Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o prohlédnutí

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Prosím o prohlédnutí

#1 Příspěvek od Jjohny »

Zdravím,
poslední dobou se mi čas od času zblázní kurzor. Lítá všude po ploše, kliká, scrolluje.
Po restartu PC to bylo vždy nějakou dobu v pohodě.
Dnes jsem zkusil v ovládacích panelech vypnout touchpad a bohužel nepomohlo. Odpojení myši, také nic.
Vypnutí wifi, také nic, takže vzdálený přístup to nebude.
Prosím tedy o prohlídnutí logů.

Děkuji

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Jiří (administrator) on JJOHNY (04-09-2018 19:41:04)
Running from C:\Users\Jiří.Jjohny\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BitTorrent Inc.) C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(BitTorrent Inc.) C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\updates\3.5.4_44520\utorrentie.exe
(BitTorrent Inc.) C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\updates\3.5.4_44520\utorrentie.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [uTorrent] => C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe [1987256 2018-08-29] (BitTorrent Inc.)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Jiří.Jjohny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-07-01] (Gaijin Entertainment)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [GoogleChromeAutoLaunch_6383DE60B9D9D5792666E3D84EF68514] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1577816 2018-08-08] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182600 2018-06-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159712 2018-06-25] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 185.97.254.158 api.facepunch.com
Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{800E46F2-D8C9-4B41-878B-7AD010DCA5A3}: [DhcpNameServer] 10.132.12.33 10.132.12.1

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default [2018-09-04]
CHR Extension: (Prezentace) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-11]
CHR Extension: (Dokumenty) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-11]
CHR Extension: (Disk Google) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-11]
CHR Extension: (YouTube) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-11]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-11]
CHR Extension: (Tabulky) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Twitch Now) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2018-09-04]
CHR Extension: (Gmail) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2018-03-31] ()
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9936176 2013-11-29] (DisplayLink Corp.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-20] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-01] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-07-29] ()
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-03] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2018-03-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2018-03-03] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-08-24] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3668208 2013-07-29] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-04] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [52328 2018-09-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-04] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [109872 2018-09-04] (Malwarebytes)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-06-24] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-06-24] (NVIDIA Corporation)
S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbnet; C:\Windows\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 GPU-Z; \??\C:\Users\JIF4B3~1.JJO\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-04 19:41 - 2018-09-04 19:41 - 000018323 _____ C:\Users\Jiří.Jjohny\Desktop\FRST.txt
2018-09-04 19:40 - 2018-09-04 19:41 - 000000000 ____D C:\FRST
2018-09-04 19:39 - 2018-09-04 19:39 - 002413056 _____ (Farbar) C:\Users\Jiří.Jjohny\Desktop\FRST64.exe
2018-09-04 19:28 - 2018-09-04 19:29 - 000109872 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Local\mbam
2018-09-04 19:27 - 2018-09-04 19:27 - 079352560 _____ (Malwarebytes ) C:\Users\Jiří.Jjohny\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.441-1.0.6623.exe
2018-09-04 19:27 - 2018-09-04 19:27 - 000001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-04 19:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-03 19:20 - 2018-09-04 12:45 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\2. serie
2018-09-03 19:18 - 2018-09-04 06:13 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Tuningove války 1.serie
2018-09-02 18:36 - 2018-09-02 18:36 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\The Coloring Book by Colin Quinn EPUB
2018-09-02 16:01 - 2018-09-02 23:53 - 000000000 ____D C:\Users\Jiří.Jjohny\Desktop\mandaly
2018-08-31 09:12 - 2018-08-31 09:13 - 489801255 _____ C:\Users\Jiří.Jjohny\Downloads\vyuka.zip
2018-08-29 13:38 - 2018-09-04 19:25 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\LocalLow\uTorrent
2018-08-26 13:11 - 2018-08-26 13:12 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E04.XviD-AFG
2018-08-26 13:10 - 2018-08-26 13:11 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E02.XviD-AFG
2018-08-26 13:08 - 2018-08-26 13:10 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E01.XviD-AFG
2018-08-26 13:06 - 2018-08-26 13:08 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E03.XviD-AFG
2018-08-26 12:21 - 2018-08-26 16:06 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E06.XviD-AFG
2018-08-26 12:19 - 2018-08-26 14:18 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E05.XviD-AFG
2018-08-26 11:02 - 2018-08-26 11:02 - 000000000 ____D C:\Users\Jiří.Jjohny\Desktop\Nová složka
2018-08-25 19:09 - 2018-08-26 11:02 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Mary Berry's Supper for Friends ,Traditional Puddings and Desserts And Baking Bible -Mantesh
2018-08-22 16:24 - 2018-08-22 23:05 - 2374113280 _____ C:\Users\Jiří.Jjohny\Downloads\Kočičí princ.mpg
2018-08-21 15:31 - 2018-03-27 01:24 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2018-08-21 15:30 - 2018-03-27 01:24 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2018-08-21 15:30 - 2018-03-27 01:17 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2018-08-21 15:30 - 2018-03-27 01:17 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2018-08-21 06:32 - 2018-08-04 01:46 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-21 06:32 - 2018-08-04 01:46 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-19 13:17 - 2018-08-19 13:37 - 1099189870 ____R C:\Users\Jiří.Jjohny\Downloads\Tajemstvi.stare.bambitky.TVRip.avi
2018-08-19 13:17 - 2018-08-19 13:17 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Stastny smolar
2018-08-19 13:16 - 2018-08-19 13:34 - 1828552704 ____R C:\Users\Jiří.Jjohny\Downloads\Sedmero.krkavcu.2015.DVDRip.XviD.CZ-TreZzoR.avi
2018-08-19 07:17 - 2018-08-19 07:44 - 782180352 ____R C:\Users\Jiří.Jjohny\Downloads\Duch nad zlato 2013.avi
2018-08-18 13:02 - 2018-08-21 18:38 - 1542287712 ____R C:\Users\Jiří.Jjohny\Downloads\Svatojansky.venecek.tvrip.576p.TROJAN.mp4
2018-08-18 12:09 - 2018-08-18 12:19 - 1884628992 ____R C:\Users\Jiří.Jjohny\Downloads\Rachanda.2016.DVDRip.XviD.CZ-TreZzoR.avi
2018-08-18 11:45 - 2018-08-18 11:53 - 740923392 ____R C:\Users\Jiří.Jjohny\Downloads\Vánoční.prázdniny_whv.avi
2018-08-18 11:34 - 2018-08-18 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-08-18 11:17 - 2018-08-18 11:59 - 945782350 ____R C:\Users\Jiří.Jjohny\Downloads\Jack Frost.mkv
2018-08-18 11:16 - 2018-08-18 11:31 - 1718075392 ____R C:\Users\Jiří.Jjohny\Downloads\Mrazík.avi
2018-08-17 13:55 - 2018-08-17 13:55 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kazatel - Preacher 2. série (CZ)[WebRip][HEVC][1080p]
2018-08-15 19:37 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 19:37 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 19:37 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 19:37 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 19:37 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 19:37 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 19:37 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 19:37 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 19:37 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 19:37 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 19:37 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 19:37 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 19:37 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 19:37 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 19:37 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 19:37 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-15 19:37 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 19:37 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 19:37 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 19:37 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 19:37 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 19:37 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-15 19:37 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 19:37 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 19:37 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 19:37 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 19:37 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 19:37 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-15 19:37 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 19:37 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 19:37 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 19:37 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 19:37 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 19:37 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-15 19:37 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 19:37 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 19:37 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 19:37 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 19:37 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 19:37 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-15 19:37 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-15 19:37 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 19:37 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 19:37 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 19:37 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 19:37 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 19:37 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 19:37 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 19:37 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 19:37 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 19:37 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-15 19:37 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 19:37 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-15 19:37 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 19:37 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-15 19:37 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-15 19:37 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-15 19:37 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-15 19:37 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-15 19:37 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-11 14:33 - 2018-08-24 15:15 - 1468557312 ____R C:\Users\Jiří.Jjohny\Downloads\Zázrak v New Yorku CZ.avi
2018-08-11 13:25 - 2018-08-11 13:38 - 822515712 ____R C:\Users\Jiří.Jjohny\Downloads\rolnicky.kam.se.podivas.1996.DivX.x264.MP3.CZ.SK-DeSOLate.avi
2018-08-11 13:05 - 2018-08-11 13:31 - 1712447488 ____R C:\Users\Jiří.Jjohny\Downloads\Polarni Expres.avi
2018-08-11 13:04 - 2018-08-11 13:24 - 1756362752 ____R C:\Users\Jiří.Jjohny\Downloads\Andel.pane.2.CZ.dabing.avi
2018-08-11 13:03 - 2018-08-11 13:25 - 1644101632 ____R C:\Users\Jiří.Jjohny\Downloads\Anděl Páně.avi
2018-08-11 10:59 - 2018-08-11 10:59 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kůň pro Winky - Paard van sinterklaas 1+2 [webrip]
2018-08-11 10:55 - 2018-08-11 11:56 - 1098309467 _____ C:\Users\Jiří.Jjohny\Downloads\Strašidelné vánoce - Scrooged (1988) Tit. Cz.mp4
2018-08-11 10:54 - 2018-08-11 14:50 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Snoopy o vánocích
2018-08-11 10:23 - 2018-08-11 10:41 - 1655853056 ____R C:\Users\Jiří.Jjohny\Downloads\Bad.Santa.2.2016.Theatrical.BDRip.XviD.CZ.avi
2018-08-11 10:23 - 2018-08-11 10:36 - 755638272 ____R C:\Users\Jiří.Jjohny\Downloads\Santa je úchyl.avi
2018-08-11 10:20 - 2018-08-11 11:49 - 1608740286 _____ C:\Users\Jiří.Jjohny\Downloads\Letos nepeču - Rod.Komedie - USA - 2010 - cz.avi
2018-08-09 13:48 - 2018-08-09 13:48 - 000000000 ___RD C:\Users\Jiří.Jjohny\AppData\Roaming\Brother
2018-08-09 13:48 - 2018-08-09 13:48 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\LocalLow\Brother
2018-08-08 20:38 - 2018-08-08 21:45 - 1246418944 _____ C:\Users\Jiří.Jjohny\Downloads\Never-back-down-2-CZ-TITULKY-(nikdy-to-nevzdávej-2).avi
2018-08-08 13:57 - 2018-08-08 14:56 - 1049131008 _____ C:\Users\Jiří.Jjohny\Downloads\Coach Carter (2005 CZdab)..avi
2018-08-05 12:42 - 2018-08-05 23:02 - 2176034816 _____ C:\Users\Jiří.Jjohny\Downloads\Coach Carter - Coach Carter.avi
2018-08-05 08:44 - 2018-08-05 08:44 - 000003494 _____ C:\Windows\System32\Tasks\BlueStacksHelper
2018-08-05 08:38 - 2018-08-11 19:23 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-08-05 08:37 - 2018-08-05 08:58 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Local\Bluestacks

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-04 19:41 - 2018-02-11 11:50 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent
2018-09-04 19:36 - 2018-03-01 17:27 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-09-04 19:26 - 2018-02-12 00:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-04 19:26 - 2018-02-11 11:06 - 000000000 ___RD C:\Users\Jiří.Jjohny\OneDrive
2018-09-04 19:25 - 2018-02-11 12:17 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-04 19:24 - 2018-07-27 16:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-09-04 19:24 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-04 19:23 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-04 17:28 - 2018-02-11 11:07 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B70EF4B-CEA4-4411-A4E2-604621121022}
2018-09-04 11:10 - 2018-03-02 21:28 - 000696832 ___SH C:\Users\Jiří.Jjohny\Downloads\Thumbs.db
2018-09-02 23:53 - 2018-02-12 16:27 - 000541184 ___SH C:\Users\Jiří.Jjohny\Desktop\Thumbs.db
2018-08-30 19:43 - 2014-11-21 06:53 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-30 19:43 - 2014-11-21 06:10 - 000735548 _____ C:\Windows\system32\perfh005.dat
2018-08-30 19:43 - 2014-11-21 06:10 - 000149356 _____ C:\Windows\system32\perfc005.dat
2018-08-30 19:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-22 14:12 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-21 15:36 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-21 14:28 - 2018-02-11 11:11 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-156936490-2435032342-93998820-1001
2018-08-21 06:32 - 2013-08-22 16:44 - 005102664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-21 06:26 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-18 11:37 - 2018-05-29 19:07 - 000000000 ____D C:\Program Files (x86)\nodongle.biz
2018-08-18 11:37 - 2018-02-15 17:52 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-08-17 06:25 - 2018-08-03 22:18 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kazatel = Preacher 1. série (2016)(CZ+EN)
2018-08-16 07:09 - 2018-02-15 20:50 - 000000000 ____D C:\Windows\system32\MRT
2018-08-16 07:06 - 2018-02-15 20:50 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-15 17:59 - 2018-02-11 12:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-12 20:26 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-12 13:15 - 2018-04-24 18:08 - 000000000 ___RD C:\Users\Jiří.Jjohny\Documents\Scanned Documents
2018-08-09 08:35 - 2018-02-11 11:10 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-02-12 16:53 - 2018-03-16 21:09 - 000000132 _____ () C:\Users\Jiří.Jjohny\AppData\Roaming\Adobe Formát PNG CS6 – předvolby

Some files in TEMP:
====================
2018-08-05 08:57 - 2018-06-21 11:50 - 000826376 _____ (BlueStack Systems, Inc.) C:\Users\Jiří.Jjohny\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2018-08-05 08:57 - 2018-06-21 11:50 - 000421344 _____ (CodeTitans) C:\Users\Jiří.Jjohny\AppData\Local\Temp\JSON.dll

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-04 09:06

==================== End of FRST.txt ============================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Jiří (04-09-2018 19:42:09)
Running from C:\Users\Jiří.Jjohny\Desktop
Windows 8.1 (Update) (X64) (2018-02-11 09:03:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-156936490-2435032342-93998820-500 - Administrator - Disabled)
Guest (S-1-5-21-156936490-2435032342-93998820-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-156936490-2435032342-93998820-1003 - Limited - Enabled)
Jiří (S-1-5-21-156936490-2435032342-93998820-1001 - Administrator - Enabled) => C:\Users\Jiří.Jjohny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{5586ea81-c047-4609-b47a-4bad18347b44}) (Version: 16.5.0 - Intel Corporation)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
DisplayLink Core Software (HKLM\...\{801343BF-D1C5-42BE-ACF3-E5F2470CA204}) (Version: 7.5.52874.0 - DisplayLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.32 - HP)
HP USB Port Replicator (HKLM\...\{F51CE4C1-6DD5-4353-9E11-AD97D261A049}) (Version: 7.5.52960.0 - Hewlett-Packard)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.4.1000 - Intel Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Mediatek Bluetooth (HKLM\...\{16BCAEDC-C115-1729-07C4-7A0091C699A6}) (Version: 11.0.749.0 - Mediatek)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.12.32066 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13622 - Kakao Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.5287 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
WinRAR 5.50 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-07-25] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-07-25] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF36513-AD16-49C2-B35F-72CABC57DE92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)
Task: {12D0388C-C788-4951-A86E-9437598DD34A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-24] (NVIDIA Corporation)
Task: {15E848DC-6030-459E-A026-F633EB6744BC} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation)
Task: {2526DEAC-39A4-4BE1-B976-5CF138E1D20B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {4865F962-ECC7-4535-A6CA-2AFDFCF00E0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-06-24] (NVIDIA Corporation)
Task: {531DEC26-0A85-49E6-9A60-B29F77F04A1C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {5DCFBA26-0010-4C89-BB70-C2B485632759} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-06-24] (NVIDIA Corporation)
Task: {858910E4-1B60-411C-89A5-28D8D882C39D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-13] (Adobe Systems Incorporated)
Task: {9BDA81FD-365E-4B46-AD56-E03E059BCAB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)
Task: {A1B9B6D6-570B-41B1-9AF4-D05C35E37D6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {A6C1EF6D-400E-4D42-8EB9-3BBAED49B9F9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-24] (NVIDIA Corporation)
Task: {ACD34EC6-3013-4750-8EDD-D66A1CC9AE9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-24] (NVIDIA Corporation)
Task: {CC82D7CC-812A-48D0-828B-CEFBB382878E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation)
Task: {D9259937-9B83-4102-9B79-C157636828E6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-06-24] (NVIDIA Corporation)
Task: {DED13E80-46CF-4666-94C4-176A1A843C51} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation)
Task: {E15A0257-97F2-49D5-A7E8-8226997E6574} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-24] (NVIDIA Corporation)
Task: {EF794F75-D360-4C63-BD17-F91BDAE5F28D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-03 18:20 - 2018-03-03 19:24 - 000075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2018-03-03 18:20 - 2018-03-03 19:24 - 000189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2018-02-11 12:26 - 2007-09-02 14:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2018-08-09 08:35 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-09 08:35 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2013-02-17 19:35 - 2012-12-21 20:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-09-04 19:27 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-04 19:27 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-02-11 12:26 - 2007-09-02 14:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-04-17 19:14 - 000000839 _____ C:\Windows\system32\Drivers\etc\hosts

185.97.254.158 api.facepunch.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-156936490-2435032342-93998820-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jiří.Jjohny\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.132.12.33 - 10.132.12.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3C31F749-8F13-4E44-9564-3B5678257511}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{57A23904-D437-43DD-8C36-869A744779BF}] => (Allow) C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{86B861C7-727F-46C9-917B-87893FBF9293}] => (Allow) C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3B2F803-07F1-4721-9F0F-A2A2524401B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05E5CDF6-D7C6-48C3-BBF6-DD0055A01350}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CF4321F-2897-48C3-B2A2-A133DA7E9D13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{663BE0DC-1AA1-40BA-8DF6-FF7276DC6087}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0988843D-90F0-4E79-A4CA-3E97F79967E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{D7A92A06-35C3-4483-8541-0A8E9DCA61F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{2A5AFF92-72A1-4125-9AA3-30C93F7FE6D3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4745BA3B-71CD-408B-961F-C191D28B1556}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{B3319F2E-EC63-41B0-B3F2-9D011B8FAA31}C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{871EC5E7-E044-4F8B-AAC6-E1A6CFEC872C}C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\games\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{D7CADEE5-26FB-472B-B7A8-340AB714767E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{FC75EB7C-C7A6-4F39-8192-2973FDC8E592}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{33382173-BE09-4B69-B1AA-4DD974565173}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1F5A085C-B095-4FEC-8308-4F7B427A88DA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{95ED6BFA-6462-4D28-AA75-285D29ADA6A5}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{CE12C487-CB9C-40CC-83CD-EF4062F22DBD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{7A7D2145-2B1D-4D78-BFF2-E36585A90CA3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{4D84441A-ACB9-4B3C-9483-38D28366C1F8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{8B778287-C2D1-4603-8A16-C007EBB7FEAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E66E46E7-EAE9-4905-AB68-578FF9F1A60F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6A6D3368-B8D7-4316-835D-7EFEA51978B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C767C59-9E91-4E0A-AFB7-6EA2C15C46BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{989E1A26-51A2-4FC5-995C-A8A8C715A60D}] => (Allow) LPort=3001
FirewallRules: [TCP Query User{3BC71915-E8A5-4814-8AA8-5B7A8F1198C4}C:\users\jiří.jjohny\desktop\eco.v0.7.1.0\ecoserver\ecoserver.exe] => (Allow) C:\users\jiří.jjohny\desktop\eco.v0.7.1.0\ecoserver\ecoserver.exe
FirewallRules: [UDP Query User{EB132A44-2EF5-4332-85A8-CF42838E2FD5}C:\users\jiří.jjohny\desktop\eco.v0.7.1.0\ecoserver\ecoserver.exe] => (Allow) C:\users\jiří.jjohny\desktop\eco.v0.7.1.0\ecoserver\ecoserver.exe
FirewallRules: [TCP Query User{5419CF52-1FA6-4F0D-9CBC-F248205B9C92}C:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe
FirewallRules: [UDP Query User{D77CD1B3-C660-4060-B8EB-B037F406434D}C:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe
FirewallRules: [TCP Query User{F2361426-64A9-477F-9FA2-E9A1A8D12BCD}C:\program files (x86)\steam\steamapps\common\shot in the dark\shotinthedark\binaries\win32\shotinthedark-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shot in the dark\shotinthedark\binaries\win32\shotinthedark-win32-shipping.exe
FirewallRules: [UDP Query User{17D266A4-7C33-4143-8A62-6936E862F25D}C:\program files (x86)\steam\steamapps\common\shot in the dark\shotinthedark\binaries\win32\shotinthedark-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\shot in the dark\shotinthedark\binaries\win32\shotinthedark-win32-shipping.exe
FirewallRules: [{CA2E8889-8BEB-41B3-BEA1-ABCC4F38D412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stealth Inc 2\settings\settings.exe
FirewallRules: [{E42FDE60-168D-4435-BD95-730751C242A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stealth Inc 2\settings\settings.exe
FirewallRules: [TCP Query User{0FCC7BA2-5760-46C5-B387-7EDC31BD72C5}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{6F6CA776-B90E-4DF2-8D7C-F46308CD6D73}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{08CC4E3B-4F28-40FD-87D4-D444B9D717D4}C:\program files (x86)\steam\steamapps\common\the day online\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the day online\bin64\launcher.exe
FirewallRules: [UDP Query User{86A6C1B1-59E8-497C-B87E-9A201D3AE2A2}C:\program files (x86)\steam\steamapps\common\the day online\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the day online\bin64\launcher.exe
FirewallRules: [TCP Query User{FA4EFDA8-8FCC-479D-AE2D-778D09ACF153}C:\users\jiří.jjohny\desktop\train valley 2\trainvalley2.exe] => (Block) C:\users\jiří.jjohny\desktop\train valley 2\trainvalley2.exe
FirewallRules: [UDP Query User{059FD46C-C447-4010-99FA-F7768E0853B4}C:\users\jiří.jjohny\desktop\train valley 2\trainvalley2.exe] => (Block) C:\users\jiří.jjohny\desktop\train valley 2\trainvalley2.exe
FirewallRules: [TCP Query User{04BDBFDA-2DE7-426F-A9C7-D683C24D3F2D}C:\program files (x86)\el-cast repack\pixark\shootergame\binaries\win64\pixark.exe] => (Allow) C:\program files (x86)\el-cast repack\pixark\shootergame\binaries\win64\pixark.exe
FirewallRules: [UDP Query User{74A5D21F-07A7-450B-9DB6-0E79A3E34295}C:\program files (x86)\el-cast repack\pixark\shootergame\binaries\win64\pixark.exe] => (Allow) C:\program files (x86)\el-cast repack\pixark\shootergame\binaries\win64\pixark.exe
FirewallRules: [TCP Query User{23A76239-C1A8-41E2-9B34-55DD97982609}C:\games\thehunter call of the wild new species 2018\thehuntercotw_f.exe] => (Allow) C:\games\thehunter call of the wild new species 2018\thehuntercotw_f.exe
FirewallRules: [UDP Query User{A748D74A-887E-41B4-8023-B922B344CEFC}C:\games\thehunter call of the wild new species 2018\thehuntercotw_f.exe] => (Allow) C:\games\thehunter call of the wild new species 2018\thehuntercotw_f.exe
FirewallRules: [{BF0F5E89-36B9-47BC-92CE-29A8EACCB825}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{7D2C58DD-CBBB-4920-83E3-CBB37EA0BF30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [TCP Query User{5769AD8B-5840-4CB8-BAF7-5464EBF98A53}C:\games\demolish & build 2018\demolish.exe] => (Allow) C:\games\demolish & build 2018\demolish.exe
FirewallRules: [UDP Query User{F89387B6-CDE9-4BB6-8D3C-779CE135E23C}C:\games\demolish & build 2018\demolish.exe] => (Allow) C:\games\demolish & build 2018\demolish.exe
FirewallRules: [TCP Query User{32D86D40-AA74-443A-919A-E2FB71E48CD2}C:\users\jiří.jjohny\desktop\raft\raft.exe] => (Allow) C:\users\jiří.jjohny\desktop\raft\raft.exe
FirewallRules: [UDP Query User{F23EDF6B-E77A-4162-A644-50F03B21480C}C:\users\jiří.jjohny\desktop\raft\raft.exe] => (Allow) C:\users\jiří.jjohny\desktop\raft\raft.exe
FirewallRules: [{63B0FD51-FC34-4C0F-8746-8D8224D77104}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{BE89FEED-4FC8-4B86-A3B7-644BE3445BCE}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{FF487EF3-1CFE-4092-9A53-C2FAAA4D8526}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{335F03E9-DEA0-4C39-9791-3EB84D4AF1BE}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [TCP Query User{4497D39C-8CF0-4015-A1BD-23700E359CEB}C:\users\jiří.jjohny\desktop\ultimate racing 2d\ultimate_racing_2d.exe] => (Allow) C:\users\jiří.jjohny\desktop\ultimate racing 2d\ultimate_racing_2d.exe
FirewallRules: [UDP Query User{59DCB77B-6B95-43ED-BA91-4E468104409B}C:\users\jiří.jjohny\desktop\ultimate racing 2d\ultimate_racing_2d.exe] => (Allow) C:\users\jiří.jjohny\desktop\ultimate racing 2d\ultimate_racing_2d.exe
FirewallRules: [{EB1C6A61-6076-4783-867C-268894FCB9E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of Pen and Paper 2\kopp2.exe
FirewallRules: [{12102FBA-2F0D-41FB-ACA3-7202A4119DC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of Pen and Paper 2\kopp2.exe
FirewallRules: [{E08628B4-C44E-40EE-97EB-8582A9BF2AC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{D95146A6-DA4E-4410-8D55-228C0149FDD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{ED7825C7-644C-4D76-BF8D-B3D2EBA65F89}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{B5B582EB-8126-4575-8647-1282FD49D58F}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{7303DDBE-CE57-459D-B67F-7A5F90C8794C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5B56B593-CB8A-491B-953B-8204F7132AFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3A81C465-CF33-4EA9-8870-0AE83596EDE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C0A63987-8DDE-46C8-AE61-A82AF36064E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{025C5969-328D-4FF2-B9DE-7EC30BD0F3E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{17D1949E-BE7D-4909-89EE-615997A6D631}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6D37A35F-5BFE-41A1-BA94-20BEAA4DD2A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{16363FC1-19BE-4916-AE32-9B0BA4848EE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FE741D59-A4BC-4D86-BAA2-D813A9811ED5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FCF3BD8-ECFA-4172-9438-128C2CF407AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{3101E42A-FE19-4684-8E32-AA84161F7E2B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D7CEDF56-B556-4723-82E0-FAEDB9672AEB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe
FirewallRules: [TCP Query User{ABB8FF89-5446-4C5F-A2A2-8BD938490EAF}C:\users\jiří.jjohny\desktop\rimworld.v1.0.1972\rimworldwin64.exe] => (Allow) C:\users\jiří.jjohny\desktop\rimworld.v1.0.1972\rimworldwin64.exe
FirewallRules: [UDP Query User{893D8B75-6F8A-42A6-B5F9-600F5CFB58DD}C:\users\jiří.jjohny\desktop\rimworld.v1.0.1972\rimworldwin64.exe] => (Allow) C:\users\jiří.jjohny\desktop\rimworld.v1.0.1972\rimworldwin64.exe
FirewallRules: [TCP Query User{A1AB5631-F474-4046-BDA9-1A5BC4F13C24}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{2940B1A5-F56B-4A87-86AA-FFEA3C3B44E7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [{266D84EF-E24F-4F52-B7E0-F182EA31226E}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
FirewallRules: [{DE370066-E614-491B-AE7C-8CC3E28A103A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9145451E-D601-4D46-AFF1-6017F6C5EDA1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F6E13707-6EFB-4A65-8521-B68CBD16AB3C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe

==================== Restore Points =========================

21-08-2018 15:30:00 Windows Update
28-08-2018 19:04:30 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2018 10:34:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (08/28/2018 12:49:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c68

Čas spuštění: 01d43909e2a17334

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 9cea5063-aaaf-11e8-826e-a0d3c15c68b2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/27/2018 05:53:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (08/21/2018 01:33:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (08/18/2018 04:29:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.18460 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 900

Čas spuštění: 01d43198335b2b57

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: dd747ce3-a2f2-11e8-826d-a0d3c15c68b2

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/18/2018 11:33:05 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (08/15/2018 07:45:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 23c8

Čas spuštění: 01d434bee7342141

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: def563bd-a0b2-11e8-826d-a0d3c15c68b2

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (08/12/2018 10:08:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JJOHNY)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (09/04/2018 12:45:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/04/2018 12:45:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (09/04/2018 09:06:57 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (09/04/2018 04:51:30 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (09/03/2018 01:37:13 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (09/03/2018 12:42:42 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (09/03/2018 08:06:19 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (08/25/2018 09:51:07 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM


Windows Defender:
===================================
Date: 2018-09-04 09:08:50.057
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7DF5A494-3EA2-42A2-A2F2-51D4E08F2F83}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-03 12:48:14.211
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6026F33A-FB96-4058-BFD2-09FA2E488688}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-03 08:08:22.969
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F5DF5904-C744-404C-9F38-65DD65557402}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-02 11:38:47.977
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0DAE04F2-7928-4F97-B5E2-3AE4A3075823}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-02 10:39:36.561
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {826112AA-90CE-4DA0-8205-F49BEBDA78B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-11 18:17:50.817
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1000.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-06-11 18:17:50.817
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1000.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-06-11 18:17:49.724
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-06-11 18:17:49.724
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-06-11 18:17:31.373
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.269.1000.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-08-22 06:16:52.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-12 10:02:56.081
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-13 19:22:14.409
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-15 14:03:57.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-11 18:26:30.118
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-29 21:35:19.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-29 19:44:07.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\JIF4B3~1.JJO\AppData\Local\Temp\ndGetUid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-29 19:43:44.100
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\JIF4B3~1.JJO\AppData\Local\Temp\tmpgetid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 37%
Total physical RAM: 7962.15 MB
Available physical RAM: 4965.77 MB
Total Virtual: 9242.15 MB
Available Virtual: 5713.31 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:910.29 GB) (Free:221.17 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.01 GB) (Free:19.95 GB) NTFS

\\?\Volume{a030ccaf-9418-4f49-a490-3f29d6ee63c8}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.12 GB) NTFS
\\?\Volume{054282ce-6fc0-49c0-9d2f-c069a2c8e36e}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9524F76F)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#2 Příspěvek od Rudy »

Zdravím!
Může to být nějaká závada na touchpadu. Zkusíme ale vyčistit. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Re: Prosím o prohlédnutí

#3 Příspěvek od Jjohny »

No touchpad jsem právě zakázal a dělalo i nadále. Problém je, že se to objeví jednou za čas a pak dlouho nic (dneska zrovna 2x nebo 3x), takže otázka jestli promazání pomůže nebo ne. No uvidíme :)

Log:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-04-2018
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Jiří.Jjohny\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1440 octets] - [04/09/2018 21:03:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#4 Příspěvek od Rudy »

Při poruše (elektrické) někdy softwarový zákaz nepomůže. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Re: Prosím o prohlédnutí

#5 Příspěvek od Jjohny »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Jiří (administrator) on JJOHNY (05-09-2018 06:55:52)
Running from C:\Users\Jiří.Jjohny\Desktop
Loaded Profiles: Jiří & (Available Profiles: Jiří)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> uTorrent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [uTorrent] => C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe [1987256 2018-08-29] (BitTorrent Inc.)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Jiří.Jjohny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-07-01] (Gaijin Entertainment)
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [GoogleChromeAutoLaunch_6383DE60B9D9D5792666E3D84EF68514] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1577816 2018-08-08] (Google Inc.)
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [uTorrent] => C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent\uTorrent.exe [1987256 2018-08-29] (BitTorrent Inc.)
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [Gaijin.Net Agent] => C:\Users\Jiří.Jjohny\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-07-01] (Gaijin Entertainment)
HKU\S-1-5-21-156936490-2435032342-93998820-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09052018065552377\...\Run: [GoogleChromeAutoLaunch_6383DE60B9D9D5792666E3D84EF68514] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1577816 2018-08-08] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182600 2018-06-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159712 2018-06-25] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 185.97.254.158 api.facepunch.com
Tcpip\Parameters: [DhcpNameServer] 10.132.12.33 10.132.12.1
Tcpip\..\Interfaces\{800E46F2-D8C9-4B41-878B-7AD010DCA5A3}: [DhcpNameServer] 10.132.12.33 10.132.12.1

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default [2018-09-05]
CHR Extension: (Prezentace) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-11]
CHR Extension: (Dokumenty) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-11]
CHR Extension: (Disk Google) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-11]
CHR Extension: (YouTube) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-11]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-11]
CHR Extension: (Tabulky) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Twitch Now) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2018-09-04]
CHR Extension: (Gmail) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-11]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří.Jjohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2018-03-31] ()
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9936176 2013-11-29] (DisplayLink Corp.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-20] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-01] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-07-29] ()
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-03] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2018-03-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2018-03-03] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-08-24] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3668208 2013-07-29] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-04] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [52328 2018-09-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-04] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [109872 2018-09-05] (Malwarebytes)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-06-24] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-06-24] (NVIDIA Corporation)
S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbnet; C:\Windows\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (HP)
S3 GPU-Z; \??\C:\Users\JIF4B3~1.JJO\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-04 21:05 - 2018-09-04 21:05 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\LocalLow\uTorrent
2018-09-04 21:01 - 2018-09-04 21:03 - 000000000 ____D C:\AdwCleaner
2018-09-04 21:01 - 2018-09-04 21:01 - 007571152 _____ (Malwarebytes) C:\Users\Jiří.Jjohny\Desktop\adwcleaner_7.2.3.1.exe
2018-09-04 19:42 - 2018-09-04 19:43 - 000048189 _____ C:\Users\Jiří.Jjohny\Desktop\Addition.txt
2018-09-04 19:41 - 2018-09-05 06:56 - 000019483 _____ C:\Users\Jiří.Jjohny\Desktop\FRST.txt
2018-09-04 19:40 - 2018-09-05 06:55 - 000000000 ____D C:\FRST
2018-09-04 19:39 - 2018-09-04 19:39 - 002413056 _____ (Farbar) C:\Users\Jiří.Jjohny\Desktop\FRST64.exe
2018-09-04 19:28 - 2018-09-05 06:55 - 000109872 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-04 19:28 - 2018-09-04 21:05 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-04 19:28 - 2018-09-04 21:05 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-04 19:28 - 2018-09-04 21:05 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-04 19:28 - 2018-09-04 19:28 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Local\mbam
2018-09-04 19:27 - 2018-09-04 19:27 - 079352560 _____ (Malwarebytes ) C:\Users\Jiří.Jjohny\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.441-1.0.6623.exe
2018-09-04 19:27 - 2018-09-04 19:27 - 000001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-04 19:27 - 2018-09-04 19:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-04 19:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-03 19:20 - 2018-09-04 12:45 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\2. serie
2018-09-03 19:18 - 2018-09-04 06:13 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Tuningove války 1.serie
2018-09-02 18:36 - 2018-09-02 18:36 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\The Coloring Book by Colin Quinn EPUB
2018-09-02 16:01 - 2018-09-02 23:53 - 000000000 ____D C:\Users\Jiří.Jjohny\Desktop\mandaly
2018-08-31 09:12 - 2018-08-31 09:13 - 489801255 _____ C:\Users\Jiří.Jjohny\Downloads\vyuka.zip
2018-08-26 13:11 - 2018-08-26 13:12 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E04.XviD-AFG
2018-08-26 13:10 - 2018-08-26 13:11 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E02.XviD-AFG
2018-08-26 13:08 - 2018-08-26 13:10 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E01.XviD-AFG
2018-08-26 13:06 - 2018-08-26 13:08 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E03.XviD-AFG
2018-08-26 12:21 - 2018-08-26 16:06 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E06.XviD-AFG
2018-08-26 12:19 - 2018-08-26 14:18 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\www.Torrenting.com - Mary.Berry.Everyday.S01E05.XviD-AFG
2018-08-26 11:02 - 2018-08-26 11:02 - 000000000 ____D C:\Users\Jiří.Jjohny\Desktop\Nová složka
2018-08-25 19:09 - 2018-08-26 11:02 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Mary Berry's Supper for Friends ,Traditional Puddings and Desserts And Baking Bible -Mantesh
2018-08-22 16:24 - 2018-08-22 23:05 - 2374113280 _____ C:\Users\Jiří.Jjohny\Downloads\Kočičí princ.mpg
2018-08-21 15:31 - 2018-03-27 01:24 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2018-08-21 15:30 - 2018-03-27 01:24 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2018-08-21 15:30 - 2018-03-27 01:17 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2018-08-21 15:30 - 2018-03-27 01:17 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2018-08-21 06:32 - 2018-08-04 01:46 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-21 06:32 - 2018-08-04 01:46 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-19 13:17 - 2018-08-19 13:37 - 1099189870 ____R C:\Users\Jiří.Jjohny\Downloads\Tajemstvi.stare.bambitky.TVRip.avi
2018-08-19 13:17 - 2018-08-19 13:17 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Stastny smolar
2018-08-19 13:16 - 2018-08-19 13:34 - 1828552704 ____R C:\Users\Jiří.Jjohny\Downloads\Sedmero.krkavcu.2015.DVDRip.XviD.CZ-TreZzoR.avi
2018-08-19 07:17 - 2018-08-19 07:44 - 782180352 ____R C:\Users\Jiří.Jjohny\Downloads\Duch nad zlato 2013.avi
2018-08-18 13:02 - 2018-08-21 18:38 - 1542287712 ____R C:\Users\Jiří.Jjohny\Downloads\Svatojansky.venecek.tvrip.576p.TROJAN.mp4
2018-08-18 12:09 - 2018-08-18 12:19 - 1884628992 ____R C:\Users\Jiří.Jjohny\Downloads\Rachanda.2016.DVDRip.XviD.CZ-TreZzoR.avi
2018-08-18 11:45 - 2018-08-18 11:53 - 740923392 ____R C:\Users\Jiří.Jjohny\Downloads\Vánoční.prázdniny_whv.avi
2018-08-18 11:34 - 2018-08-18 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-08-18 11:17 - 2018-08-18 11:59 - 945782350 ____R C:\Users\Jiří.Jjohny\Downloads\Jack Frost.mkv
2018-08-18 11:16 - 2018-08-18 11:31 - 1718075392 ____R C:\Users\Jiří.Jjohny\Downloads\Mrazík.avi
2018-08-17 13:55 - 2018-08-17 13:55 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kazatel - Preacher 2. série (CZ)[WebRip][HEVC][1080p]
2018-08-15 19:37 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 19:37 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 19:37 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 19:37 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 19:37 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 19:37 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 19:37 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 19:37 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 19:37 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 19:37 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 19:37 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 19:37 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 19:37 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 19:37 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 19:37 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 19:37 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 19:37 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-15 19:37 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 19:37 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 19:37 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 19:37 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 19:37 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 19:37 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-15 19:37 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 19:37 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 19:37 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 19:37 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 19:37 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 19:37 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 19:37 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-15 19:37 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 19:37 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 19:37 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 19:37 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 19:37 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 19:37 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-15 19:37 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 19:37 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 19:37 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 19:37 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 19:37 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 19:37 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-15 19:37 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-15 19:37 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 19:37 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 19:37 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 19:37 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 19:37 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 19:37 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 19:37 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 19:37 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 19:37 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 19:37 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-15 19:37 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 19:37 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-15 19:37 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 19:37 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-15 19:37 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-15 19:37 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-15 19:37 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-15 19:37 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-15 19:37 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-11 14:33 - 2018-08-24 15:15 - 1468557312 ____R C:\Users\Jiří.Jjohny\Downloads\Zázrak v New Yorku CZ.avi
2018-08-11 13:25 - 2018-08-11 13:38 - 822515712 ____R C:\Users\Jiří.Jjohny\Downloads\rolnicky.kam.se.podivas.1996.DivX.x264.MP3.CZ.SK-DeSOLate.avi
2018-08-11 13:05 - 2018-08-11 13:31 - 1712447488 ____R C:\Users\Jiří.Jjohny\Downloads\Polarni Expres.avi
2018-08-11 13:04 - 2018-08-11 13:24 - 1756362752 ____R C:\Users\Jiří.Jjohny\Downloads\Andel.pane.2.CZ.dabing.avi
2018-08-11 13:03 - 2018-08-11 13:25 - 1644101632 ____R C:\Users\Jiří.Jjohny\Downloads\Anděl Páně.avi
2018-08-11 10:59 - 2018-08-11 10:59 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kůň pro Winky - Paard van sinterklaas 1+2 [webrip]
2018-08-11 10:55 - 2018-08-11 11:56 - 1098309467 _____ C:\Users\Jiří.Jjohny\Downloads\Strašidelné vánoce - Scrooged (1988) Tit. Cz.mp4
2018-08-11 10:54 - 2018-08-11 14:50 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Snoopy o vánocích
2018-08-11 10:23 - 2018-08-11 10:41 - 1655853056 ____R C:\Users\Jiří.Jjohny\Downloads\Bad.Santa.2.2016.Theatrical.BDRip.XviD.CZ.avi
2018-08-11 10:23 - 2018-08-11 10:36 - 755638272 ____R C:\Users\Jiří.Jjohny\Downloads\Santa je úchyl.avi
2018-08-11 10:20 - 2018-08-11 11:49 - 1608740286 _____ C:\Users\Jiří.Jjohny\Downloads\Letos nepeču - Rod.Komedie - USA - 2010 - cz.avi
2018-08-09 13:48 - 2018-08-09 13:48 - 000000000 ___RD C:\Users\Jiří.Jjohny\AppData\Roaming\Brother
2018-08-09 13:48 - 2018-08-09 13:48 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\LocalLow\Brother
2018-08-08 20:38 - 2018-08-08 21:45 - 1246418944 _____ C:\Users\Jiří.Jjohny\Downloads\Never-back-down-2-CZ-TITULKY-(nikdy-to-nevzdávej-2).avi
2018-08-08 13:57 - 2018-08-08 14:56 - 1049131008 _____ C:\Users\Jiří.Jjohny\Downloads\Coach Carter (2005 CZdab)..avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-04 21:06 - 2018-02-12 00:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-04 21:06 - 2018-02-11 11:06 - 000000000 ____D C:\Users\Jiří.Jjohny\OneDrive
2018-09-04 21:05 - 2018-07-27 16:45 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-09-04 21:05 - 2018-02-11 12:17 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-04 21:05 - 2018-02-11 11:50 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Roaming\uTorrent
2018-09-04 21:04 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-04 20:45 - 2018-02-11 11:11 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-156936490-2435032342-93998820-1001
2018-09-04 19:49 - 2018-02-11 22:22 - 000000000 ____D C:\Users\Jiří.Jjohny\AppData\Local\CrashDumps
2018-09-04 19:36 - 2018-03-01 17:27 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-09-04 19:23 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-04 17:28 - 2018-02-11 11:07 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B70EF4B-CEA4-4411-A4E2-604621121022}
2018-09-04 11:10 - 2018-03-02 21:28 - 000696832 ___SH C:\Users\Jiří.Jjohny\Downloads\Thumbs.db
2018-09-02 23:53 - 2018-02-12 16:27 - 000541184 ___SH C:\Users\Jiří.Jjohny\Desktop\Thumbs.db
2018-08-30 19:43 - 2014-11-21 06:53 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-30 19:43 - 2014-11-21 06:10 - 000735548 _____ C:\Windows\system32\perfh005.dat
2018-08-30 19:43 - 2014-11-21 06:10 - 000149356 _____ C:\Windows\system32\perfc005.dat
2018-08-30 19:43 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-22 14:12 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-21 15:36 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-21 06:32 - 2013-08-22 16:44 - 005102664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-21 06:26 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-18 11:37 - 2018-05-29 19:07 - 000000000 ____D C:\Program Files (x86)\nodongle.biz
2018-08-18 11:37 - 2018-02-15 17:52 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-08-17 06:25 - 2018-08-03 22:18 - 000000000 ____D C:\Users\Jiří.Jjohny\Downloads\Kazatel = Preacher 1. série (2016)(CZ+EN)
2018-08-16 07:09 - 2018-02-15 20:50 - 000000000 ____D C:\Windows\system32\MRT
2018-08-16 07:06 - 2018-02-15 20:50 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-15 17:59 - 2018-02-11 12:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-12 20:26 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-12 13:15 - 2018-04-24 18:08 - 000000000 ___RD C:\Users\Jiří.Jjohny\Documents\Scanned Documents
2018-08-11 19:23 - 2018-08-05 08:38 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-08-09 08:35 - 2018-02-11 11:10 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-02-12 16:53 - 2018-03-16 21:09 - 000000132 _____ () C:\Users\Jiří.Jjohny\AppData\Roaming\Adobe Formát PNG CS6 – předvolby

Some files in TEMP:
====================
2018-08-05 08:57 - 2018-06-21 11:50 - 000826376 _____ (BlueStack Systems, Inc.) C:\Users\Jiří.Jjohny\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2018-08-05 08:57 - 2018-06-21 11:50 - 000421344 _____ (CodeTitans) C:\Users\Jiří.Jjohny\AppData\Local\Temp\JSON.dll

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-04 09:06

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [AdobeBridge] => [X]
S3 GPU-Z; \??\C:\Users\JIF4B3~1.JJO\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
C:\Users\Jiří.Jjohny\AppData\Local\Temp
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
Task: {0FF36513-AD16-49C2-B35F-72CABC57DE92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)
Task: {9BDA81FD-365E-4B46-AD56-E03E059BCAB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Re: Prosím o prohlédnutí

#7 Příspěvek od Jjohny »

No jelikož se mi teď podařilo pohnout touchpadem (byl deaktivovaný a teď zase není) a začalo to dělat, tak jste měl pravdu. Myslíte, že bude stačit ho vypnout v BIOSu (jestli to půjde), nebo budu muset na tvrdo oddělat drát k základovce?

Každopádně díky za pročištění od breberek.


Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Jiří (05-09-2018 16:29:18) Run:1
Running from C:\Users\Jiří.Jjohny\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-156936490-2435032342-93998820-1001\...\Run: [AdobeBridge] => [X]
S3 GPU-Z; \??\C:\Users\JIF4B3~1.JJO\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
C:\Users\Ji��.Jjohny\AppData\Local\Temp
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
Task: {0FF36513-AD16-49C2-B35F-72CABC57DE92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)
Task: {9BDA81FD-365E-4B46-AD56-E03E059BCAB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-11] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-156936490-2435032342-93998820-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKLM\System\CurrentControlSet\Services\GPU-Z" => removed successfully
GPU-Z => service removed successfully
"C:\Users\Ji��.Jjohny\AppData\Local\Temp" => not found
C:\Windows\SysWOW64\dlumd10.dll => moved successfully
C:\Windows\SysWOW64\dlumd11.dll => moved successfully
C:\Windows\SysWOW64\dlumd9.dll => moved successfully
C:\Windows\System32\dlumd10.dll => moved successfully
C:\Windows\System32\dlumd11.dll => moved successfully
C:\Windows\System32\dlumd9.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FF36513-AD16-49C2-B35F-72CABC57DE92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FF36513-AD16-49C2-B35F-72CABC57DE92}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BDA81FD-365E-4B46-AD56-E03E059BCAB4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BDA81FD-365E-4B46-AD56-E03E059BCAB4}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15153683 B
Java, Flash, Steam htmlcache => 375836464 B
Windows/system/drivers => 30036396 B
Edge => 0 B
Chrome => 945248693 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 24468 B
systemprofile32 => 0 B
LocalService => 6558 B
NetworkService => 598290 B
Jiří.Jjohny => 463055482 B
UpdatusUser => 0 B

RecycleBin => 427508064 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:29:44 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Re: Prosím o prohlédnutí

#9 Příspěvek od Jjohny »

Mrkněte na začátek předchozího komentáře.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#10 Příspěvek od Rudy »

Pardon, přehlédl jsem. Pokud to bude stačit v biosu (jde to jen u některých modelů), vypněte tam. V opačném případě budete muset natvrdo odpojit páskový kablík k touchpadu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Jjohny
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 22 pro 2011 21:37

Re: Prosím o prohlédnutí

#11 Příspěvek od Jjohny »

Super, moc díky, můžete zamknout.
Hezký den :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o prohlédnutí

#12 Příspěvek od Rudy »

I vám hezký den a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“