04:42:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: autorun.exe_unknown, verze: 0.0.0.0, časové razítko: 0x4d7e2400
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23796, časové razítko: 0x59028db3
Kód výjimky: 0xc0000006
Posun chyby: 0x000632f1
ID chybujícího procesu: 0x166c
Čas spuštění chybující aplikace: 0x01d323f75eb9bf7a
Cesta k chybující aplikaci: E:\.autorun\autorun.exe
Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID zprávy: e446daea-8fec-11e7-9606-2c4d5458da91

Error: (09/02/2017 01:40:38 PM) (Source: MsiInstaller) (EventID: 10023) (User: KUBA)
Description: Product: Call of Duty(R) 4 - Modern Warfare(TM) -- Chyba dat (cyklická redundantní kontrola).
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2017 01:28:42 PM) (Source: MsiInstaller) (EventID: 10023) (User: KUBA)
Description: Product: Call of Duty(R) 4 - Modern Warfare(TM) -- Chyba dat (cyklická redundantní kontrola).
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2017 11:25:57 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).


System errors:
=============
Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/04/2017 08:07:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/04/2017 05:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IOMap neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/04/2017 10:35:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IOMap neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/03/2017 06:26:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IOMap neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
Date: 2017-08-05 17:19:25.202
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:25.181
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:24.138
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:24.116
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:23.058
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:23.037
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:21.985
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:21.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:19.300
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-08-05 17:19:19.276
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 14%
Total physical RAM: 16327.2 MB
Available physical RAM: 14027 MB
Total Virtual: 32652.59 MB
Available Virtual: 30303.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:39.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: D5BF8D32)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Teď je archiv v pořádku. Otevřel jsem ho. Takže ještě jednou dodatečně. Otevřte poznámkový blok a zkopírujte do něj:

Start
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {45D0BC24-6B11-48EB-96A1-C219B5BE1550} - System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\STALKER - Shadow of Chernobyl\unins000.exe"

EmtyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[lada1379]

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Kostra (08-09-2017 15:16:56) Run:2
Running from C:\Users\Kostra\Desktop
Loaded Profiles: Kostra (Available Profiles: Kostra & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {45D0BC24-6B11-48EB-96A1-C219B5BE1550} - System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\STALKER - Shadow of Chernobyl\unins000.exe"

EmtyTemp:
End
*****************

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45D0BC24-6B11-48EB-96A1-C219B5BE1550} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45D0BC24-6B11-48EB-96A1-C219B5BE1550} => key removed successfully
C:\Windows\System32\Tasks\{E66C38F9-32A4-4999-BD8D-A930657CE1BB} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E66C38F9-32A4-4999-BD8D-A930657CE1BB} => key removed successfully
EmtyTemp: => Error: No automatic fix found for this entry.

==== End of Fixlog 15:16:59 ====