Zpomalený PC

[swukleecz]

Ahoj!, Včéra jsem celý den nechal zaplý PC a šel do školy, když jsem přišel zpátky, monior měl černou obrazovku jakoby byl vyplí ale byl zaplý, tak jsem ho vypnul zapnul, furt to nešlo, tak jsem si myslel že to je kvůli PC tak jsem ho taky vypnul a zapnul, furt nešel monitor tak jsem ho vypojil a zapojil a už to šlo, ale, když se zapnul, moje plocha měla jiné rolzišení, ale tak jsem si řekl, že to bylo lepší ale nevím jak se to stalo, ale potom mi zavolali kamarádi ať jdu něco hrát, a ta hra se zpouštěla 3x více dlouho než předtím, nevím co mám dělat.. (omluvte mojí češtinu vychází mi 4)

[Rudy]

Zdravím!
Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[swukleecz]

Tady to je

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by test (administrator) on TEST-PC (13-04-2018 15:32:56)
Running from C:\Users\test\Desktop
Loaded Profiles: test (Available Profiles: test)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(WinZip) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Twitch Interactive, Inc.) C:\Users\test\AppData\Roaming\Twitch\Bin\Twitch.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Twitch Interactive, Inc.) C:\Users\test\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Twitch Interactive, Inc.) C:\Users\test\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\test\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.139\deploy\LeagueClient.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.139\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.139\deploy\LeagueClientUxRender.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-12] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2015-11-09] (VIA)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks (1)] => "C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warships] => "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [WallpaperEngine] => "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warplanes] => "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Gaijin.Net Agent] => "C:\Users\test\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Discord] => C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2017-06-14]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-06-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-06-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-02-22]
ShortcutTarget: Twitch.lnk -> C:\Users\test\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{40F5143E-E1E8-494E-B925-72839C3F31C7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AE568813-CC7A-4B9D-B4B4-8D4030A09294}: [NameServer] 77.234.40.79

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {3BF1670B-0D8A-4E20-B24B-CFD61F757B1A} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {9F976E67-9D9C-4F2B-BB92-BE375CC328CA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {C0C85594-B862-4570-848F-E85A0AB6DD3A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-20] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: aiixix9q.default
FF ProfilePath: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default [2018-04-05]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-23] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\sp@avast.com.xpi [2017-09-09]
FF Extension: (Avast Online Security) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\wrc@avast.com.xpi [2017-09-09]
FF Extension: (Adblock Plus) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-23] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-17] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default [2018-04-13]
CHR Extension: (Adobe Acrobat) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-23]
CHR Extension: (AdBlock) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-12]
CHR Extension: (Avast Online Security) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-14]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-23]
CHR HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-12] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2018-03-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-15] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2015-11-09] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-15] (Microsoft Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-13] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-12] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-18] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-12] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-15] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-23] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (Visicom Media Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-23] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-06] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-10-23] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-06] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-06-13] (The OpenVPN Project)
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 cpuz138; \??\C:\Users\test\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-13 15:32 - 2018-04-13 15:35 - 000021907 _____ C:\Users\test\Desktop\FRST.txt
2018-04-13 15:31 - 2018-04-13 15:31 - 002403328 _____ (Farbar) C:\Users\test\Desktop\FRST64.exe
2018-04-12 16:08 - 2018-04-12 16:06 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-04-11 15:05 - 2018-04-11 15:05 - 000000000 ____D C:\Users\test\Desktop\síkrit
2018-04-11 07:00 - 2018-04-11 07:00 - 000000000 ____D C:\Users\test\Desktop\Nová složka (2)
2018-04-11 06:59 - 2018-04-11 06:59 - 001265288 _____ C:\Users\test\Downloads\Buk.pptx
2018-04-11 06:50 - 2018-04-11 06:50 - 000588800 _____ C:\Users\test\Downloads\Buk_lesni__Fagus_sylvatica_-vzor_przentace.ppt
2018-04-09 14:53 - 2018-04-09 14:53 - 000000689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome to the Game II.lnk
2018-04-09 14:53 - 2018-04-09 14:53 - 000000677 _____ C:\Users\Public\Desktop\Welcome to the Game II.lnk
2018-04-09 14:53 - 2018-04-09 14:53 - 000000000 ____D C:\Program Files\Welcome to the Game II
2018-04-09 14:26 - 2018-04-09 14:46 - 1643014445 _____ C:\Users\test\Downloads\Welcome.to.the.Game.II.rar
2018-04-09 14:24 - 2018-04-09 14:55 - 000000000 ____D C:\Users\test\AppData\LocalLow\Reflect Studios
2018-04-09 13:24 - 2018-04-09 14:22 - 653796278 _____ C:\Users\test\Downloads\Welcome.to.the.Game.v2.2.rar
2018-04-07 14:04 - 2018-04-07 14:04 - 000000000 __SHD C:\82ace7d6-0197-474d-bf4b-a2043e72329b
2018-04-05 05:20 - 2018-04-05 05:20 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-05 05:18 - 2018-04-05 05:18 - 000003428 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-04-05 05:18 - 2018-04-05 05:18 - 000003300 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-04-05 05:16 - 2018-04-05 05:16 - 000000000 ____D C:\Users\test\AppData\Local\AVAST Software
2018-04-05 05:16 - 2018-04-05 05:16 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-04-03 19:34 - 2018-04-03 19:34 - 000000000 ____D C:\Users\test\AppData\Roaming\twitch-electron
2018-04-01 18:07 - 2018-04-01 18:07 - 000001089 _____ C:\Users\test\Desktop\Cheat Engine.lnk
2018-04-01 18:07 - 2018-04-01 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.7
2018-04-01 18:07 - 2018-04-01 18:07 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-04-01 18:06 - 2018-04-01 18:06 - 012133120 _____ (Cheat Engine ) C:\Users\test\Downloads\CheatEngine67.exe
2018-04-01 12:43 - 2018-04-01 12:43 - 000000222 _____ C:\Users\test\Desktop\Orcs Must Die! 2.url
2018-03-30 12:43 - 2018-03-30 12:43 - 000049105 _____ C:\Users\test\Downloads\SteamAchievementManager-7.0.11.zip
2018-03-30 12:35 - 2018-03-30 22:37 - 000000000 ____D C:\Users\test\Desktop\SteamAchievementManager-master
2018-03-30 12:35 - 2018-03-30 12:35 - 000124278 _____ C:\Users\test\Downloads\SteamAchievementManager-master.zip
2018-03-28 21:04 - 2018-03-28 19:17 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2018-03-28 19:17 - 2018-03-28 19:17 - 000000222 _____ C:\Users\test\Desktop\Dead by Daylight.url
2018-03-18 18:48 - 2018-03-18 18:48 - 000000222 _____ C:\Users\test\Desktop\CPUCores Maximize Your FPS.url
2018-03-17 22:41 - 2018-03-17 22:41 - 027566497 _____ C:\Users\test\Downloads\Stereo Sayan 3D.mp4
2018-03-17 21:53 - 2018-03-19 14:36 - 000000000 ____D C:\Program Files (x86)\ManyCam
2018-03-16 17:54 - 2018-03-16 17:54 - 000000000 ____D C:\Users\test\AppData\Local\DampHolidays

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-13 15:32 - 2016-02-04 20:33 - 000000000 ____D C:\FRST
2018-04-13 15:25 - 2016-07-18 18:34 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-13 15:25 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-13 15:25 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-13 15:20 - 2015-11-20 15:32 - 000000000 ____D C:\Users\test\AppData\Roaming\Skype
2018-04-13 15:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2018-04-13 15:14 - 2017-03-18 13:54 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-13 15:11 - 2018-02-22 23:23 - 000000000 ____D C:\Users\test\AppData\Roaming\Twitch
2018-04-13 15:10 - 2016-07-17 13:53 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-13 15:05 - 2017-01-02 17:11 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-04-13 15:05 - 2015-11-19 17:50 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-04-13 15:05 - 2015-11-15 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-13 15:05 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-13 05:53 - 2018-03-12 18:27 - 000003162 _____ C:\Windows\System32\Tasks\{51E23819-6969-4A2E-9A8A-E90D654DAB5A}
2018-04-13 05:53 - 2018-02-01 15:01 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-test-PC-test
2018-04-13 05:53 - 2017-11-14 06:49 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca
2018-04-13 05:53 - 2017-11-14 06:49 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8
2018-04-13 05:53 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2016-08-20 13:12 - 000009010 _____ C:\Windows\System32\Tasks\Gerkmiwegh Cache
2018-04-13 05:53 - 2015-11-21 02:50 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-13 05:53 - 2015-11-15 00:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-04-13 05:52 - 2016-02-04 20:13 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-04-12 16:06 - 2017-11-18 18:14 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-12 16:05 - 2017-11-24 15:29 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-04-12 16:05 - 2016-07-18 18:34 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-12 16:03 - 2017-08-23 23:24 - 000000000 ____D C:\Users\test\AppData\Roaming\discord
2018-04-11 15:04 - 2017-04-13 16:37 - 000000000 ____D C:\Users\test\Desktop\other
2018-04-11 15:04 - 2016-11-11 16:12 - 000000000 ____D C:\Users\test\Desktop\Songs
2018-04-11 15:04 - 2016-11-03 15:09 - 000000000 ____D C:\Users\test\Desktop\photos
2018-04-11 07:01 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-04-11 07:01 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-04-11 07:01 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-11 07:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-11 06:27 - 2016-09-03 12:34 - 000004514 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-11 06:27 - 2015-11-21 02:50 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-11 06:27 - 2015-11-21 02:50 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-11 06:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-11 06:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 05:23 - 2016-02-04 20:11 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-04 21:13 - 2018-03-02 14:28 - 000001350 _____ C:\Users\test\Desktop\Roblox Player.lnk
2018-04-04 21:13 - 2018-03-02 14:27 - 000001169 _____ C:\Users\test\Desktop\Roblox Studio.lnk
2018-04-04 21:13 - 2017-10-16 20:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-04-02 15:18 - 2017-01-08 18:22 - 000000000 ____D C:\Users\test\AppData\Roaming\.minecraft
2018-04-02 14:18 - 2018-02-15 16:00 - 000000000 ____D C:\Users\test\Desktop\Not Played Games
2018-04-02 14:17 - 2015-11-20 15:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-04-01 12:43 - 2016-10-01 19:45 - 000000000 ____D C:\Games
2018-04-01 12:43 - 2016-06-15 21:24 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-04-01 12:42 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-31 11:35 - 2017-08-17 19:51 - 000000000 ____D C:\Users\test\AppData\Roaming\audacity
2018-03-30 22:37 - 2018-02-15 16:02 - 000000000 ____D C:\Users\test\Desktop\Played gems
2018-03-30 00:42 - 2015-11-22 00:29 - 000000000 ____D C:\Users\test\Documents\My Games
2018-03-22 07:45 - 2017-10-23 15:43 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 17:18 - 2017-02-08 22:19 - 000000000 ____D C:\Users\test\AppData\Roaming\CPUCores
2018-03-18 14:24 - 2018-03-11 14:15 - 000000000 ____D C:\Users\test\Desktop\Godx

==================== Files in the root of some directories =======

2016-11-01 20:50 - 2016-11-01 20:50 - 000066309 _____ () C:\Users\test\AppData\Roaming\icarus-dxdiag.xml
2015-12-13 17:50 - 2015-12-13 17:50 - 000000097 _____ () C:\Users\test\AppData\Roaming\LauncherSettings_live.cfg
2015-12-13 17:45 - 2015-12-13 17:45 - 000010496 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_live.bin
2015-12-13 17:42 - 2015-12-13 17:42 - 000000039 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-12-19 16:53 - 2016-08-06 20:24 - 000000910 _____ () C:\Users\test\AppData\Local\_settings.ini

Some files in TEMP:
====================
2017-11-12 20:22 - 2017-11-12 20:22 - 000000180 _____ () C:\Users\test\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-11-12 20:23 - 2017-11-12 20:23 - 000000088 _____ () C:\Users\test\AppData\Local\Temp\97b6e2451007564f1d01266c76bcdeef.dll
2018-02-22 23:38 - 2018-02-22 23:38 - 000019968 ____N (Red Hat®, Inc.) C:\Users\test\AppData\Local\Temp\jansi-64-6595523131939039027.dll
2018-04-12 16:12 - 2018-04-12 16:12 - 058834376 _____ (Skype Technologies S.A.) C:\Users\test\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-10 17:48

==================== End of FRST.txt ============================

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[swukleecz]

tady:
# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-11.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-13-2018
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\test\Start Menu\Programs\SpyHunter

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\SOFTWARE\84E67DF88F350A46716456AC1397575A
Deleted HKCU\SOFTWARE\84E67DF88F350A46716456AC1397575A
Deleted HKU\.DEFAULT\SOFTWARE\84E67DF88F350A46716456AC1397575A
Deleted HKLM\Software\Wow6432Node\84E67DF88F350A46716456AC1397575A
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nový log FRST.

[swukleecz]

Tu:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by test (13-04-2018 16:53:52)
Running from C:\Users\test\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-11-14 22:59:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1906927588-4285542165-1585533686-500 - Administrator - Disabled)
Guest (S-1-5-21-1906927588-4285542165-1585533686-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1906927588-4285542165-1585533686-1002 - Limited - Enabled)
test (S-1-5-21-1906927588-4285542165-1585533686-1000 - Administrator - Enabled) => C:\Users\test

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AIO Ultimate Patch v8.2.0 (HKLM-x32\...\AIO Ultimate Patch_is1) (Version: 8.2.0 - Zexdestroyer)
Aktualizace NVIDIA 24.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 24.0.0.0 - NVIDIA Corporation)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock OC DNA v1.12 (HKLM-x32\...\ASRock OC DNA_is1) (Version: - )
ASRock OC Tuner v2.4.70 (HKLM-x32\...\ASRock OC Tuner_is1) (Version: - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Counter-Strike 1.6 (HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Counter-Strike 1.6) (Version: - )
CPUID CPU-Z OC Formula 1.74 (HKLM\...\CPUID CPU-Z OC Formula_is1) (Version: 1.74 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{CA3B6D8B-2437-4C7C-84A3-97AF21EDBE20}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Game Long Name (HKLM\...\UDK-c66cc16b-979b-444a-8a9c-c6712143e3e9) (Version: - Epic Games, Inc.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 358.91 - NVIDIA Corporation) Hidden
Passpartout The Starving Artist version 1.0 (HKLM-x32\...\Passpartout The Starving Artist_is1) (Version: 1.0 - Flamebait Games)
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Roblox Player for test (HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims 4 (HKLM-x32\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Twitch (HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Welcome to the Game II (HKLM\...\d2VsY29tZXRvdGhlZ2FtZWlp_is1) (Version: 1 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-02-09] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12C4500E-EBCB-4C7D-8B6A-BA4F10E5AF3F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {15E19FF5-CFA2-43A7-BC9F-2C888EC234D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-12] (AVAST Software)
Task: {1F55D9E5-9B6A-486E-B6A5-F36377AFD9B0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1906927588-4285542165-1585533686-1000
Task: {238971E7-3658-4FCE-AA0A-52058014C1AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {29C35668-F1D4-4110-B746-0E1398157208} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {314912C8-7E04-4FDD-8FDD-B0587056E929} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {322EBE09-E94B-415C-943D-615A3E712500} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {3E5FBBC2-78FD-4AD9-A1B1-4E435C312657} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-09] (WinZip)
Task: {43789D00-80F2-4355-93FC-F13F71C4A549} - System32\Tasks\AdobeAAMUpdater-1.0-test-PC-test => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {4DA8EBD6-6567-4B66-9624-DBE97CE81550} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4DA8EBD6-6567-4B66-9624-DBE97CE81550} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {51C84AA4-5F81-4384-88D4-8F14EF1CB855} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {5428E6D2-BFFA-4F18-861E-0DF7C0EE3716} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {5BE69EF3-40F6-4303-9FF8-CEB85BBC0176} - System32\Tasks\AdobeGCInvoker-1.0-test-PC-test => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {62843A16-5EDD-4324-81E8-224B604F0036} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {6A843C68-B7EF-468F-9EC1-716DF62456BD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-09] (WinZip Computing, S.L.)
Task: {702AB7DB-00D1-4F6A-A9A5-9818AE6B3813} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {91ABCE37-CF3B-45D8-B60A-63DA715F2258} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {91ABCE37-CF3B-45D8-B60A-63DA715F2258} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {949254DD-8FFC-4E0A-990B-7DAD74160D11} - System32\Tasks\{51E23819-6969-4A2E-9A8A-E90D654DAB5A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://www.skype.com/go/downloading?source=lig ... tError=404
Task: {9C56D35C-1C54-4B6F-9C81-4AC280359CA7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
Task: {B0D8A2F8-77D7-483B-B5C8-79920F089B72} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {BF84F619-5ABB-4DA7-969A-D42A9ADD98C5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {BF84F619-5ABB-4DA7-969A-D42A9ADD98C5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {E6484B88-E52A-41EB-88EA-5FFA7DF037DB} - System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {E93DD05A-7B74-4FE3-AF3A-EB3B0841E4EC} - System32\Tasks\Gerkmiwegh Cache => C:\Program Files (x86)\Bvafivagh\grkCachePhg.exe
Task: {F069AC64-6C31-4604-A410-CFFFB3F7D2AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {F12E0DE4-05B7-4B73-AD7C-F07538E9A4B7} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
Task: {FB5EC147-0DE4-4457-86C3-FBB35E93AF0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {FB5EC147-0DE4-4457-86C3-FBB35E93AF0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {FB5EC147-0DE4-4457-86C3-FBB35E93AF0E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\test\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://haxtaxy.ru/?utm_source=startlink03&utm_content=c9929528e6af3413fb1863d8e75afaa4&utm_term=6459F5F86A23F50FD4964C16789E6D8E&utm_d=20160820"

==================== Loaded Modules (Whitelisted) ==============

2015-11-15 01:04 - 2015-11-09 21:43 - 000078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2015-11-15 01:04 - 2015-11-09 21:43 - 000386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-11-15 01:04 - 2015-11-09 21:43 - 000621168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2017-10-15 13:09 - 2017-10-15 20:32 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-10-23 17:11 - 2017-10-23 18:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000920280 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000348888 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-03-22 07:45 - 2018-03-20 08:00 - 002683224 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libglesv2.dll
2018-03-22 07:45 - 2018-03-20 08:00 - 000127832 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\swiftshader\libegl.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-04-13 15:17 - 2018-04-13 15:17 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18041302\algo.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-04-12 16:06 - 2018-04-12 16:06 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2016-07-17 13:58 - 2018-01-11 04:05 - 000784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-17 13:58 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-17 13:58 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-17 13:58 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-17 13:58 - 2018-04-03 01:34 - 002631968 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-14 18:00 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 18:00 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 18:00 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 18:00 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 18:00 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2016-07-17 13:58 - 2018-04-03 01:34 - 000977184 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-01-09 12:46 - 2018-01-08 18:52 - 001891832 _____ () C:\Users\test\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-09 12:49 - 2018-02-12 04:33 - 001780216 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2017-09-26 22:22 - 2017-09-26 22:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-03-13 20:52 - 2018-03-13 20:52 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-12 16:05 - 2018-04-12 16:05 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-01-09 12:49 - 2018-01-09 12:49 - 002662904 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-09 12:49 - 2018-03-21 06:46 - 009623896 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-09 12:49 - 2018-02-01 14:59 - 001508344 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-09 12:49 - 2018-01-09 12:49 - 000513016 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-09 12:49 - 2018-03-14 15:24 - 001517560 _____ () \\?\C:\Users\test\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2017-06-09 12:57 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-13 06:56 - 2017-12-13 23:16 - 071471392 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [219]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-06-13 18:53 - 000000841 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\test\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0E6AD7D0-EDBC-4A76-A991-3B0E016EC448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C9B5E9BE-A0F2-4AB9-8A73-1C0908A88DA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF7229D0-4EB6-406C-82A0-49D40D2436DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B7B143E2-A1D9-4D5F-AAC6-FA6C32843994}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD91C39F-9D42-45EC-B9A0-563B94A5BCB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B545220-D025-4A34-8320-2C5B60D069FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{98A83A41-EE13-4F86-A708-5CE3BBE92B12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0283AE8F-6DC2-47C5-9ACD-42827C092244}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{408E90C7-1CDA-4D9E-A277-2D9BB762CB6D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AA889EF1-07C6-4EC0-9F46-93F448C6597B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{13CFB8ED-CF84-4AD3-A86E-08776BCB4FC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{F0C0CEA0-985E-46D9-82CF-44B7DAC10821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{931B76C7-A7A2-4A2F-877D-E2C22FAD915D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E7A4641F-0767-4092-8CAA-C87E461F7C21}] => (Allow) LPort=80
FirewallRules: [{933824CE-C590-42C8-B0BC-77B66C0C7E59}] => (Allow) LPort=443
FirewallRules: [{183FCB46-E0CB-4678-A256-8F9AA2F002A3}] => (Allow) LPort=20010
FirewallRules: [{C7F429B4-E931-4786-B05C-86A7E50E7240}] => (Allow) LPort=3478
FirewallRules: [{9DD75338-548B-4BD3-88EE-B71F9A8DE017}] => (Allow) LPort=7850
FirewallRules: [{78553959-7542-4398-B15C-DA1A676178C2}] => (Allow) LPort=7852
FirewallRules: [{6B464B8C-FA04-4DE5-96E1-20FAF534DABE}] => (Allow) LPort=7853
FirewallRules: [{F847119A-1845-4351-836A-44E5EAFE3A03}] => (Allow) LPort=27022
FirewallRules: [{7B3CFA27-E645-4D3E-9A98-311A273068C6}] => (Allow) LPort=6881
FirewallRules: [{A052E274-7212-4D22-9B65-2C260B914E9A}] => (Allow) LPort=33333
FirewallRules: [{3D1A2733-9630-4A32-9EA4-D0050D5B466C}] => (Allow) LPort=20443
FirewallRules: [{0214E2C0-1ADF-4E24-A307-D7795DC3ADDF}] => (Allow) LPort=8090
FirewallRules: [{8A62B8FE-6502-4BAA-9FA5-1BCC15FC001D}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe
FirewallRules: [{7522A6A4-3D64-419E-947F-049D690DC8AD}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe
FirewallRules: [{2A2F1D8C-67ED-4611-939E-4D751262C1A7}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe
FirewallRules: [{66E59FDB-4743-4FB5-A628-634B7F9FD34B}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe
FirewallRules: [{199FA038-EAE5-48A0-B513-2E22E29EF789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{C71ED3BD-8B2F-4729-8711-A7E64244169C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{AC618B69-204E-4E4D-B784-25CF84C36FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{E1A715A2-D1AA-40C9-A7D0-6589B83FD1BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{CB697421-7470-47F6-B13B-741477FD47E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{5A5AEFF9-1495-467A-94E9-07D496E6C938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{ED157A95-E066-4A16-BDFF-879CC9786809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reus\Reus.exe
FirewallRules: [{8F782635-AB83-405D-8E2B-EF2533D2E345}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reus\Reus.exe
FirewallRules: [TCP Query User{33808FD3-2D40-4C64-99AC-ED8C1F2E18F3}C:\users\test\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\test\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{AB1ADC4D-FA26-4D17-978C-C55EB6A976AC}C:\users\test\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\test\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{BABF82D2-8A8D-4D4F-84C7-577A77A936DD}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{0A0FC683-08DB-46F1-9EB5-7E000EC3CB06}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{DC4EB25F-CE22-4239-8213-DCB52AD5F657}] => (Allow) C:\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{D7DF51B4-8932-4404-BDEA-FCA88559EBC4}] => (Allow) C:\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{44104974-E2C7-466C-A171-5943F76B4E42}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3B1EF7AE-D321-4FF8-8EB5-1166B3955175}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1E132540-C7D8-42E4-901E-786C76E81F31}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{3CD00620-A5A5-4A50-8E96-0BB80679043F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{69948A0B-9A84-41BB-B19C-D8712EA3D63C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1C6583ED-A738-4B9A-8D42-C5903C69C10D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0E180605-EFA2-453E-9322-D36861D6D6C7}] => (Block) C:\warthunder\aces.exe
FirewallRules: [{A2F6E597-0247-4D0B-96EB-4E96F69295C5}] => (Block) C:\warthunder\aces.exe
FirewallRules: [{1CEF16DD-CC04-49A4-906B-EED68A5CD09E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6A6175F-F58C-4B90-8CE6-176185604B07}] => (Allow) LPort=2869
FirewallRules: [{A46BCE63-CD15-4A41-A83F-0F8BE929A118}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{1196EF31-D066-470F-BC43-C2258D8000EF}C:\users\test\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\test\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FE6FF8E0-7384-4EE3-ABF8-F80D3642F90D}C:\users\test\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\test\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{9D95FAC6-0ED6-4211-8105-55AA2385DDA8}C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [UDP Query User{1B5AB156-73EC-4982-85D7-D20D07F2D96B}C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [TCP Query User{EA9DF7EF-D71C-4296-A593-BE16D71D0AD6}C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{7753E8CC-82B6-4B6A-A699-896171F0ADBC}C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.875\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{E9E6E397-A85F-460E-AC93-9D68C30741DB}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{525532BE-CF30-4E6C-9196-74B37AE45763}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{0F5D4570-5CD6-4A96-8AD7-4B760033F93D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4BAD9F7B-2B7D-48D4-BC0C-1E5D4659700D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{210D4729-A425-4B77-92D2-0914E880FE31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{55C5E529-144C-41D2-95D5-FC3CCC102781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{EDF0C294-264A-49D5-90AC-1BAF119A51AA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{8EEF7B44-69C5-4E8B-85F8-01F0B595690B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{92007C46-0ED6-4ED8-97DB-605F5FB8238E}C:\program files (x86)\steam\steamapps\common\dino d-day\dinodday.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dino d-day\dinodday.exe
FirewallRules: [UDP Query User{2CA40B3E-E314-4C18-AAA9-188DAD5B355C}C:\program files (x86)\steam\steamapps\common\dino d-day\dinodday.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dino d-day\dinodday.exe
FirewallRules: [{83ED9335-6A3E-4EEB-95A0-60E8D105B63E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BBC7E534-069C-4F24-9104-038AC031D1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1EAEF6B9-1E08-48C3-8219-8DF68182A31F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{04D43BB3-0A81-4D3A-9C61-21468BF8E4F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{F9650580-05BC-4FDB-B5E6-2A9A215401B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{309B0CA6-B29A-4997-B54D-CD116BDD62B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worm.is The Game\Wormis.exe
FirewallRules: [TCP Query User{44F2F862-FCAF-491E-9463-2D88003A6780}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{3A74B7F1-2FDD-4E27-A57D-B7F60DC02340}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{BD17EE0B-D999-4511-8824-C626C3940F8D}C:\program files (x86)\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [UDP Query User{E9F2C230-611B-4B62-A38A-F6028A11D7D3}C:\program files (x86)\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [{8058F56C-4F47-46D1-9434-AD3B080B5DD8}] => (Allow) C:\Users\test\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{FDA4DC05-E3EA-4E0B-96A0-6C6267940F35}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{70FB37F1-E1FC-44B5-BB4B-43F46478C9E3}] => (Allow) C:\ProgramData\Junetoe\Junetoe.exe
FirewallRules: [TCP Query User{3F4AC3C5-B250-465B-A34D-8B43B6B60E45}C:\users\test\counter-strike 1.6\hl.exe] => (Allow) C:\users\test\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{E2BA28C1-C0A8-461C-93C6-215B65C8849A}C:\users\test\counter-strike 1.6\hl.exe] => (Allow) C:\users\test\counter-strike 1.6\hl.exe
FirewallRules: [{986E9482-92D3-4C52-AFF8-DCADAD134773}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{DA0B3E02-738D-47E1-9C1E-DF87B792B125}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{9D8DD9A7-A430-48EB-A69D-404D217D994F}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [{B24A0AED-9946-4DA5-87FC-9ECE82568984}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [TCP Query User{9492F7D9-F02F-4ADE-A7EA-334EC80DC826}C:\program files (x86)\bangboat\application\chrome.exe] => (Block) C:\program files (x86)\bangboat\application\chrome.exe
FirewallRules: [UDP Query User{B2294BAF-E530-4E81-9B59-C45A3EB0F17B}C:\program files (x86)\bangboat\application\chrome.exe] => (Block) C:\program files (x86)\bangboat\application\chrome.exe
FirewallRules: [TCP Query User{BE5023FC-0D42-4B3F-BE60-522C9194D0BE}C:\users\test\appdata\local\temp\rar$exa0.077\calm.down.stalin.v1.0.3\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.077\calm.down.stalin.v1.0.3\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [UDP Query User{36D417A9-103D-4518-A97F-2B89DA171A57}C:\users\test\appdata\local\temp\rar$exa0.077\calm.down.stalin.v1.0.3\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.077\calm.down.stalin.v1.0.3\engine\binaries\win64\ue4game-win64-shipping.exe
FirewallRules: [{4127386A-2E7E-4CF7-9D21-863A19D4518B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{819EAC4A-A522-4B37-9A97-DF250C6D162B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{2340A0C9-E88F-46A9-B826-F98FFF923E28}] => (Allow) C:\Users\test\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{54193372-6A78-4A61-B410-AE13E460A3C8}] => (Allow) C:\Users\test\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{A6F5A9D5-F65F-4B68-9CB3-AED80322B5D0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{FAFC884C-1AA3-445F-A251-12C7FD6E4CB6}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{EE9EFA04-7915-4C53-BA0C-7F6D08152195}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{B779BEDC-31B2-4A6F-A444-1C50F114AD7A}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{484521CC-8BD3-4BB5-AEBC-40460C0E6C4B}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{019C0CE5-9F9A-48D1-92EF-62D7C1701F03}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{BB3AD760-C507-49A1-B3C3-379BDA82F3BA}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{6AC05D2C-6E9B-4454-9060-532081F60F88}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{4F324C39-D9A4-4196-8771-1A52036C0141}] => (Allow) C:\Users\test\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{685B9439-5CBA-4334-9506-22715F6F00FD}] => (Allow) C:\Users\test\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{5F696A45-A003-42EB-BE54-3BFF4A188A57}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{AC32C19A-AA9F-4094-81C2-809741BD0D6A}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{86D27381-5DB4-4377-8140-D95805A04D92}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{E0B81AA3-D787-4F37-BBE6-405A1A17D1C1}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{29C5D60F-D80F-42BA-95A7-1F4594907A48}] => (Allow) C:\Program Files (x86)\Hotson\Application\chrome.exe
FirewallRules: [{E3A70F68-AA50-4ACC-B9B7-14FFE018E66A}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{02E7F1EB-EE82-47AC-B08C-EE304107613D}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{ACB342F9-BF00-4A2A-BE95-E5E53EFB3586}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0697C14-1DB5-43D0-9184-1DC0C765E393}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D266EFED-0C6D-4F21-B059-4C76145B9188}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{893D001C-69F9-4172-AE90-BBA72D53C4FD}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{AA3034F2-ABB7-411B-9326-6FB41EC41379}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{A22C99A4-EF1D-4F29-8766-4EF16EE58560}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [TCP Query User{EF57E874-8ED0-46EE-B377-5716839477D4}C:\users\test\appdata\local\temp\rar$exa0.928\astroneer.pre-alpha.v0.2.90.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.928\astroneer.pre-alpha.v0.2.90.0\astro\binaries\win64\astro-win64-shipping.exe
FirewallRules: [UDP Query User{1BE457E4-C422-4B4B-BE9F-C643CC7EEDEC}C:\users\test\appdata\local\temp\rar$exa0.928\astroneer.pre-alpha.v0.2.90.0\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\users\test\appdata\local\temp\rar$exa0.928\astroneer.pre-alpha.v0.2.90.0\astro\binaries\win64\astro-win64-shipping.exe
FirewallRules: [TCP Query User{B49C353B-2FCD-4F07-811F-21C3E73FB892}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{139CE9A0-DA93-47FF-A35C-562A774A311F}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [TCP Query User{31118C0C-DB20-489D-97A7-6A6FE6C42FBA}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{A7EB4C73-14AB-4A94-BF0F-902DCF893D22}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{56F1DB8C-18F6-49E8-BD40-5D4929EEB5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [{3001F469-6F77-4479-9520-D03C0598581E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{788BB940-0898-42DD-A028-1FE1DF761722}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{B47B8332-0443-4EAE-B57C-434FB02B50D3}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{787CD32A-1DFC-4E2A-9429-B7485BA88A0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FD476BCB-C114-4A11-BCE8-23DAC376F4EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{2D2738F1-82F8-4769-B6DA-38872C5F5B84}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{D288579B-F7AF-4E70-9BC6-37BAA90F676B}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{65D77DD3-52E5-47F0-AC3D-68C2142DBABC}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{FED4F3AC-BF1A-4F54-B11C-E5314009A47D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{3E7DAB11-AA5A-4098-A7C5-67649A171FDB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{A17B120F-AAC8-471D-A953-154C469D88F5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{EF82E4CE-A0AF-4F52-A432-B8FE2A090932}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{31E069E8-5E92-4050-BF96-97D9C77F3A56}C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [{83956A1D-D3EC-4824-BC93-C2BE41992919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{26994B77-5B0D-4611-882F-DDCB6CAA078D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{84DAA171-E390-48E8-9A47-B1D5D0A14AE0}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{CA6D2542-C43C-460C-8072-EE301AF81238}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{326AA0EB-0E05-4C8B-891D-16C088D687FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{34E1A068-F4E6-4E46-9EE2-9D4D2D6C7C10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [TCP Query User{9EE30590-B31B-4436-A954-7086D80F8CE7}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{37A95CE0-E3F2-49EE-85B1-AE99F446D586}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [{FBD85846-0E34-4BB0-A7C3-243745D695E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{EA6B55D3-E3EC-435F-8ACB-28902B09508B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2E8E3AE0-5B12-415C-9B41-D375B11BB490}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{D612E0BC-AB51-4B34-AE5B-C7D96AF759FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [TCP Query User{B094E4BF-0924-4789-9EF9-6F3329BFACD6}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [UDP Query User{82826D3E-7867-4594-B578-0221BE424ABC}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{F1B1931B-07F1-449E-90F7-C2F5ACE5597E}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{053F55C0-ED34-4B9C-8248-9DFCB7A9B961}C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{6847E965-A691-4C4C-88A1-C9DE5FDC8F71}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{1D0FE6B2-33FC-4F5A-847C-918C7942097A}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{64965E23-C9C9-4750-97E8-1ACB8D2423DE}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{B1E42C03-E6B4-42A2-B67A-6445CC689833}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [TCP Query User{8C7F7774-7F73-43C2-8066-3679EAF4B512}C:\users\test\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\test\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{FD83EA29-B04F-493E-884A-EB60824C2B38}C:\users\test\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\test\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A1FB87F2-7F0F-4B8B-8F11-B0FCC12B9856}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{C6459090-2394-4BF0-B2E0-79092310BF56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{18994303-C4DB-40A9-96F0-68AEF76C33B5}C:\users\test\appdata\local\crossout\launcher.exe] => (Allow) C:\users\test\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{15772FB2-6099-41F7-AA68-62FC6705E533}C:\users\test\appdata\local\crossout\launcher.exe] => (Allow) C:\users\test\appdata\local\crossout\launcher.exe
FirewallRules: [TCP Query User{36B13A75-4643-447F-8D70-6F8C482D21B3}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm.exe
FirewallRules: [UDP Query User{6BF2D3AC-9642-4AEC-A3F5-2E6F752017C7}C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base55288\heroesofthestorm.exe
FirewallRules: [{5FF08671-6935-4B8F-8E54-8E8B5D8C7D95}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{51A43EE0-AA61-4374-A8AA-A57CFCBAF7AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{2828D17E-8589-4848-BCA9-4666DA7CB9C2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{7E220256-DE73-4613-8C0D-58BB2296E4E9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{1EBD93DE-4375-41C4-BD8A-4CBB618AFDB2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{01FC7C95-F4BD-40A0-AC2B-F7AEE9DCC1E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0DBF2F69-73DA-48F9-AA9B-6A70B43FF509}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{74DC2BAB-1156-4CE5-8FDA-954D9A36EABD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{74A6684A-F4BE-499E-895D-0FCB72CD33D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84C43551-8E73-4223-B9F4-CE0C9B7540F0}C:\users\test\appdata\local\programs\lol-skins-viewer\lolskinsviewer.exe] => (Allow) C:\users\test\appdata\local\programs\lol-skins-viewer\lolskinsviewer.exe
FirewallRules: [UDP Query User{C57433FA-D482-48B6-8078-B85788AD0B14}C:\users\test\appdata\local\programs\lol-skins-viewer\lolskinsviewer.exe] => (Allow) C:\users\test\appdata\local\programs\lol-skins-viewer\lolskinsviewer.exe
FirewallRules: [TCP Query User{FAB6F6AA-3939-45E6-8F3D-612CAB58F6F5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{66653A5C-920E-4C5E-B70D-BA6C1F848371}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{39DFF77B-F074-4FD9-A3ED-5B8F8E785746}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{769117C0-D77A-432F-BBBE-E8C272EF4CB8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{562518CA-9FD8-43B7-A67D-120AE8C2EACB}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{CB4BE7C1-4A58-4B2E-B22C-F56298CBA1A9}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{A9723C41-421B-46CE-A952-836C3F577363}] => (Allow) C:\Users\test\Downloads\bin\BlackDesert32.exe
FirewallRules: [{AA7CD6A2-075A-4312-9835-FFEE00F323E0}] => (Allow) C:\Users\test\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{D0A94F9D-83C9-46B7-9A27-D0CBA2E15D59}] => (Allow) C:\Users\test\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{8BAE92BA-6065-43DC-8A06-ECF2B1444F20}] => (Allow) C:\Users\test\Downloads\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{456EE831-FC4C-4974-B68C-63C8D4A31EE4}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{51AD69FD-2574-49E8-BB2C-2D864C65FD7B}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{F4C9587F-AD83-40CE-9AEB-E236944DF5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{CEA9D0B0-6243-45D3-B1B7-D08DA40A5FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{8587763D-52AF-493C-95BA-9BDA9F60DADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8883E4A1-747B-4C33-9B76-B700E24E1890}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{1A426446-EAED-4E56-8076-A3BC873C726E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [{A8002424-4AE5-48E6-A12F-1EE5E72A5B3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [TCP Query User{B6CF6677-A227-4E5E-889A-97FD6A1A7EFA}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{78086225-DC50-417F-9D0C-AB361D8104CC}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{02A838BF-BDBE-45A5-B86D-75C4B17485C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{D530B94D-AB28-461A-B386-A4B92406CAA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{9F9295A7-EC4B-4CC4-9B1C-7F00648EB56E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{2DF2CCE0-2D15-4B4D-812B-8396DE85FA0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe
FirewallRules: [{C8878BC9-C551-48C4-A215-2385C08861E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{FCA03601-0B81-4EEC-BE5F-F400BCD0C540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{9B67D049-7947-464D-B9AC-B1EC012BC559}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{9CDE7CCF-B5BB-4E64-AE25-B5B72C3B317A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{54381FCF-AE30-4FEC-8DDF-84CF06457D62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interplanetary\Interplanetary.exe
FirewallRules: [{1FABED12-BFC9-4E7C-B902-5A7DFF29F07A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interplanetary\Interplanetary.exe
FirewallRules: [{80E1ECA6-41FB-4B5D-9092-9F80F77F8E7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interplanetary Enhanced Edition\Interplanetary.exe
FirewallRules: [{62BD15DD-FCAE-40B6-8194-9455EEEAD1F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Interplanetary Enhanced Edition\Interplanetary.exe
FirewallRules: [{B0967D89-EE2A-45EF-98AF-1A6A1622BAC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3F90C9EF-85EF-4506-8BA3-32E0BF97430C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B9267224-841A-48E4-81CD-7A10C1FCBF70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{9BF7706F-1969-4F86-B14F-FFFE3CC15D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{281407B0-924B-4A8D-9E03-16203EB95FC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{10BFD4B3-C048-4BEB-8A87-221639BDA1F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{290DF5F4-3CA5-4BB1-AF03-D779E68C2BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{54B0E7D8-371F-471C-9742-79F35091A7D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [TCP Query User{65AF9EC2-ACC0-40EC-9F59-23F060AFD59B}C:\users\test\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\test\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{763DA341-C835-430A-8E59-81970E8A9578}C:\users\test\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\test\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{C370EF62-4CA1-420C-AF7F-A289D50E038E}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.138\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{62635294-2D4C-43FE-BBFE-E050B180877D}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.138\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.138\deploy\leagueclient.exe
FirewallRules: [TCP Query User{22C82850-AD36-4B2B-B5DC-18E321B3E33E}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.142\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.142\deploy\leagueclient.exe
FirewallRules: [UDP Query User{FD18CFB5-92FE-466B-9F00-11024E8E1C83}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.142\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.142\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8B7B5780-97C6-46E1-800A-07AEAB5AF33F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DC46C25A-DCB1-460E-9684-38C5E0983155}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.129\deploy\leagueclient.exe
FirewallRules: [TCP Query User{8B7F6FA6-8D91-4F6A-BCCD-9DA7F927CB98}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.147\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.147\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A45F601A-6A86-4AEA-BC9E-A8A0A2FA5824}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.147\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.147\deploy\leagueclient.exe
FirewallRules: [TCP Query User{D903A481-4FDD-4139-AC7F-BBFF3D5F6D90}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.148\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.148\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0A59FA91-79E1-4A66-A0C3-A633B412B1F0}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.148\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.148\deploy\leagueclient.exe
FirewallRules: [TCP Query User{FE311E0A-B8A3-41AD-8DB2-8943C0AB695C}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.149\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.149\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BFFA6D57-0CD4-4F46-8F1C-07D1D94E5C74}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.149\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.149\deploy\leagueclient.exe
FirewallRules: [{A1024325-EB58-4F6A-B5E9-5E0233DBD8DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{6762C5E3-CFAE-46FD-9C1A-3C57759C18AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{4DC91395-F0BF-4DFE-A93A-DB4CF5A5158C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{C8CC98DF-DC6F-4DDE-A106-631FA61B5B0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [TCP Query User{560EA00F-59C6-4F57-AC92-D4746ED7A7A0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CE83D4EF-904D-4529-871A-EBDC7BB4ED7E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D78193FD-7E9E-4D3E-9F43-E73726894505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{ED6D728A-3E0D-4706-97CB-552C7E41475E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{6B4B9E12-AA09-40A1-AB5D-07E39357711A}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.153\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.153\deploy\leagueclient.exe
FirewallRules: [UDP Query User{BD6B3334-678D-48AA-B23C-5AEC38C7BDDE}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.153\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.153\deploy\leagueclient.exe
FirewallRules: [{B9D584E0-CA76-4D65-9FBF-67896E1FD399}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [{D129ADEA-35AA-4144-9285-463CC2A490C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [TCP Query User{9E5927EC-66EA-49AC-A59E-3123A5E8B9D9}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.154\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.154\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F3E997CD-CE27-4BF3-BF5C-0DEFB08EB659}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.154\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.154\deploy\leagueclient.exe
FirewallRules: [{6FC9E24B-F0BF-4F77-8E82-837A305041C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{3111BD00-09F9-4F0C-A5E3-7699A6FDC027}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{A6D6E585-87F7-4D31-968D-9824934AB3B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe
FirewallRules: [{EB0E6383-E8A2-4F55-AB91-B03F0A693CED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe
FirewallRules: [TCP Query User{96C77989-19D9-4E38-963F-A46BE953225C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{00A0B97B-9538-4411-88F9-A3BFFB62B4F9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A31EA2AB-8C18-47D2-B901-47913BFE10C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{B167F27B-F776-4412-BFB1-AB7AFDA493F6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D0FAF37E-1104-4912-8E13-0BF9C5B47A8D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0FF8FD1A-7BA3-4AE9-8583-44AC2DCAA994}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{460006FC-C932-41C7-BFE5-8E107B909A09}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{7F802516-D17C-40FB-952D-E48CB44BA77C}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.158\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{E3B36287-AF6E-4755-B3CD-48DF3D8EF640}C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.158\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.1.158\deploy\leagueclient.exe
FirewallRules: [{616A257D-5D6A-4883-B22D-003D502DCC5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{CE6E44CB-DD89-4672-B41B-406DABE2EA5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{55400765-534C-4A14-85BB-DF2068FFAADB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{42D551E6-4F56-40A1-BC4E-7708FAFDDCE7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{1809CE4C-D5A7-4BE4-940A-2DECFA23886B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{CC0FD8C5-9D65-4267-B74D-2498A7CFC99C}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{DC34CE97-52B9-4350-9AB3-61EF543F1303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{0115E8E0-6AEE-4B30-B127-06228E9AD3F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{C33F3E24-F973-47EC-8B8E-0CCB65F145E2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{DC6B5510-2C28-4DEC-881D-6FAF4A0E0F7D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{9D7FBFAB-E076-4985-AAD2-C9B45220F856}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{C7BCA0FA-6611-4B70-ABFE-94DA8873C5BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{55F647EE-75F5-4807-8D33-4260CCBB8CC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [TCP Query User{E15F69FA-F905-4A12-B224-EA099C35DAF5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F3DECA3E-C4C4-4401-B076-8ECED59F60D5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [{08B5984E-2A3E-4B2C-8426-44623F69C279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EB27751A-10F3-4611-B015-22C112173A4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA GeForce GTS 450
Description: NVIDIA GeForce GTS 450
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2018 04:15:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/13/2018 04:15:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/13/2018 03:07:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/13/2018 03:05:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/13/2018 03:05:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/13/2018 03:05:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/13/2018 05:43:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/13/2018 05:42:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


System errors:
=============
Error: (04/13/2018 04:20:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (04/13/2018 04:14:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hi-Rez Studios Authenticate and Update Service bylo dosaženo časového limitu (30000 ms).

Error: (04/13/2018 04:12:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (04/13/2018 04:12:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/13/2018 04:12:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2018 04:12:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2018 04:12:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2018 04:12:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Hi-Rez Studios Authenticate and Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-06-16 17:44:37.281
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{45D54CA0-A2F1-4E35-BBF1-8A8A326C287F}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:test-PC\test

Date: 2015-11-29 00:50:50.831
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070714
Popis chyby:Zadaný soubor bitové kopie neobsahuje oddíl prostředků.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-11-29 00:50:41.432
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze podpisu:1.211.1040.0
Verze modulu:1.1.12300.0

CodeIntegrity:
===================================

Date: 2017-11-26 15:53:11.014
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\test\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-26 15:53:10.926
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\test\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-26 15:53:10.191
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-26 15:53:10.103
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-20 13:12:09.388
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MPCKpt.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-20 12:27:03.189
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-20 12:23:46.093
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-20 12:23:45.828
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Phenom(tm) 9950 Quad-Core Processor
Percentage of memory in use: 36%
Total physical RAM: 8191.24 MB
Available physical RAM: 5181.48 MB
Total Virtual: 16380.67 MB
Available Virtual: 13510.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:293.34 GB) (Free:38.08 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:302.73 GB) (Free:302.49 GB) NTFS

\\?\Volume{850a803c-8b22-11e5-9b72-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 40788ADD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=302.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Toto je pouze Additional. Ještě bych prosil vidět obsah souboru frst.txt. Máte ho na ploše.

[swukleecz]

Omlouvám se, tady to je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by test (administrator) on TEST-PC (13-04-2018 16:51:51)
Running from C:\Users\test\Desktop
Loaded Profiles: test (Available Profiles: test)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-12] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2015-11-09] (VIA)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks (1)] => "C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warships] => "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [WallpaperEngine] => "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warplanes] => "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Gaijin.Net Agent] => "C:\Users\test\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Discord] => C:\Users\test\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2017-06-14]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-06-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-06-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-02-22]
ShortcutTarget: Twitch.lnk -> C:\Users\test\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{40F5143E-E1E8-494E-B925-72839C3F31C7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AE568813-CC7A-4B9D-B4B4-8D4030A09294}: [NameServer] 77.234.40.79

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {3BF1670B-0D8A-4E20-B24B-CFD61F757B1A} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {9F976E67-9D9C-4F2B-BB92-BE375CC328CA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {C0C85594-B862-4570-848F-E85A0AB6DD3A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-20] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: aiixix9q.default
FF ProfilePath: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default [2018-04-05]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-23] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\sp@avast.com.xpi [2017-09-09]
FF Extension: (Avast Online Security) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\wrc@avast.com.xpi [2017-09-09]
FF Extension: (Adblock Plus) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-23] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-17] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default [2018-04-13]
CHR Extension: (Adobe Acrobat) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-23]
CHR Extension: (AdBlock) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-12]
CHR Extension: (Avast Online Security) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-14]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-23]
CHR HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-12] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2018-03-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-15] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2015-11-09] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-15] (Microsoft Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-13] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-12] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-18] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-12] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-15] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-23] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (Visicom Media Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-23] (Malwarebytes)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-06] (Malwarebytes)
S3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-10-23] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-06] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-06-13] (The OpenVPN Project)
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 cpuz138; \??\C:\Users\test\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-13 16:09 - 2018-04-13 16:09 - 007256272 _____ (Malwarebytes) C:\Users\test\Downloads\adwcleaner_7.1.0.0.exe
2018-04-13 16:09 - 2018-04-13 16:09 - 007256272 _____ (Malwarebytes) C:\Users\test\Desktop\adwcleaner_7.1.0.0.exe
2018-04-13 15:37 - 2018-04-13 15:39 - 000110992 _____ C:\Users\test\Desktop\Addition.txt
2018-04-13 15:32 - 2018-04-13 16:52 - 000020906 _____ C:\Users\test\Desktop\FRST.txt
2018-04-13 15:31 - 2018-04-13 15:31 - 002403328 _____ (Farbar) C:\Users\test\Desktop\FRST64.exe
2018-04-12 16:08 - 2018-04-12 16:06 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-04-11 15:05 - 2018-04-11 15:05 - 000000000 ____D C:\Users\test\Desktop\síkrit
2018-04-11 07:00 - 2018-04-11 07:00 - 000000000 ____D C:\Users\test\Desktop\Nová složka (2)
2018-04-11 06:59 - 2018-04-11 06:59 - 001265288 _____ C:\Users\test\Downloads\Buk.pptx
2018-04-11 06:50 - 2018-04-11 06:50 - 000588800 _____ C:\Users\test\Downloads\Buk_lesni__Fagus_sylvatica_-vzor_przentace.ppt
2018-04-09 14:53 - 2018-04-09 14:53 - 000000689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome to the Game II.lnk
2018-04-09 14:53 - 2018-04-09 14:53 - 000000677 _____ C:\Users\Public\Desktop\Welcome to the Game II.lnk
2018-04-09 14:53 - 2018-04-09 14:53 - 000000000 ____D C:\Program Files\Welcome to the Game II
2018-04-09 14:26 - 2018-04-09 14:46 - 1643014445 _____ C:\Users\test\Downloads\Welcome.to.the.Game.II.rar
2018-04-09 14:24 - 2018-04-09 14:55 - 000000000 ____D C:\Users\test\AppData\LocalLow\Reflect Studios
2018-04-09 13:24 - 2018-04-09 14:22 - 653796278 _____ C:\Users\test\Downloads\Welcome.to.the.Game.v2.2.rar
2018-04-07 14:04 - 2018-04-07 14:04 - 000000000 __SHD C:\82ace7d6-0197-474d-bf4b-a2043e72329b
2018-04-05 05:20 - 2018-04-05 05:20 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-05 05:18 - 2018-04-05 05:18 - 000003428 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-04-05 05:18 - 2018-04-05 05:18 - 000003300 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-04-05 05:16 - 2018-04-05 05:16 - 000000000 ____D C:\Users\test\AppData\Local\AVAST Software
2018-04-05 05:16 - 2018-04-05 05:16 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-04-03 19:34 - 2018-04-03 19:34 - 000000000 ____D C:\Users\test\AppData\Roaming\twitch-electron
2018-04-01 18:07 - 2018-04-01 18:07 - 000001089 _____ C:\Users\test\Desktop\Cheat Engine.lnk
2018-04-01 18:07 - 2018-04-01 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.7
2018-04-01 18:07 - 2018-04-01 18:07 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-04-01 18:06 - 2018-04-01 18:06 - 012133120 _____ (Cheat Engine ) C:\Users\test\Downloads\CheatEngine67.exe
2018-04-01 12:43 - 2018-04-01 12:43 - 000000222 _____ C:\Users\test\Desktop\Orcs Must Die! 2.url
2018-03-30 12:43 - 2018-03-30 12:43 - 000049105 _____ C:\Users\test\Downloads\SteamAchievementManager-7.0.11.zip
2018-03-30 12:35 - 2018-03-30 22:37 - 000000000 ____D C:\Users\test\Desktop\SteamAchievementManager-master
2018-03-30 12:35 - 2018-03-30 12:35 - 000124278 _____ C:\Users\test\Downloads\SteamAchievementManager-master.zip
2018-03-28 21:04 - 2018-03-28 19:17 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2018-03-28 19:17 - 2018-03-28 19:17 - 000000222 _____ C:\Users\test\Desktop\Dead by Daylight.url
2018-03-18 18:48 - 2018-03-18 18:48 - 000000222 _____ C:\Users\test\Desktop\CPUCores Maximize Your FPS.url
2018-03-17 22:41 - 2018-03-17 22:41 - 027566497 _____ C:\Users\test\Downloads\Stereo Sayan 3D.mp4
2018-03-17 21:53 - 2018-03-19 14:36 - 000000000 ____D C:\Program Files (x86)\ManyCam
2018-03-16 17:54 - 2018-03-16 17:54 - 000000000 ____D C:\Users\test\AppData\Local\DampHolidays

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-13 16:51 - 2016-02-04 20:33 - 000000000 ____D C:\FRST
2018-04-13 16:26 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-13 16:26 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-13 16:20 - 2016-07-17 13:53 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-13 16:20 - 2015-11-20 15:32 - 000000000 ____D C:\Users\test\AppData\Roaming\Skype
2018-04-13 16:19 - 2018-02-22 23:23 - 000000000 ____D C:\Users\test\AppData\Roaming\Twitch
2018-04-13 16:14 - 2015-11-19 17:50 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-04-13 16:14 - 2015-11-15 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-13 16:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-13 16:12 - 2017-10-23 19:41 - 000000000 ____D C:\AdwCleaner
2018-04-13 15:25 - 2016-07-18 18:34 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-13 15:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2018-04-13 15:14 - 2017-03-18 13:54 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-13 15:05 - 2017-01-02 17:11 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-04-13 05:53 - 2018-03-12 18:27 - 000003162 _____ C:\Windows\System32\Tasks\{51E23819-6969-4A2E-9A8A-E90D654DAB5A}
2018-04-13 05:53 - 2018-02-01 15:01 - 000003454 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-test-PC-test
2018-04-13 05:53 - 2017-11-14 06:49 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca
2018-04-13 05:53 - 2017-11-14 06:49 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8
2018-04-13 05:53 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2017-04-19 17:58 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-04-13 05:53 - 2016-08-20 13:12 - 000009010 _____ C:\Windows\System32\Tasks\Gerkmiwegh Cache
2018-04-13 05:53 - 2015-11-21 02:50 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-13 05:53 - 2015-11-15 00:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-04-13 05:52 - 2016-02-04 20:13 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-04-12 16:06 - 2017-11-18 18:14 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-12 16:06 - 2016-07-18 18:34 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-12 16:05 - 2017-11-24 15:29 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-04-12 16:05 - 2016-07-18 18:34 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-12 16:03 - 2017-08-23 23:24 - 000000000 ____D C:\Users\test\AppData\Roaming\discord
2018-04-11 15:04 - 2017-04-13 16:37 - 000000000 ____D C:\Users\test\Desktop\other
2018-04-11 15:04 - 2016-11-11 16:12 - 000000000 ____D C:\Users\test\Desktop\Songs
2018-04-11 15:04 - 2016-11-03 15:09 - 000000000 ____D C:\Users\test\Desktop\photos
2018-04-11 07:01 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-04-11 07:01 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-04-11 07:01 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-11 07:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-11 06:27 - 2016-09-03 12:34 - 000004514 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-11 06:27 - 2015-11-21 02:50 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-11 06:27 - 2015-11-21 02:50 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-11 06:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-11 06:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 05:23 - 2016-02-04 20:11 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-04 21:13 - 2018-03-02 14:28 - 000001350 _____ C:\Users\test\Desktop\Roblox Player.lnk
2018-04-04 21:13 - 2018-03-02 14:27 - 000001169 _____ C:\Users\test\Desktop\Roblox Studio.lnk
2018-04-04 21:13 - 2017-10-16 20:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-04-02 15:18 - 2017-01-08 18:22 - 000000000 ____D C:\Users\test\AppData\Roaming\.minecraft
2018-04-02 14:18 - 2018-02-15 16:00 - 000000000 ____D C:\Users\test\Desktop\Not Played Games
2018-04-02 14:17 - 2015-11-20 15:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-04-01 12:43 - 2016-10-01 19:45 - 000000000 ____D C:\Games
2018-04-01 12:43 - 2016-06-15 21:24 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-04-01 12:42 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-31 11:35 - 2017-08-17 19:51 - 000000000 ____D C:\Users\test\AppData\Roaming\audacity
2018-03-30 22:37 - 2018-02-15 16:02 - 000000000 ____D C:\Users\test\Desktop\Played gems
2018-03-30 00:42 - 2015-11-22 00:29 - 000000000 ____D C:\Users\test\Documents\My Games
2018-03-22 07:45 - 2017-10-23 15:43 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 17:18 - 2017-02-08 22:19 - 000000000 ____D C:\Users\test\AppData\Roaming\CPUCores
2018-03-18 14:24 - 2018-03-11 14:15 - 000000000 ____D C:\Users\test\Desktop\Godx

==================== Files in the root of some directories =======

2016-11-01 20:50 - 2016-11-01 20:50 - 000066309 _____ () C:\Users\test\AppData\Roaming\icarus-dxdiag.xml
2015-12-13 17:50 - 2015-12-13 17:50 - 000000097 _____ () C:\Users\test\AppData\Roaming\LauncherSettings_live.cfg
2015-12-13 17:45 - 2015-12-13 17:45 - 000010496 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_live.bin
2015-12-13 17:42 - 2015-12-13 17:42 - 000000039 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-12-19 16:53 - 2016-08-06 20:24 - 000000910 _____ () C:\Users\test\AppData\Local\_settings.ini

Some files in TEMP:
====================
2017-11-12 20:22 - 2017-11-12 20:22 - 000000180 _____ () C:\Users\test\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-11-12 20:23 - 2017-11-12 20:23 - 000000088 _____ () C:\Users\test\AppData\Local\Temp\97b6e2451007564f1d01266c76bcdeef.dll
2018-02-22 23:38 - 2018-02-22 23:38 - 000019968 ____N (Red Hat®, Inc.) C:\Users\test\AppData\Local\Temp\jansi-64-6595523131939039027.dll
2018-04-12 16:12 - 2018-04-12 16:12 - 058834376 _____ (Skype Technologies S.A.) C:\Users\test\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-10 17:48

==================== End of FRST.txt ============================

[Rudy]

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8
C:\Users\test\AppData\Local\Temp
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll -> No File
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {5428E6D2-BFFA-4F18-861E-0DF7C0EE3716} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {E6484B88-E52A-41EB-88EA-5FFA7DF037DB} - System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {9C56D35C-1C54-4B6F-9C81-4AC280359CA7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
Task: {F12E0DE4-05B7-4B73-AD7C-F07538E9A4B7} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [219]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[swukleecz]

Tady to je
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by test (13-04-2018 18:21:45) Run:3
Running from C:\Users\test\Desktop
Loaded Profiles: test (Available Profiles: test)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8
C:\Users\test\AppData\Local\Temp
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll -> No File
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {5428E6D2-BFFA-4F18-861E-0DF7C0EE3716} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {E6484B88-E52A-41EB-88EA-5FFA7DF037DB} - System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-21] (Google Inc.)
Task: {9C56D35C-1C54-4B6F-9C81-4AC280359CA7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
Task: {F12E0DE4-05B7-4B73-AD7C-F07538E9A4B7} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software) <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [219]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8 => moved successfully

"C:\Users\test\AppData\Local\Temp" folder move:

Could not move "C:\Users\test\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64" => removed successfully
"HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\_{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5428E6D2-BFFA-4F18-861E-0DF7C0EE3716}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5428E6D2-BFFA-4F18-861E-0DF7C0EE3716}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d12d273b5e9ef8" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6484B88-E52A-41EB-88EA-5FFA7DF037DB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6484B88-E52A-41EB-88EA-5FFA7DF037DB}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C56D35C-1C54-4B6F-9C81-4AC280359CA7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C56D35C-1C54-4B6F-9C81-4AC280359CA7}" => removed successfully
C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F12E0DE4-05B7-4B73-AD7C-F07538E9A4B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F12E0DE4-05B7-4B73-AD7C-F07538E9A4B7}" => removed successfully
C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63698630 B
Java, Flash, Steam htmlcache => 8035988 B
Windows/system/drivers => 7528752 B
Edge => 0 B
Chrome => 278715368 B
Firefox => 99600932 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
test => 4668688179 B

RecycleBin => 4080245881 B
EmptyTemp: => 8.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-04-2018 18:27:24)

C:\Users\test\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:27:27 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[swukleecz]

Rychlejší spouštění všeho něž před tím, díky

[Rudy]

Nemáte zač!