Podezření na havěť, win7

[drakuba]

Zdravím,
PC mi začal nedávno blbnout, pomaleji načítá prohlížeč a otevírá/zavírá nové záložky. To byl signál pro mě že je něco jinak než má. Občas i přeskakovala myš, jako by lagovala a zhasla mi klávesnice, kterou ovládá stejný software jako mou myš. Avira mi nic nenašla

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by Drakuba (administrator) on DRAKUBA-NB (Micro-Star International Co., Ltd. GE70 2PE) (30-01-2020 02:23:50)
Running from C:\Users\Drakuba\Desktop
Loaded Profiles: Drakuba (Available Profiles: Drakuba)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\RealTimeProtector.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros) [File not signed] C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3523344 2019-06-03] (IObit Information Technology -> IObit)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {10fdefd4-3c37-11e6-957d-303a64fb21ba} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {66bfb44c-7e3a-11e4-a897-806e6f6e6963} - F:\CDSetup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D00AE86-E9F9-43A0-82A4-79EBA59183E2}] -> C:\Program Files (x86)\Avira\Scout\Application\59.0.3071.2851\Installer\chrmstp.exe [2017-07-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [187152 2015-09-06] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165712 2015-09-06] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-06-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18B38D4D-6F18-4A80-8918-40D391BCE4AD} - System32\Tasks\ASCU12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [3148560 2019-05-20] (IObit Information Technology -> IObit)
Task: {25AA5207-9FB8-4406-9442-7B969492C521} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [498976 2016-06-06] (IObit Information Technology -> IObit)
Task: {28D65957-BF3B-43DE-B122-436B411A7378} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [226512 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2E96BE74-6532-467C-AB25-DB40D54176FF} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5CC0EB80-F20A-4CBA-8F0D-C12465D587C1} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {691B3FEC-7A10-4740-96F6-911E1953CC7F} - System32\Tasks\ASCU12_SkipUac_Drakuba => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [8707344 2019-08-21] (IObit Information Technology -> IObit)
Task: {6AA3D0AE-605C-4829-9966-2627EEAB50D0} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27892072 2020-01-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {6BECA1A9-976B-4FFF-9BED-995024CFCD08} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7376C41B-E699-48F2-84F2-67A7A41F30F4} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2017-03-10] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {80B02AD8-6A01-4C60-9CB2-6AFC01AC3685} - System32\Tasks\Uninstaller_SkipUac_Drakuba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {8ACA9EA4-3903-42A4-93E4-4FBD25B67815} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5386528 2016-11-21] (IObit Information Technology -> IObit)
Task: {97EB8576-5E35-4EFE-AA2C-925F1E103976} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A0DCE2A9-51A1-4B94-9C4D-1F32E54B8254} - System32\Tasks\{577540C1-2EC4-44D2-8E96-5F7BCA94C9FB} => C:\Windows\system32\pcalua.exe -a "D:\Games\Halo 2\StartUp.exe" -c /tnp:/remove
Task: {DCB58E37-9411-4159-B958-0C6CF03837AC} - System32\Tasks\Driver Booster SkipUAC (Drakuba) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-11-14] (IObit Information Technology -> IObit)
Task: {EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2848032 2016-07-22] (IObit Information Technology -> IObit)
Task: {F37AF294-0872-4997-B405-986477E1CF0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.77.0.1 10.77.1.1
Tcpip\..\Interfaces\{A2BF613E-A52B-442A-BA1D-BF756F047947}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{AF6135CC-391C-4B3C-8B08-FA5B552952F6}: [DhcpNameServer] 10.77.0.1 10.77.1.1
Tcpip\..\Interfaces\{F4BBCDC0-D514-47D8-B823-77D7D4495E08}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2019-03-28] (IObit Information Technology -> IObit)

FireFox:
========
FF DefaultProfile: PuXmwa9H.default
FF ProfilePath: C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default [2020-01-30]
FF user.js: detected! => C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\user.js [2018-05-19]
FF Session Restore: Mozilla\Firefox\Profiles\PuXmwa9H.default -> is enabled.
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2019-03-26]
FF Extension: (Battletag for Battlelog™) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\battletag@jeremejevs.com.xpi [2016-10-23] [Legacy]
FF Extension: (User-Agent Switcher) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-01-11]
FF Extension: (No Name) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: BYOND -> D:\Male hry\Space Station 13\bin\npbyond.dll [2008-07-08] (BYOND) [File not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1271056 2019-08-12] (IObit Information Technology -> IObit)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1740560 2019-01-02] (IObit Information Technology -> IObit)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [379624 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [240408 2020-01-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-04-09] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-11-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG Limited -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6532664 2016-03-17] (GOG Limited -> GOG.com)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2130192 2018-04-24] (IObit Information Technology -> IObit)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-09-01] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] (Intel Corporation-Mobile Wireless Group -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2142728 2016-10-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2209296 2016-10-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-10-23] (Even Balance, Inc. -> )
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [File not signed]
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-05-21] (Tages SA -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80560 2014-02-28] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2020-01-30] (CPUID -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-01-27] (Echobit, LLC -> Echobit, LLC)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [26968 2019-02-01] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-19] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2016-03-16] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [161488 2014-03-05] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2018-03-20] (IObit Information Technology -> IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2018-03-20] (IObit Information Technology -> IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [19856 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [33240 2018-04-04] (IObit Information Technology -> IObit.com)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [125488 2016-03-16] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-05-21] (Tages SA -> )
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3415304 2016-03-16] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2016-03-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2018-03-20] (IObit Information Technology -> IObit.com)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [758488 2016-03-16] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-05-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\DRIVERS\SAlphaPS264.sys [27520 2014-05-16] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2017-06-09] (SpeedJet Technology INC.) [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2014-12-29] (Duplex Secure Ltd -> Duplex Secure Ltd.)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2019-02-01] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [46520 2019-02-01] (SteelSeries ApS -> SteelSeries ApS)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (Bitdefender SRL -> BitDefender S.R.L.)
S3 IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-30 02:23 - 2020-01-30 02:24 - 000034265 _____ C:\Users\Drakuba\Desktop\FRST.txt
2020-01-30 02:22 - 2020-01-30 02:24 - 000000000 ____D C:\FRST
2020-01-30 02:20 - 2020-01-30 02:20 - 002581504 _____ (Farbar) C:\Users\Drakuba\Desktop\FRST64.exe
2020-01-28 23:00 - 2020-01-28 23:00 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-27 22:49 - 2020-01-27 22:49 - 000000000 ____D C:\Users\Public\Security Sessions
2020-01-27 22:43 - 2020-01-27 22:43 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-01-27 22:43 - 2020-01-27 22:43 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-01-27 22:43 - 2020-01-27 22:43 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-25 03:49 - 2020-01-25 05:06 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\AirshipsGame
2020-01-11 21:49 - 2020-01-11 21:49 - 706491402 _____ C:\Windows\MEMORY.DMP
2020-01-11 21:49 - 2020-01-11 21:49 - 000332200 _____ C:\Windows\Minidump\011120-8564-01.dmp
2020-01-11 20:18 - 2020-01-11 20:19 - 000000017 _____ C:\Users\Drakuba\Desktop\mwll servers TS.txt
2020-01-09 23:31 - 2020-01-09 23:31 - 000000000 ____H C:\asc_rdflag
2020-01-08 11:21 - 2020-01-08 11:21 - 000035664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\phantomtap.sys
2019-12-07 22:00 - 2019-12-07 22:00 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2019-12-04 14:57 - 2019-12-04 14:57 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\Interactive Fate
2019-12-03 17:32 - 2019-12-03 17:32 - 000000000 __RHD C:\Users\Drakuba\AppData\Roaming\SecuROM
2019-11-29 09:44 - 2019-11-29 09:44 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\MASSDMG
2019-11-23 17:20 - 2019-11-23 17:20 - 000000000 ____D C:\ProgramData\Ubisoft
2019-11-22 23:04 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\MMFApplications
2019-11-18 16:25 - 2019-11-22 22:14 - 000000000 ____D C:\Users\Drakuba\AppData\Local\Forager
2019-11-15 22:28 - 2019-11-15 22:28 - 000002234 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2019-11-15 22:28 - 2019-11-15 22:28 - 000002234 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2019-11-15 22:28 - 2019-11-15 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2019-11-10 10:57 - 2019-12-23 16:33 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\Running with rifles
2019-11-10 10:57 - 2019-11-10 10:57 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2019-11-10 10:57 - 2019-11-10 10:57 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2019-11-10 10:57 - 2019-11-10 10:57 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2019-11-10 10:57 - 2019-11-10 10:57 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2019-11-10 10:57 - 2019-11-10 10:57 - 000000000 ____D C:\Program Files (x86)\OpenAL
2019-11-09 20:12 - 2019-11-09 20:12 - 000000000 ____D C:\Program Files\Combined Community Codec Pack 64bit
2019-11-09 18:23 - 2019-12-07 19:39 - 000000000 ____D C:\Users\Drakuba\AppData\Local\Eushully

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-30 02:02 - 2011-04-12 09:34 - 000680338 _____ C:\Windows\system32\perfh005.dat
2020-01-30 02:02 - 2011-04-12 09:34 - 000142942 _____ C:\Windows\system32\perfc005.dat
2020-01-30 02:02 - 2009-07-14 06:13 - 001648198 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-30 02:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-30 02:00 - 2019-05-23 14:00 - 000002850 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Drakuba)
2020-01-30 02:00 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-30 02:00 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-30 01:56 - 2019-06-21 14:38 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\steelseries-engine-3-client
2020-01-30 01:56 - 2018-08-21 01:11 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\Mozilla
2020-01-30 01:55 - 2014-12-07 20:49 - 000000000 __SHD C:\Users\Drakuba\IntelGraphicsProfiles
2020-01-30 01:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-29 23:39 - 2017-04-10 16:28 - 000000000 ____D C:\Users\Drakuba\AppData\Local\Avira
2020-01-28 22:59 - 2016-01-30 22:47 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\uTorrent
2020-01-28 22:58 - 2009-07-14 05:45 - 000280488 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-28 04:42 - 2017-09-30 15:31 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-01-28 03:20 - 2014-12-07 20:27 - 000059672 _____ C:\Users\Drakuba\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-27 22:43 - 2017-04-08 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-27 22:43 - 2017-04-08 20:54 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-27 22:43 - 2014-12-07 21:19 - 000000000 ____D C:\ProgramData\Avira
2020-01-27 22:33 - 2014-12-07 20:19 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-26 16:28 - 2015-07-20 15:59 - 000000000 ____D C:\ProgramData\ProductData
2020-01-24 18:55 - 2014-12-21 03:18 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\vlc
2020-01-23 16:08 - 2017-01-22 11:47 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\discord
2020-01-17 14:20 - 2019-06-17 14:01 - 000002321 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 12.lnk
2020-01-17 14:20 - 2019-06-17 14:01 - 000002321 _____ C:\ProgramData\Desktop\Advanced SystemCare Ultimate 12.lnk
2020-01-11 21:49 - 2016-12-05 17:38 - 000000000 ____D C:\Windows\Minidump
2020-01-11 21:41 - 2016-12-17 18:28 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\TS3Client
2020-01-09 23:31 - 2015-12-19 16:33 - 087195648 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 087195648 _____ C:\Windows\system32\config\SOFTWARE.iodefrag
2020-01-09 23:31 - 2015-12-19 16:33 - 000253952 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 000065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 000024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak

==================== Files in the root of some directories ========

2014-12-07 20:42 - 2014-12-07 20:42 - 000000000 _____ () C:\Users\Drakuba\AppData\Local\Driver_LOM_8161Present.flag

==================== SigCheckExt =========================

2015-10-15 19:11 - 2015-10-15 19:13 - 020546560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atig6pxx.dll
2015-10-21 10:33 - 2015-10-21 08:33 - 000385024 _____ (CANON INC.) C:\Windows\system32\CNMLM99.DLL
2014-03-04 12:53 - 2014-03-04 12:53 - 000113664 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\kstat.exe
2014-12-07 21:15 - 2014-11-06 18:06 - 001715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-07 20:35 - 2014-11-06 18:06 - 002800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-12-08 21:56 - 1998-01-23 11:22 - 000304128 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
1999-10-15 17:07 - 1999-10-15 17:07 - 001105408 _____ (3dfx Interactive, Inc.) C:\Windows\SysWOW64\3DfxSpl.dll
1999-10-15 17:14 - 1999-10-15 17:14 - 001105408 _____ (3dfx Interactive, Inc.) C:\Windows\SysWOW64\3DfxSpl2.dll
1999-10-15 17:21 - 1999-10-15 17:21 - 001105408 _____ (3dfx Interactive, Inc.) C:\Windows\SysWOW64\3DfxSpl3.dll
2013-08-21 08:16 - 2013-08-21 08:16 - 000053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-12-08 22:00 - 1998-09-02 09:28 - 001088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\danim.dll
2014-09-01 11:04 - 2014-09-01 11:04 - 000250368 _____ C:\Windows\SysWOW64\DeviceCount.exe
2016-12-08 22:00 - 1998-08-27 05:51 - 000182032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft3.dll
2017-12-17 19:03 - 2017-12-17 19:03 - 001527808 _____ (3Dfx Interactive, Inc.) C:\Windows\SysWOW64\glide.dll
2017-12-17 19:04 - 2017-12-17 19:04 - 001617920 _____ (3Dfx Interactive, Inc.) C:\Windows\SysWOW64\glide2x.dll
2017-12-17 19:04 - 2017-12-17 19:04 - 001712128 _____ (3dfx Interactive, Inc.) C:\Windows\SysWOW64\glide3x.dll
2013-08-27 14:00 - 2013-08-27 14:00 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll
2016-12-08 22:00 - 1998-09-02 09:28 - 000155408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LMRT.dll
2016-12-08 22:00 - 1998-09-02 09:28 - 000038160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LMRTREND.dll
2014-09-01 11:04 - 2014-09-01 11:04 - 000003584 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\msiapcfg.dll
2019-05-10 20:42 - 1997-01-22 20:26 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL
2019-05-10 20:42 - 1997-05-09 15:03 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrtd.dll
2017-12-11 17:12 - 2017-12-11 17:12 - 000348160 _____ (Zeus Software) C:\Windows\SysWOW64\nglide_config.exe
2019-05-10 20:53 - 2019-05-10 20:55 - 000060809 _____ C:\Windows\SysWOW64\nglide_uninst.exe
2014-12-07 21:15 - 2014-11-06 18:06 - 001291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-07 20:35 - 2014-11-06 18:06 - 002197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-12-08 22:00 - 1998-09-02 09:02 - 000194320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcut.dll
2016-12-08 22:00 - 1998-08-20 11:38 - 000217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\strmdll.dll
2016-12-08 22:00 - 1998-09-02 09:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unam4ie.exe
2016-12-08 22:00 - 1998-08-17 10:21 - 000010240 _____ C:\Windows\SysWOW64\vidx16.dll
2016-12-08 22:00 - 2016-12-08 22:00 - 000002272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf16.dll
2016-12-08 22:00 - 2016-12-08 22:00 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w95inf32.dll
2015-10-01 02:57 - 2005-12-22 15:32 - 000235008 _____ C:\Windows\SysWOW64\Winlie.exe
2013-12-20 09:38 - 2013-12-20 09:38 - 000041984 ____R (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2020-01-30 02:20 - 2020-01-30 02:20 - 002581504 _____ (Farbar) C:\Users\Drakuba\Desktop\FRST64.exe
2015-10-15 17:08 - 2015-10-15 17:08 - 000040960 _____ (Monstrmoose.com) C:\Users\Drakuba\Desktop\H2VWin7Fix.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Spravce spou?t?ni systemu Windows
--------------------
identifikator {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {580e885b-7e3a-11e4-9bb0-c01cac5d2d46}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Zavad?ci program pro spou?t?ni systemu Windows
-------------------
identifikator {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {580e885d-7e3a-11e4-9bb0-c01cac5d2d46}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {580e885b-7e3a-11e4-9bb0-c01cac5d2d46}
nx OptIn

Zavad?ci program pro spou?t?ni systemu Windows
-------------------
identifikator {580e885d-7e3a-11e4-9bb0-c01cac5d2d46}
device ramdisk=[C:]\Recovery\580e885d-7e3a-11e4-9bb0-c01cac5d2d46\Winre.wim,{580e885e-7e3a-11e4-9bb0-c01cac5d2d46}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\580e885d-7e3a-11e4-9bb0-c01cac5d2d46\Winre.wim,{580e885e-7e3a-11e4-9bb0-c01cac5d2d46}
systemroot \windows
nx OptIn
winpe Yes

Obnoveni z hibernace
---------------------
identifikator {580e885b-7e3a-11e4-9bb0-c01cac5d2d46}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testovani pam?ti systemu Windows
---------------------
identifikator {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pam?ti systemu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

Nastaveni slu?by EMS
------------
identifikator {emssettings}
bootems Yes

Nastaveni ladiciho programu
-----------------
identifikator {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Chyby pam?ti RAM
-----------
identifikator {badmemory}

Globalni nastaveni
---------------
identifikator {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Nastaveni spou?t?ciho zavad??e
--------------------
identifikator {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Nastaveni hypervisoru
-------------------
identifikator {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Nastaveni zavad??e obnoveni
----------------------
identifikator {resumeloadersettings}
inherit {globalsettings}

Parametry za?izeni
--------------
identifikator {580e885e-7e3a-11e4-9bb0-c01cac5d2d46}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\580e885d-7e3a-11e4-9bb0-c01cac5d2d46\boot.sdi


LastRegBack: 2020-01-28 00:55
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by Drakuba (30-01-2020 02:26:21)
Running from C:\Users\Drakuba\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-12-07 18:00:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-628811325-4240189017-3329868707-500 - Administrator - Disabled)
Drakuba (S-1-5-21-628811325-4240189017-3329868707-1000 - Administrator - Enabled) => C:\Users\Drakuba
Guest (S-1-5-21-628811325-4240189017-3329868707-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-628811325-4240189017-3329868707-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {0B81F5C2-9C9F-1DB6-0BF9-02BFE6D63BAF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\uTorrent) (Version: 3.4.2.38758 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 12 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 12.3.0 - IObit)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aktualizace NVIDIA 16.13.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.65 - NVIDIA Corporation) Hidden
Antichamber (HKLM\...\UDK-87170479-253d-4fa5-9bdb-bc057283e733) (Version: - Epic Games, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
AutoHotkey 1.1.30.00 (HKLM\...\AutoHotkey) (Version: 1.1.30.00 - Lexikos)
Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.1.20493 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.22.7684 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.0.10836 - Avira Operations GmbH & Co. KG)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
BYOND (HKLM-x32\...\BYOND) (Version: 511.1385 - BYOND)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)
Faasoft Video Converter 5.4.20.6448 (HKLM-x32\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version: - Microsoft Game Studios)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1703.1001 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1703.1001 - Micro-Star International Co., Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.0 - IObit)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
MechWarrior: Living Legends (HKLM-x32\...\{D00139A4-7542-41C4-A0B6-17463E334725}_is1) (Version: 1.0.0 - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
nGlide 2.00 (HKLM-x32\...\nGlide) (Version: 2.00 - Zeus Software)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.82 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{7DFEB62C-05BE-4B8D-B36C-2F8562D50AED}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{F80E65C2-9844-4C4D-BD1F-A6D8AA4F09BC}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (HKLM\...\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
RECOIL (HKLM-x32\...\RECOIL) (Version: - )
SCM (HKLM\...\{F5D84549-523F-438F-8ACC-0944E30EF78C}) (Version: 13.014.09014 - Application)
Sean O'Connor's Windows Games (HKLM-x32\...\Sean O'Connor's Windows Games_is1) (Version: - Sean O'Connor's Windows Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.65 - NVIDIA Corporation) Hidden
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2015.1 - SteelSeries)
SteelSeries Engine 3.15.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.1 - SteelSeries ApS)
Subtitle Workshop 2.50 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.5.0.9 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Vampire - The Masquerade - Bloodlines (HKLM-x32\...\1207659240_is1) (Version: 2.1.0.8 - GOG.com)
Viscera Cleanup Detail: alpha v0.25
(HKLM\...\UDK-b61bdc3c-5e45-4b56-af14-ac7f9e533289) (Version: - RuneStorm
)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warlords Battlecry III (HKLM-x32\...\{93DA8968-092B-4E6F-B568-AB8471952143}) (Version: W4PCA0.8 - )
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (02/03/2011 2.4.0.0) (HKLM\...\88C277C6E63CBDAF35A096E80A5B97A29A619D3A) (Version: 02/03/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Cambridge Silicon Radio Ltd. (USBSPI) USB (01/21/2011 2.4.0.0) (HKLM\...\516F2BEA6007D982DCE90BA1592C17F0FFD75DBA) (Version: 01/21/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Goo (HKLM-x32\...\1421855536_is1) (Version: 2.1.0.2 - GOG.com)
Zandronum (HKLM-x32\...\Zandronum) (Version: 2.1.2 - Zandronum)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-628811325-4240189017-3329868707-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2018-11-02] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2018-11-02] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2018-11-02] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2014-12-29 19:42 - 2010-03-15 11:28 - 000052224 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2015-10-21 10:33 - 2015-10-21 08:33 - 000385024 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM99.DLL
2016-07-14 20:24 - 2015-10-21 08:33 - 000030208 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\CNMPD99.DLL
2019-03-06 19:18 - 2019-03-06 19:18 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-03-06 19:18 - 2019-03-06 19:18 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2019-05-18 16:50 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2009-08-18 10:24 - 2009-08-18 10:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2018-03-26 11:58 - 2018-03-26 11:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2015-09-16 19:13 - 2015-09-16 19:13 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2014-09-01 11:04 - 2014-09-01 11:04 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall MechWarrior: Living Legends.lnk [307]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Drakuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.77.0.1 - 10.77.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{C8C81365-0F17-4CE4-9C1B-880FF175237C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{7A93F552-4A95-4706-931A-9C48770B6DB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24E2941D-643E-4AAD-A042-301C28B5D0D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AF9C4170-A2C1-49A0-B4B3-D7A9FC5FC7AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C43BFD67-57D5-4558-A0BF-27995B842A9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78C926D6-6E14-446C-9DA0-216024DB2B4D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1D4897E-AA4D-4D46-8252-C1B369649A38}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53E212F6-CF48-4D21-A96C-2045D3006D86}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{E740C198-D0A9-4616-936D-9BDEA689B47A}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{F0402390-25B0-47B4-8B8B-375931EF9232}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{E322AA62-C8C5-4F8E-98EF-EF409F781BAD}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{23376C56-7E52-4CCD-A95B-F03D440D607B}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{A2E795CA-1EC6-4418-B67B-24950664CBFF}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{F20C78B6-9FBD-432A-B4D4-4FFB4A24E86D}] => (Allow) D:\Games\Halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33740A50-8E59-4872-B29E-2E06BBED0A62}] => (Allow) D:\Games\Halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A321B55-8A38-42B5-9B35-8B5C7BF3E68F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{105E7462-562E-4216-BF32-B3E3E54864B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{483413FC-6C52-44E0-AFD9-0A301B72A252}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{6D3E770D-2CB7-4343-A30D-163446400FD2}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{575D3C24-4477-4788-B348-59464547031C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{7EE2CA43-0BBB-4A63-9BFE-5890328B6BC2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [TCP Query User{FDD731EC-AD84-46C6-848B-53FA9F9DFDA4}D:\male hry\doom2\zandronum.exe] => (Allow) D:\male hry\doom2\zandronum.exe ( ) [File not signed]
FirewallRules: [UDP Query User{9CEAE7BD-85B9-4D7D-9CB2-CC536775DB55}D:\male hry\doom2\zandronum.exe] => (Allow) D:\male hry\doom2\zandronum.exe ( ) [File not signed]
FirewallRules: [TCP Query User{DAB68E77-3323-4EA6-810A-BBD945F48EBF}D:\games\bf2142\battlefield 2142\bf2142.exe] => (Allow) D:\games\bf2142\battlefield 2142\bf2142.exe (Spencer Sharkey -> )
FirewallRules: [UDP Query User{875DA903-32EA-4B45-A021-AC5C0876FCB8}D:\games\bf2142\battlefield 2142\bf2142.exe] => (Allow) D:\games\bf2142\battlefield 2142\bf2142.exe (Spencer Sharkey -> )
FirewallRules: [{921C2100-47F2-48C2-B2BC-0B90A9774800}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{70D176FD-88E8-44BD-96FF-3B40F7EEA2B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EE005C36-5CE6-4BE8-93F5-81B096F1073B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{58016EA8-F9D6-49D9-8748-60DB9C255DB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{3F577154-63E2-4DA9-B3FA-3096448B56FE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{9AD2C2A1-FA1A-42FE-85AE-79877D4C362B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{AD161915-4475-4E4B-B65E-48F0DBD6CB1E}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3C8380E1-56A6-402D-846C-DDDB2786AA26}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7E3CF55E-7230-40BE-89AF-A1854D61FC5A}] => (Allow) D:\steam\steamapps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{341A119B-D724-4C91-B0A3-7D184D1FE33A}] => (Allow) D:\steam\steamapps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{181FAE81-7F26-4C00-B0AB-7421FB890043}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{69E78C4B-D069-4DF5-BD9C-D666C2ACA34D}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{06F92CE7-B05B-4B27-A2C9-4CDB0809FAAC}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{68488E87-A130-4E51-BEC5-6362439465A9}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{018B2D0B-15E0-40ED-BB02-69CBF7D6ADA4}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{AD7CA8C6-4345-4C40-8762-44DAD7F9A423}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{80A834EC-A8AF-4629-8EE6-8D2B31BB32B1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FC126C67-44F3-4489-A926-F26A90C6BCAD}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D37C51B9-E207-46D7-A4FD-867D3CC084D6}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{24B81E34-9910-48B1-8899-B97F2DA633EA}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6F5A0AC0-87FA-49C6-8085-C07926E8F383}] => (Allow) D:\steam\steamapps\common\King Arthur's Gold\KAG.exe () [File not signed]
FirewallRules: [{77519365-394A-4B6A-83F3-0DB49D155683}] => (Allow) D:\steam\steamapps\common\King Arthur's Gold\KAG.exe () [File not signed]
FirewallRules: [TCP Query User{F13B3CDE-663D-41B6-AB42-E98A5C563C0B}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{38BFA892-3984-4CA8-8B4E-4FAD873E241F}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{89D86063-08F6-425B-BC67-EE849AF9C4D7}] => (Allow) D:\steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{6F712D90-F41B-4854-A0DF-4D13EF5ADC1E}] => (Allow) D:\steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{C7ABFD80-6A95-430A-AA90-8C34824729C4}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{14AB4634-1642-4746-8189-E8F5085336A5}] => (Allow) D:\steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{9167935A-8418-4E67-A608-A300623A8B87}] => (Allow) D:\steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{3C1F6766-6440-4240-9EEC-113C4FDDC8BA}] => (Allow) D:\steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [{7342544E-7BD9-43CC-9134-A8232F435DBD}] => (Allow) D:\steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [{033C09DB-ECB5-4DA5-B5BC-F4F584A12BB1}] => (Allow) D:\steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{0B9BEFA0-0957-4A56-ABD5-E9EF70AF7F55}] => (Allow) D:\steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{50480F5F-B8B9-4F27-9A3C-D3A8C921F44E}] => (Allow) D:\steam\steamapps\common\Heat Signature\Heat_Signature.exe (Suspicious Developments ) [File not signed]
FirewallRules: [{AB151166-6451-43BD-A708-3AE1F5C94C35}] => (Allow) D:\steam\steamapps\common\Heat Signature\Heat_Signature.exe (Suspicious Developments ) [File not signed]
FirewallRules: [{EDDDCC8F-E713-4259-A90D-3C90EE1C1B08}] => (Allow) D:\steam\steamapps\common\Castle Story\castlestory-launcher.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{DED5A036-06E5-4CC3-B0ED-E5E6C2FC2BD4}] => (Allow) D:\steam\steamapps\common\Castle Story\castlestory-launcher.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{2A931538-F3F7-4FED-A6DD-E89D310C4DBD}] => (Allow) D:\steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{764CEB8C-E155-4C04-AF6E-F66FEB78E3A9}] => (Allow) D:\steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{8D87A1C1-9A72-4FAA-8B2D-72FAF6DD153C}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{422D18FE-F7D4-49B2-B9C6-560E0BC75700}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{6FEB0403-99AC-4E0F-88EB-6749576C784F}] => (Allow) D:\steam\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [{B3995163-77EE-4679-8467-1A0B1D733056}] => (Allow) D:\steam\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [TCP Query User{2DBEDB2B-56AC-4FA1-934D-356D9F0D732B}E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe] => (Block) E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe () [File not signed]
FirewallRules: [UDP Query User{1F039DF6-0AD5-4C07-B8D4-F75AD5EFEE5E}E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe] => (Block) E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe () [File not signed]
FirewallRules: [{E2DC28C7-80B7-4BB8-A67E-DEDC798955B2}] => (Allow) D:\steam\steamapps\common\Tricky Towers\TrickyTowers.exe () [File not signed]
FirewallRules: [{CB88D854-A315-4B7E-920D-42417ED7DD02}] => (Allow) D:\steam\steamapps\common\Tricky Towers\TrickyTowers.exe () [File not signed]
FirewallRules: [{79D5D5D0-169D-4F6C-A1F4-C78CD7E3395B}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [{D4DDE868-DD69-4D10-9BEE-AFE7972054DB}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [TCP Query User{0E0F1E52-3470-4A3A-BE0F-EE08233C0A52}D:\male hry\space station 13\bin\byond.exe] => (Allow) D:\male hry\space station 13\bin\byond.exe ( ) [File not signed]
FirewallRules: [UDP Query User{F8BE6406-5116-437C-8153-6AE873E1E2B1}D:\male hry\space station 13\bin\byond.exe] => (Allow) D:\male hry\space station 13\bin\byond.exe ( ) [File not signed]
FirewallRules: [{6D057606-590C-4C4D-87F0-72576DEBDA56}] => (Allow) D:\steam\steamapps\common\DEADBOLT\deadbolt_game.exe ( ) [File not signed]
FirewallRules: [{676DD410-BA18-4281-9D8A-F09C38BF65BC}] => (Allow) D:\steam\steamapps\common\DEADBOLT\deadbolt_game.exe ( ) [File not signed]
FirewallRules: [TCP Query User{31A702BA-270E-41BA-AA20-2BD7C99042A4}D:\games\mwll\bin64\crysis.exe] => (Allow) D:\games\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{26D19209-B9F2-44FE-B596-AFD75052753E}D:\games\mwll\bin64\crysis.exe] => (Allow) D:\games\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [TCP Query User{564BEE3D-D170-453F-9FC9-780E9F2A89AF}D:\male hry\tumbleseed\tumbleseed.exe] => (Block) D:\male hry\tumbleseed\tumbleseed.exe () [File not signed]
FirewallRules: [UDP Query User{13FDC848-7CF7-4A19-B082-96181951177C}D:\male hry\tumbleseed\tumbleseed.exe] => (Block) D:\male hry\tumbleseed\tumbleseed.exe () [File not signed]
FirewallRules: [TCP Query User{E89C938B-2CE1-40FE-A766-571B48214E8B}C:\program files (x86)\vlc\vlc.exe] => (Block) C:\program files (x86)\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3945F989-F92F-40C8-B9BC-4FEC5A17F9DD}C:\program files (x86)\vlc\vlc.exe] => (Block) C:\program files (x86)\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{58353E8E-8DB4-4EA9-A7BE-DE3D4C894FF3}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B752F2E8-55CC-4F20-B2AA-F85FD2069745}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{29BB622B-0083-4853-ACEA-03D2538577EF}] => (Allow) D:\steam\steamapps\common\Reus\Reus.exe (Abbey Games BV) [File not signed]
FirewallRules: [{F8BAB061-AA11-4F24-AFEE-BC000BCCC26A}] => (Allow) D:\steam\steamapps\common\Reus\Reus.exe (Abbey Games BV) [File not signed]
FirewallRules: [TCP Query User{19164D3B-7E1E-4613-80D3-000F48404B3D}D:\mwll\bin64\crysis.exe] => (Allow) D:\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{6BC6ADFA-3A97-4455-A868-E80A6AD19DB6}D:\mwll\bin64\crysis.exe] => (Allow) D:\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [{5B6423FA-3479-410D-96D4-7EBAA0738158}] => (Allow) D:\steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [{A09F26AC-2CA7-4053-8CF4-25AB9AA4AE06}] => (Allow) D:\steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [{A4882BA1-4E6C-4010-ACB5-126DE7A137FE}] => (Allow) D:\steam\steamapps\common\Poly Bridge\polybridge.exe () [File not signed]
FirewallRules: [{40D0418F-99A5-4A3E-9E19-BBBF67D067A4}] => (Allow) D:\steam\steamapps\common\Poly Bridge\polybridge.exe () [File not signed]
FirewallRules: [{9B996178-D5A1-4CAA-AAD6-EA390328D22B}] => (Allow) D:\steam\steamapps\common\SunlessSea\Sunless Sea.exe () [File not signed]
FirewallRules: [{B2A26293-430B-45E3-A6DA-B9CA59205E40}] => (Allow) D:\steam\steamapps\common\SunlessSea\Sunless Sea.exe () [File not signed]
FirewallRules: [{27352122-E882-4785-B6AA-7A6FEC4BCB3A}] => (Allow) D:\steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [{128C7E2B-2E90-4CA7-8155-BE5B3EA28A32}] => (Allow) D:\steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [TCP Query User{CF3A1515-CAD4-4915-8EE3-EA9BBF63E617}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{8061E5F7-B804-49FF-BF1C-DC2EB7724B9F}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{79A521E6-00C6-4591-B7AB-B72A09510C09}] => (Allow) D:\steam\steamapps\common\When Ski Lifts Go Wrong\When Ski Lifts Go Wrong.exe () [File not signed]
FirewallRules: [{65B42AC9-B3A5-4092-9759-50012F382F69}] => (Allow) D:\steam\steamapps\common\When Ski Lifts Go Wrong\When Ski Lifts Go Wrong.exe () [File not signed]
FirewallRules: [{700C026C-87A2-4979-A144-E224D111356C}] => (Allow) D:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{F595B7B9-5961-4990-BF87-36A074691254}] => (Allow) D:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{A6D35DEE-3158-4223-BD31-32172A7F7D3C}] => (Allow) D:\steam\steamapps\common\Massive Chalice\MC.exe () [File not signed]
FirewallRules: [{C5D57D7E-4A26-484B-8676-1D549E545479}] => (Allow) D:\steam\steamapps\common\Massive Chalice\MC.exe () [File not signed]
FirewallRules: [{87F9F654-2837-434E-A780-5EA18C8D69DE}] => (Allow) D:\steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{738E02A8-5238-4E27-A100-8983555D0D76}] => (Allow) D:\steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{16CC304D-648D-4B67-884F-5C7F47C9520A}] => (Allow) D:\steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{0820A00C-D701-4E9B-AB92-62AEB04AAFE9}] => (Allow) D:\steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{343B79CB-C253-4854-84B9-684F663598C5}] => (Allow) D:\steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{D133E5D8-0764-45D2-824F-CEB1EBAB61B7}] => (Allow) D:\steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [TCP Query User{0B4ED57B-A50C-4270-961F-3A908067BF4C}D:\steam\steamapps\common\castle story\castle story.exe] => (Allow) D:\steam\steamapps\common\castle story\castle story.exe () [File not signed]
FirewallRules: [UDP Query User{742C7BE9-0ECE-47F1-91C7-3E75E37B9B59}D:\steam\steamapps\common\castle story\castle story.exe] => (Allow) D:\steam\steamapps\common\castle story\castle story.exe () [File not signed]
FirewallRules: [TCP Query User{80D72567-5B70-4D81-BD2F-1F56A7D234D0}D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{0D9D7D36-377A-49DF-A7D2-62A1D8D4EEC4}D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{99FD84D4-E5FB-46ED-B7E8-BC8EE3892D4E}G:\antichamber\binaries\win32\udk.exe] => (Block) G:\antichamber\binaries\win32\udk.exe No File
FirewallRules: [UDP Query User{61FB5FCD-8FB3-497F-9230-949F22704021}G:\antichamber\binaries\win32\udk.exe] => (Block) G:\antichamber\binaries\win32\udk.exe No File
FirewallRules: [{F814009F-D111-4726-9B29-1718EB5B28EC}] => (Allow) D:\steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{1EF33C23-26A2-48E9-87DC-2ACBE307C2EA}] => (Allow) D:\steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{C6C8C735-F766-4721-8BAF-D601460163A6}] => (Allow) D:\steam\steamapps\common\Lonk's Adventure\Reventure.exe () [File not signed]
FirewallRules: [{EF406C78-A7EB-42BB-ADAF-F3DCBD9559B3}] => (Allow) D:\steam\steamapps\common\Lonk's Adventure\Reventure.exe () [File not signed]
FirewallRules: [{4197D852-F637-4B87-924F-B7AC2CA55649}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{88851EB4-C22F-48BC-956D-88994C18D0BE}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{FCBF04CD-DD37-4CE1-B133-8F0262EE7532}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{BDC53401-3FE8-44BE-82B5-1F761FD352A3}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{711FA219-3A3A-42E1-BD7B-13D9939C2B37}] => (Allow) D:\steam\steamapps\common\Autonauts\Autonauts.exe () [File not signed]
FirewallRules: [{010551FF-F3C8-428E-ABF1-F32C11CE83F7}] => (Allow) D:\steam\steamapps\common\Autonauts\Autonauts.exe () [File not signed]
FirewallRules: [{CF8C220D-621B-4626-93F6-103DF1976E91}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{36304C96-3BE9-4505-8E95-D6C0471A1ED1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8F1E38BB-D2A4-4E02-BF80-9898DE6DFCD1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{569E136A-0E45-41FE-93F4-FAFBEB8EE493}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F44075B9-3156-4424-9F81-B8AADBA27A91}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0A9E6591-4EDC-4033-BD9D-C0FE0562798E}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{463C8CEC-1202-4A75-A166-9B6D17F55462}] => (Allow) D:\steam\steamapps\common\BadNorth\BadNorth.exe (Raw Fury AB -> )
FirewallRules: [{01AFAA4C-BD07-4EB5-80C7-97ED428D1ED7}] => (Allow) D:\steam\steamapps\common\BadNorth\BadNorth.exe (Raw Fury AB -> )
FirewallRules: [{494818E7-5971-4FC7-8A72-7372727CBAC5}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed]
FirewallRules: [{A7A26410-75AC-4418-8FA8-C4B70A46F080}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed]
FirewallRules: [{6C48B6F8-E3B2-48BC-87FA-9007A781985D}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{45519D1F-1817-4C20-8638-1B673AC83B0A}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{FF38B8F4-87C6-4763-BCD2-9BEFFCC63527}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{56380126-64C0-4666-8091-5FF77B1A4195}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{D82EF880-E7F8-4447-8633-F2F0230BD716}] => (Allow) D:\steam\steamapps\common\Forager\Forager.exe (HopFrog) [File not signed]
FirewallRules: [{2F29226E-7D74-4C3A-974D-22DDA0683011}] => (Allow) D:\steam\steamapps\common\Forager\Forager.exe (HopFrog) [File not signed]
FirewallRules: [{EE3B8D63-FD0E-4B41-A1FE-7A6BEEDB8608}] => (Allow) D:\steam\steamapps\common\Environmental Station Alpha\Environmental Station Alpha.exe ( ) [File not signed]
FirewallRules: [{37CA1B92-030F-4024-88D2-9291A6EE8978}] => (Allow) D:\steam\steamapps\common\Environmental Station Alpha\Environmental Station Alpha.exe ( ) [File not signed]
FirewallRules: [{4A846438-9443-451D-8878-A84450ABAD8D}] => (Allow) D:\steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{6D462FE8-5DD5-4326-AF9D-7EC12378A84A}] => (Allow) D:\steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{A528E348-A3C8-41A3-A4CC-CF5F15B0EF78}] => (Allow) D:\steam\steamapps\common\Halcyon 6 Lightspeed Edition\H6.exe () [File not signed]
FirewallRules: [{0A50E877-BC1E-44AE-B8CC-C7D626FCEBCF}] => (Allow) D:\steam\steamapps\common\Halcyon 6 Lightspeed Edition\H6.exe () [File not signed]
FirewallRules: [{4CB3548C-A774-44D2-91E8-4A34416C1E6A}] => (Allow) D:\steam\steamapps\common\Shortest Trip to Earth\ST Earth.exe () [File not signed]
FirewallRules: [{DADE0867-72FC-4E12-9F46-91B741DA480F}] => (Allow) D:\steam\steamapps\common\Shortest Trip to Earth\ST Earth.exe () [File not signed]
FirewallRules: [{9D76D783-C84D-47C7-B4AB-222219D54688}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed]
FirewallRules: [{C45B7336-FC96-4205-8D9A-C060B3AB335F}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed]
FirewallRules: [{9DEA78B0-DADC-47DE-9075-C572833EB717}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{1AF31FDE-5019-4639-8FC1-CB63E3AAD771}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C368F30D-F7EB-458D-B473-9B245D8C5D90}] => (Allow) D:\steam\steamapps\common\Cortex Command\Cortex Command.exe () [File not signed]
FirewallRules: [{3BA2C2B2-A260-4586-A812-D932FF777A82}] => (Allow) D:\steam\steamapps\common\Cortex Command\Cortex Command.exe () [File not signed]
FirewallRules: [{26347314-A320-4B86-AAF9-8311A9F15BBB}] => (Allow) D:\steam\steamapps\common\Nimbatus\Windows64\Nimbatus.exe () [File not signed]
FirewallRules: [{FF8FCA2F-E78D-4D95-B529-3BAB319CF0D2}] => (Allow) D:\steam\steamapps\common\Nimbatus\Windows64\Nimbatus.exe () [File not signed]
FirewallRules: [{2E8C318F-727E-4FE5-AB1B-5FB3FC3B3D6B}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{94B9B6D7-259E-4126-AB4D-3AE043C6FA7E}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{99629E20-A63D-4974-AD07-0982A57CB776}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C009971C-F8E2-4885-A3B4-0B58EE81A63F}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{9A815E5F-7F7C-49C6-9731-7A6C6DF47070}] => (Allow) D:\steam\steamapps\common\Airships Conquer the Skies\Airships.exe () [File not signed]
FirewallRules: [{892C0743-1136-45F1-A18B-4851E0E87539}] => (Allow) D:\steam\steamapps\common\Airships Conquer the Skies\Airships.exe () [File not signed]
FirewallRules: [{A6E352C6-94B7-4A62-AA6D-71A93C0C4221}] => (Allow) D:\steam\steamapps\common\Airships Conquer the Skies\AirshipsSystemJava.exe
FirewallRules: [{F09EE064-23E2-43F8-A51A-B0488F88A573}] => (Allow) D:\steam\steamapps\common\Airships Conquer the Skies\AirshipsSystemJava.exe
FirewallRules: [{9E63AE43-256B-41BC-A9B1-CBB070E76E1F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{EA3F10DD-A5E5-4EDA-9D7D-130313FFE116}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{9947540D-265A-448F-A246-B9418477085E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

24-01-2020 19:21:24 Naplánovaný kontrolní bod
27-01-2020 22:44:02 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2020 01:55:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2020 01:54:51 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/30/2020 01:54:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/30/2020 01:54:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/30/2020 01:45:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.0.10836, časové razítko: 0x5e1738c5
Název chybujícího modulu: clr.dll, verze: 4.7.3062.0, časové razítko: 0x5ab95217
Kód výjimky: 0xc0000409
Posun chyby: 0x002f89b9
ID chybujícího procesu: 0x2120
Čas spuštění chybující aplikace: 0x01d5d70698867a38
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: d7c52c54-42f9-11ea-b8a8-303a64fb21be

Error: (01/29/2020 11:31:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/29/2020 11:31:03 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/29/2020 11:31:00 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1


System errors:
=============
Error: (01/30/2020 01:55:20 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/30/2020 01:55:20 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/30/2020 01:55:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (01/30/2020 01:55:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/30/2020 01:55:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (01/30/2020 01:54:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/30/2020 01:54:46 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (01/30/2020 01:54:28 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .


==================== Memory info ===========================

BIOS: American Megatrends Inc. E1759IMS.520 08/26/2014
Motherboard: Micro-Star International Co., Ltd. MS-1759
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 70%
Total physical RAM: 8111.06 MB
Available physical RAM: 2395.55 MB
Total Virtual: 16220.26 MB
Available Virtual: 9388.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:39.53 GB) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:62.98 GB) NTFS
Drive e: () (Fixed) (Total:687.27 GB) (Free:109.02 GB) NTFS

\\?\Volume{66bfb446-7e3a-11e4-a897-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 65178622)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 65178610)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

ahoj,
toto IObit\Advanced SystemCare Ultimate aj vsetko ostatne od IOBit odinstaluj
a dufaj, ze nie je neskoro - tento SW vie dokonale rozhasit system
RESTART
a vycisti PC s CCleanerom, vcetne registrov + cistenie s ADWCleanerom

[drakuba]

tak to asi způsobila avira, spolu s ní se aktualizovalo pár dalších prográmků a mezi nimi musel být i Advanced system care, kde mi nejnovéjší verze najebala systém
Pro jistotu jsem obnovil systém z pár dní staré zálohy a poté provedl čistku, ale zůstali mi v systému ostatky ASC které mi nejdou odinstalovat pač tam jakoby už nejsou, ale něco se zároveň obnovilo. Nemáte tip na nějaký program který to násilně zlikviduje, ideálně i s cestama aby to neotravovalo?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by Drakuba (administrator) on DRAKUBA-NB (Micro-Star International Co., Ltd. GE70 2PE) (31-01-2020 02:31:53)
Running from C:\Users\Drakuba\Desktop
Loaded Profiles: Drakuba (Available Profiles: Drakuba)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(MSI) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros) [File not signed] C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SteelSeries ApS) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2013-10-22] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2016-03-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [405504 2014-09-01] (MSI) [File not signed]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1893888 2013-10-24] (Vodafone) [File not signed]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [229080 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5596432 2018-05-21] (IObit Information Technology -> IObit)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3523344 2019-06-03] (IObit Information Technology -> IObit)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2015-06-11] (SteelSeries ApS) [File not signed]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [394616 2014-12-29] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {10fdefd4-3c37-11e6-957d-303a64fb21ba} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {66bfb44c-7e3a-11e4-a897-806e6f6e6963} - F:\CDSetup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D00AE86-E9F9-43A0-82A4-79EBA59183E2}] -> C:\Program Files (x86)\Avira\Scout\Application\59.0.3071.2851\Installer\chrmstp.exe [2017-07-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [187152 2015-09-06] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165712 2015-09-06] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-06-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A05D3B-0FA8-4772-BF00-5F20523CBD35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {18B38D4D-6F18-4A80-8918-40D391BCE4AD} - System32\Tasks\ASCU12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [3148560 2019-05-20] (IObit Information Technology -> IObit)
Task: {25AA5207-9FB8-4406-9442-7B969492C521} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [498976 2016-06-06] (IObit Information Technology -> IObit)
Task: {2E96BE74-6532-467C-AB25-DB40D54176FF} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3CED2268-E3CB-4900-8206-DF966C87C766} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {59CD0E0A-90D2-453B-80B2-93BC45B448DC} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {691B3FEC-7A10-4740-96F6-911E1953CC7F} - System32\Tasks\ASCU12_SkipUac_Drakuba => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [8707344 2019-08-21] (IObit Information Technology -> IObit)
Task: {7376C41B-E699-48F2-84F2-67A7A41F30F4} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [431384 2017-03-10] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {80B02AD8-6A01-4C60-9CB2-6AFC01AC3685} - System32\Tasks\Uninstaller_SkipUac_Drakuba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {8ACA9EA4-3903-42A4-93E4-4FBD25B67815} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5386528 2016-11-21] (IObit Information Technology -> IObit)
Task: {97EB8576-5E35-4EFE-AA2C-925F1E103976} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A0DCE2A9-51A1-4B94-9C4D-1F32E54B8254} - System32\Tasks\{577540C1-2EC4-44D2-8E96-5F7BCA94C9FB} => C:\Windows\system32\pcalua.exe -a "D:\Games\Halo 2\StartUp.exe" -c /tnp:/remove
Task: {DCB58E37-9411-4159-B958-0C6CF03837AC} - System32\Tasks\Driver Booster SkipUAC (Drakuba) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe
Task: {EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2848032 2016-07-22] (IObit Information Technology -> IObit)
Task: {F37AF294-0872-4997-B405-986477E1CF0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.77.0.1 10.77.1.1
Tcpip\..\Interfaces\{A2BF613E-A52B-442A-BA1D-BF756F047947}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{AF6135CC-391C-4B3C-8B08-FA5B552952F6}: [DhcpNameServer] 10.77.0.1 10.77.1.1
Tcpip\..\Interfaces\{F4BBCDC0-D514-47D8-B823-77D7D4495E08}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: PuXmwa9H.default
FF ProfilePath: C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default [2020-01-31]
FF user.js: detected! => C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\user.js [2018-05-19]
FF Session Restore: Mozilla\Firefox\Profiles\PuXmwa9H.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\abs@avira.com.xpi [2020-01-31]
FF Extension: (Battletag for Battlelog™) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\battletag@jeremejevs.com.xpi [2016-10-23] [Legacy]
FF Extension: (User-Agent Switcher) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-01-11]
FF Extension: (No Name) - C:\Users\Drakuba\AppData\Roaming\Mozilla\Firefox\Profiles\PuXmwa9H.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: BYOND -> D:\Male hry\Space Station 13\bin\npbyond.dll [2008-07-08] (BYOND) [File not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1271056 2019-08-12] (IObit Information Technology -> IObit)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1740560 2019-01-02] (IObit Information Technology -> IObit)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [614928 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [379624 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-04-09] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-11-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG Limited -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6532664 2016-03-17] (GOG Limited -> GOG.com)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-09-01] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] (Intel Corporation-Mobile Wireless Group -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2142728 2016-10-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2209296 2016-10-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-10-23] (Even Balance, Inc. -> )
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [File not signed]
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [116312 2017-04-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-10-24] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
S3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-05-21] (Tages SA -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80560 2014-02-28] (Qualcomm Atheros, Inc. -> Qualcomm Atheros, Inc.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2020-01-30] (CPUID -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-01-27] (Echobit, LLC -> Echobit, LLC)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [26968 2019-02-01] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-19] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2016-03-16] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [161488 2014-03-05] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2018-03-20] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [19856 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [33240 2018-04-04] (IObit Information Technology -> IObit.com)
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [125488 2016-03-16] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-05-21] (Tages SA -> )
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3415304 2016-03-16] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2016-03-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2018-03-20] (IObit Information Technology -> IObit.com)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [758488 2016-03-16] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-05-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\DRIVERS\SAlphaPS264.sys [27520 2014-05-16] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2017-06-09] (SpeedJet Technology INC.) [File not signed]
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2014-12-29] (Duplex Secure Ltd -> Duplex Secure Ltd.)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2019-02-01] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [46520 2019-02-01] (SteelSeries ApS -> SteelSeries ApS)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (Bitdefender SRL -> BitDefender S.R.L.)
S3 IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-31 02:31 - 2020-01-31 02:32 - 000034931 _____ C:\Users\Drakuba\Desktop\FRST.txt
2020-01-31 02:31 - 2020-01-31 02:31 - 002581504 _____ (Farbar) C:\Users\Drakuba\Desktop\FRST64.exe
2020-01-31 02:25 - 2020-01-31 02:25 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-31 02:25 - 2020-01-31 02:25 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-31 02:22 - 2020-01-31 02:22 - 000001008 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2020-01-31 02:22 - 2020-01-31 02:22 - 000001008 _____ C:\ProgramData\Desktop\Avira Phantom VPN.lnk
2020-01-31 02:21 - 2020-01-31 02:21 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-01-31 02:21 - 2019-12-02 10:26 - 000222888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2020-01-31 02:21 - 2019-09-19 09:07 - 000175808 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2020-01-31 02:21 - 2019-06-07 14:09 - 000068152 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2020-01-31 02:21 - 2019-03-20 18:50 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2020-01-31 02:21 - 2019-03-20 18:50 - 000036072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2020-01-31 02:21 - 2019-03-20 18:50 - 000035376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2020-01-31 01:12 - 2020-01-31 01:13 - 000000000 ____D C:\AdwCleaner
2020-01-31 00:58 - 2020-01-31 00:58 - 000000000 ____D C:\Users\Drakuba\AppData\Local\Google
2020-01-31 00:57 - 2020-01-31 02:25 - 000000000 ____D C:\Program Files\CCleaner
2020-01-31 00:57 - 2020-01-31 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-31 00:56 - 2020-01-31 00:58 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-30 23:38 - 2020-01-30 23:38 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2020-01-30 02:22 - 2020-01-31 02:32 - 000000000 ____D C:\FRST
2020-01-28 23:00 - 2020-01-28 23:00 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-01-27 22:43 - 2020-01-31 01:54 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-01-25 03:49 - 2020-01-25 05:06 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\AirshipsGame
2020-01-11 21:49 - 2020-01-11 21:49 - 706491402 _____ C:\Windows\MEMORY.DMP
2020-01-11 21:49 - 2020-01-11 21:49 - 000332200 _____ C:\Windows\Minidump\011120-8564-01.dmp
2020-01-11 20:18 - 2020-01-11 20:19 - 000000017 _____ C:\Users\Drakuba\Desktop\mwll servers TS.txt
2020-01-09 23:31 - 2020-01-09 23:31 - 000000000 ____H C:\asc_rdflag
2020-01-08 11:21 - 2020-01-08 11:21 - 000035664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\phantomtap.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-31 02:31 - 2016-01-30 22:47 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\uTorrent
2020-01-31 02:29 - 2018-08-21 01:11 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\Mozilla
2020-01-31 02:29 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\IObit
2020-01-31 02:28 - 2014-12-07 20:49 - 000000000 __SHD C:\Users\Drakuba\IntelGraphicsProfiles
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\IObit
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\ProgramData\IObit
2020-01-31 02:27 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-31 02:26 - 2011-04-12 09:34 - 000680338 _____ C:\Windows\system32\perfh005.dat
2020-01-31 02:26 - 2011-04-12 09:34 - 000142942 _____ C:\Windows\system32\perfc005.dat
2020-01-31 02:26 - 2009-07-14 06:13 - 001648198 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-31 02:26 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-31 02:26 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-31 02:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-31 02:22 - 2017-04-08 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-31 02:21 - 2017-04-08 20:54 - 000000000 ____D C:\Program Files (x86)\Avira
2020-01-31 02:21 - 2014-12-07 21:19 - 000000000 ____D C:\ProgramData\Avira
2020-01-31 02:18 - 2014-12-07 21:27 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\Avira
2020-01-31 02:03 - 2015-07-20 15:59 - 000000000 ____D C:\Program Files (x86)\IObit
2020-01-31 01:55 - 2014-12-07 20:27 - 000059272 _____ C:\Users\Drakuba\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-31 01:54 - 2019-11-15 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-01-31 01:54 - 2018-06-21 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2020-01-31 01:54 - 2017-04-10 16:28 - 000000000 ____D C:\Users\Drakuba\AppData\Local\Avira
2020-01-31 01:54 - 2017-01-22 11:47 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\discord
2020-01-31 01:54 - 2016-12-18 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2020-01-31 01:54 - 2016-10-26 11:29 - 000000000 ____D C:\Users\Drakuba\Desktop\programy
2020-01-31 01:54 - 2016-03-02 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2020-01-31 01:54 - 2015-11-30 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2020-01-31 01:54 - 2015-07-20 15:59 - 000000000 ____D C:\ProgramData\ProductData
2020-01-31 01:54 - 2014-12-07 20:57 - 000000000 ____D C:\Users\Drakuba\AppData\Local\SteelSeries_ApS
2020-01-31 01:54 - 2014-12-07 20:50 - 000000000 ____D C:\Users\Drakuba\AppData\Local\MSI
2020-01-31 01:54 - 2014-12-07 20:19 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-31 01:54 - 2014-12-07 19:00 - 000000000 ____D C:\Users\Drakuba
2020-01-31 01:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-01-31 00:08 - 2011-04-12 09:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-01-30 01:56 - 2019-06-21 14:38 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\steelseries-engine-3-client
2020-01-24 18:55 - 2014-12-21 03:18 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\vlc
2020-01-24 15:08 - 2019-05-23 14:00 - 000002850 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Drakuba)
2020-01-11 21:49 - 2016-12-05 17:38 - 000000000 ____D C:\Windows\Minidump
2020-01-11 21:41 - 2016-12-17 18:28 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\TS3Client
2020-01-09 23:31 - 2015-12-19 16:33 - 087195648 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 087195648 _____ C:\Windows\system32\config\SOFTWARE.iodefrag
2020-01-09 23:31 - 2015-12-19 16:33 - 000253952 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 000065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2020-01-09 23:31 - 2015-12-19 16:33 - 000024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak

==================== Files in the root of some directories ========

2014-12-07 20:42 - 2014-12-07 20:42 - 000000000 _____ () C:\Users\Drakuba\AppData\Local\Driver_LOM_8161Present.flag

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-01-28 00:55
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by Drakuba (31-01-2020 02:33:14)
Running from C:\Users\Drakuba\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-12-07 18:00:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-628811325-4240189017-3329868707-500 - Administrator - Disabled)
Drakuba (S-1-5-21-628811325-4240189017-3329868707-1000 - Administrator - Enabled) => C:\Users\Drakuba
Guest (S-1-5-21-628811325-4240189017-3329868707-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-628811325-4240189017-3329868707-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AV: Advanced SystemCare Ultimate (Disabled - Out of date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {0B81F5C2-9C9F-1DB6-0BF9-02BFE6D63BAF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\uTorrent) (Version: 3.4.2.38758 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 12 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 12.3.0 - IObit)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aktualizace NVIDIA 16.13.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.65 - NVIDIA Corporation) Hidden
Antichamber (HKLM\...\UDK-87170479-253d-4fa5-9bdb-bc057283e733) (Version: - Epic Games, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
AutoHotkey 1.1.30.00 (HKLM\...\AutoHotkey) (Version: 1.1.30.00 - Lexikos)
Avira (HKLM-x32\...\{00BC4EC0-D21B-444F-9DF9-51E60BF71EFB}) (Version: 1.2.142.15897 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8c081090-e39c-462d-8d04-49136b93ff98}) (Version: 1.2.142.15897 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.1.20493 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
BYOND (HKLM-x32\...\BYOND) (Version: 511.1385 - BYOND)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)
Faasoft Video Converter 5.4.20.6448 (HKLM-x32\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version: - Microsoft Game Studios)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1703.1001 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1703.1001 - Micro-Star International Co., Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.0 - IObit)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.40 - IObit)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
MechWarrior: Living Legends (HKLM-x32\...\{D00139A4-7542-41C4-A0B6-17463E334725}_is1) (Version: 1.0.0 - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
nGlide 2.00 (HKLM-x32\...\nGlide) (Version: 2.00 - Zeus Software)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.82 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{7DFEB62C-05BE-4B8D-B36C-2F8562D50AED}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{F80E65C2-9844-4C4D-BD1F-A6D8AA4F09BC}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (HKLM\...\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}) (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
RECOIL (HKLM-x32\...\RECOIL) (Version: - )
SCM (HKLM\...\{F5D84549-523F-438F-8ACC-0944E30EF78C}) (Version: 13.014.09014 - Application)
Sean O'Connor's Windows Games (HKLM-x32\...\Sean O'Connor's Windows Games_is1) (Version: - Sean O'Connor's Windows Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.65 - NVIDIA Corporation) Hidden
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2015.1 - SteelSeries)
SteelSeries Engine 3.15.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.1 - SteelSeries ApS)
Subtitle Workshop 2.50 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.5.0.9 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Vampire - The Masquerade - Bloodlines (HKLM-x32\...\1207659240_is1) (Version: 2.1.0.8 - GOG.com)
Viscera Cleanup Detail: alpha v0.25
(HKLM\...\UDK-b61bdc3c-5e45-4b56-af14-ac7f9e533289) (Version: - RuneStorm
)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.3.409.46933 - Vodafone)
Warlords Battlecry III (HKLM-x32\...\{93DA8968-092B-4E6F-B568-AB8471952143}) (Version: W4PCA0.8 - )
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (02/03/2011 2.4.0.0) (HKLM\...\88C277C6E63CBDAF35A096E80A5B97A29A619D3A) (Version: 02/03/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Cambridge Silicon Radio Ltd. (USBSPI) USB (01/21/2011 2.4.0.0) (HKLM\...\516F2BEA6007D982DCE90BA1592C17F0FFD75DBA) (Version: 01/21/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Goo (HKLM-x32\...\1421855536_is1) (Version: 2.1.0.2 - GOG.com)
Zandronum (HKLM-x32\...\Zandronum) (Version: 2.1.2 - Zandronum)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-628811325-4240189017-3329868707-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-06-11 21:32 - 2015-06-11 21:32 - 000057344 _____ ( ) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Interop.BSteelLinkLib.dll
2014-12-29 19:42 - 2010-03-15 11:28 - 000052224 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000029696 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000034304 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000115200 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000031744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000015872 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000159744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000189440 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000504832 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 009315328 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000020992 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000023040 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2015-10-21 10:33 - 2015-10-21 08:33 - 000385024 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM99.DLL
2016-07-14 20:24 - 2015-10-21 08:33 - 000030208 _____ (CANON INC.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\CNMPD99.DLL
2019-03-06 19:18 - 2019-03-06 19:18 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-03-06 19:18 - 2019-03-06 19:18 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000200704 _____ (ICSharpCode.net) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ICSharpCode.SharpZipLib.dll
2019-05-18 16:50 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-12-07 20:23 - 2013-12-20 09:38 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2009-08-18 10:24 - 2009-08-18 10:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2018-03-26 11:58 - 2018-03-26 11:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2015-09-16 19:13 - 2015-09-16 19:13 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2014-09-01 11:04 - 2014-09-01 11:04 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000027136 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3HeadsetPlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000024064 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\PluginAbstract.dll
2015-06-11 21:33 - 2015-06-11 21:33 - 000125440 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\VoicePlugin.dll
2015-06-11 21:32 - 2015-06-11 21:32 - 000653824 _____ (TODO: <Company name>) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\BSteelLink.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall MechWarrior: Living Legends.lnk [307]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Drakuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.77.0.1 - 10.77.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{C8C81365-0F17-4CE4-9C1B-880FF175237C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{7A93F552-4A95-4706-931A-9C48770B6DB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24E2941D-643E-4AAD-A042-301C28B5D0D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AF9C4170-A2C1-49A0-B4B3-D7A9FC5FC7AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C43BFD67-57D5-4558-A0BF-27995B842A9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78C926D6-6E14-446C-9DA0-216024DB2B4D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1D4897E-AA4D-4D46-8252-C1B369649A38}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53E212F6-CF48-4D21-A96C-2045D3006D86}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{E740C198-D0A9-4616-936D-9BDEA689B47A}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{F0402390-25B0-47B4-8B8B-375931EF9232}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{E322AA62-C8C5-4F8E-98EF-EF409F781BAD}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{23376C56-7E52-4CCD-A95B-F03D440D607B}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{A2E795CA-1EC6-4418-B67B-24950664CBFF}] => (Allow) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (GOG Limited -> GOG.com)
FirewallRules: [{F20C78B6-9FBD-432A-B4D4-4FFB4A24E86D}] => (Allow) D:\Games\Halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33740A50-8E59-4872-B29E-2E06BBED0A62}] => (Allow) D:\Games\Halo 2\halo2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A321B55-8A38-42B5-9B35-8B5C7BF3E68F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{105E7462-562E-4216-BF32-B3E3E54864B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{575D3C24-4477-4788-B348-59464547031C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe No File
FirewallRules: [{7EE2CA43-0BBB-4A63-9BFE-5890328B6BC2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe No File
FirewallRules: [TCP Query User{FDD731EC-AD84-46C6-848B-53FA9F9DFDA4}D:\male hry\doom2\zandronum.exe] => (Allow) D:\male hry\doom2\zandronum.exe ( ) [File not signed]
FirewallRules: [UDP Query User{9CEAE7BD-85B9-4D7D-9CB2-CC536775DB55}D:\male hry\doom2\zandronum.exe] => (Allow) D:\male hry\doom2\zandronum.exe ( ) [File not signed]
FirewallRules: [TCP Query User{DAB68E77-3323-4EA6-810A-BBD945F48EBF}D:\games\bf2142\battlefield 2142\bf2142.exe] => (Allow) D:\games\bf2142\battlefield 2142\bf2142.exe (Spencer Sharkey -> )
FirewallRules: [UDP Query User{875DA903-32EA-4B45-A021-AC5C0876FCB8}D:\games\bf2142\battlefield 2142\bf2142.exe] => (Allow) D:\games\bf2142\battlefield 2142\bf2142.exe (Spencer Sharkey -> )
FirewallRules: [{921C2100-47F2-48C2-B2BC-0B90A9774800}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{70D176FD-88E8-44BD-96FF-3B40F7EEA2B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EE005C36-5CE6-4BE8-93F5-81B096F1073B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{58016EA8-F9D6-49D9-8748-60DB9C255DB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{3F577154-63E2-4DA9-B3FA-3096448B56FE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{9AD2C2A1-FA1A-42FE-85AE-79877D4C362B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [TCP Query User{A9C89991-7115-40BB-9229-9BFF1DF84E08}D:\male hry\roguelands\roguelands.exe] => (Allow) D:\male hry\roguelands\roguelands.exe No File
FirewallRules: [UDP Query User{B25067A0-20C7-431F-86E1-D6A2C61620A1}D:\male hry\roguelands\roguelands.exe] => (Allow) D:\male hry\roguelands\roguelands.exe No File
FirewallRules: [{AD161915-4475-4E4B-B65E-48F0DBD6CB1E}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3C8380E1-56A6-402D-846C-DDDB2786AA26}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{050D53EC-452E-470A-A932-9A406EB24636}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{9A0F50FC-F4AA-40C6-8114-7D3220D62165}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7E3CF55E-7230-40BE-89AF-A1854D61FC5A}] => (Allow) D:\steam\steamapps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{341A119B-D724-4C91-B0A3-7D184D1FE33A}] => (Allow) D:\steam\steamapps\common\Party Hard\PartyHardGame.exe () [File not signed]
FirewallRules: [{404DC273-9C39-4D42-AA69-57AFAA892D84}] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{CDD3FB08-9BE5-4B79-A5F1-563C183E8903}] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{B3E4A201-5138-493F-B310-556C7C13A9A4}] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{1151D925-D9C2-46F6-A1CA-0548EAFCDEAC}] => (Allow) D:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe No File
FirewallRules: [{181FAE81-7F26-4C00-B0AB-7421FB890043}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{69E78C4B-D069-4DF5-BD9C-D666C2ACA34D}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{06F92CE7-B05B-4B27-A2C9-4CDB0809FAAC}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{68488E87-A130-4E51-BEC5-6362439465A9}] => (Allow) D:\steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{018B2D0B-15E0-40ED-BB02-69CBF7D6ADA4}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{AD7CA8C6-4345-4C40-8762-44DAD7F9A423}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{80A834EC-A8AF-4629-8EE6-8D2B31BB32B1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FC126C67-44F3-4489-A926-F26A90C6BCAD}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D37C51B9-E207-46D7-A4FD-867D3CC084D6}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{24B81E34-9910-48B1-8899-B97F2DA633EA}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6F5A0AC0-87FA-49C6-8085-C07926E8F383}] => (Allow) D:\steam\steamapps\common\King Arthur's Gold\KAG.exe () [File not signed]
FirewallRules: [{77519365-394A-4B6A-83F3-0DB49D155683}] => (Allow) D:\steam\steamapps\common\King Arthur's Gold\KAG.exe () [File not signed]
FirewallRules: [TCP Query User{F13B3CDE-663D-41B6-AB42-E98A5C563C0B}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{38BFA892-3984-4CA8-8B4E-4FAD873E241F}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{89D86063-08F6-425B-BC67-EE849AF9C4D7}] => (Allow) D:\steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{6F712D90-F41B-4854-A0DF-4D13EF5ADC1E}] => (Allow) D:\steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC ) [File not signed]
FirewallRules: [{5A1F5E5F-8955-4A92-BA27-D61F7EE8991A}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{ADA3AD36-38A6-4CC1-AE8B-AA0000A14F72}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{C7ABFD80-6A95-430A-AA90-8C34824729C4}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{14AB4634-1642-4746-8189-E8F5085336A5}] => (Allow) D:\steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{9167935A-8418-4E67-A608-A300623A8B87}] => (Allow) D:\steam\steamapps\common\Jotun\Jotun.exe () [File not signed]
FirewallRules: [{3C1F6766-6440-4240-9EEC-113C4FDDC8BA}] => (Allow) D:\steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [{7342544E-7BD9-43CC-9134-A8232F435DBD}] => (Allow) D:\steam\steamapps\common\Hollow Knight\hollow_knight.exe () [File not signed]
FirewallRules: [{033C09DB-ECB5-4DA5-B5BC-F4F584A12BB1}] => (Allow) D:\steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{0B9BEFA0-0957-4A56-ABD5-E9EF70AF7F55}] => (Allow) D:\steam\steamapps\common\Monaco\MONACO.exe () [File not signed]
FirewallRules: [{50480F5F-B8B9-4F27-9A3C-D3A8C921F44E}] => (Allow) D:\steam\steamapps\common\Heat Signature\Heat_Signature.exe (Suspicious Developments ) [File not signed]
FirewallRules: [{AB151166-6451-43BD-A708-3AE1F5C94C35}] => (Allow) D:\steam\steamapps\common\Heat Signature\Heat_Signature.exe (Suspicious Developments ) [File not signed]
FirewallRules: [{EDDDCC8F-E713-4259-A90D-3C90EE1C1B08}] => (Allow) D:\steam\steamapps\common\Castle Story\castlestory-launcher.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{DED5A036-06E5-4CC3-B0ED-E5E6C2FC2BD4}] => (Allow) D:\steam\steamapps\common\Castle Story\castlestory-launcher.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{FA56EF18-F64C-407F-9F40-FAACDFB59CE8}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [UDP Query User{149448C4-B6D7-4002-89E0-C612223036AE}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [{2A931538-F3F7-4FED-A6DD-E89D310C4DBD}] => (Allow) D:\steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{764CEB8C-E155-4C04-AF6E-F66FEB78E3A9}] => (Allow) D:\steam\steamapps\common\FEZ\FEZ.exe (Polytron Corporation) [File not signed]
FirewallRules: [{8D87A1C1-9A72-4FAA-8B2D-72FAF6DD153C}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{422D18FE-F7D4-49B2-B9C6-560E0BC75700}] => (Allow) D:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{6FEB0403-99AC-4E0F-88EB-6749576C784F}] => (Allow) D:\steam\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [{B3995163-77EE-4679-8467-1A0B1D733056}] => (Allow) D:\steam\steamapps\common\GenitalJousting\GenitalJousting.exe () [File not signed]
FirewallRules: [{EAD05430-9CD7-4276-A31E-4730E1F6D32F}] => (Allow) D:\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe No File
FirewallRules: [{D4EE07D5-36EE-4FC1-984C-1D537597A73B}] => (Allow) D:\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe No File
FirewallRules: [TCP Query User{2DBEDB2B-56AC-4FA1-934D-356D9F0D732B}E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe] => (Block) E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe () [File not signed]
FirewallRules: [UDP Query User{1F039DF6-0AD5-4C07-B8D4-F75AD5EFEE5E}E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe] => (Block) E:\games\weapon shop fantasy\weapon.shop.fantasy.v1.10\weaponshopfantasy.exe () [File not signed]
FirewallRules: [{E2DC28C7-80B7-4BB8-A67E-DEDC798955B2}] => (Allow) D:\steam\steamapps\common\Tricky Towers\TrickyTowers.exe () [File not signed]
FirewallRules: [{CB88D854-A315-4B7E-920D-42417ED7DD02}] => (Allow) D:\steam\steamapps\common\Tricky Towers\TrickyTowers.exe () [File not signed]
FirewallRules: [{79D5D5D0-169D-4F6C-A1F4-C78CD7E3395B}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [{D4DDE868-DD69-4D10-9BEE-AFE7972054DB}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [TCP Query User{0E0F1E52-3470-4A3A-BE0F-EE08233C0A52}D:\male hry\space station 13\bin\byond.exe] => (Allow) D:\male hry\space station 13\bin\byond.exe ( ) [File not signed]
FirewallRules: [UDP Query User{F8BE6406-5116-437C-8153-6AE873E1E2B1}D:\male hry\space station 13\bin\byond.exe] => (Allow) D:\male hry\space station 13\bin\byond.exe ( ) [File not signed]
FirewallRules: [TCP Query User{BA565212-C860-41AA-9961-168A1DF23655}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File
FirewallRules: [UDP Query User{40D11CEE-00B0-49A6-970D-6FAB09DB2A07}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe No File
FirewallRules: [{6D057606-590C-4C4D-87F0-72576DEBDA56}] => (Allow) D:\steam\steamapps\common\DEADBOLT\deadbolt_game.exe ( ) [File not signed]
FirewallRules: [{676DD410-BA18-4281-9D8A-F09C38BF65BC}] => (Allow) D:\steam\steamapps\common\DEADBOLT\deadbolt_game.exe ( ) [File not signed]
FirewallRules: [TCP Query User{31A702BA-270E-41BA-AA20-2BD7C99042A4}D:\games\mwll\bin64\crysis.exe] => (Allow) D:\games\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{26D19209-B9F2-44FE-B596-AFD75052753E}D:\games\mwll\bin64\crysis.exe] => (Allow) D:\games\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [TCP Query User{05FCC2D6-2A8D-4E63-9357-F3084B39F490}E:\games\tumbleseed\tumbleseed\skidrowgamesreloaded.com\tumbleseed.exe] => (Block) E:\games\tumbleseed\tumbleseed\skidrowgamesreloaded.com\tumbleseed.exe No File
FirewallRules: [UDP Query User{1E40C0B4-B548-49D7-B0F7-2444FF756EFB}E:\games\tumbleseed\tumbleseed\skidrowgamesreloaded.com\tumbleseed.exe] => (Block) E:\games\tumbleseed\tumbleseed\skidrowgamesreloaded.com\tumbleseed.exe No File
FirewallRules: [TCP Query User{564BEE3D-D170-453F-9FC9-780E9F2A89AF}D:\male hry\tumbleseed\tumbleseed.exe] => (Block) D:\male hry\tumbleseed\tumbleseed.exe () [File not signed]
FirewallRules: [UDP Query User{13FDC848-7CF7-4A19-B082-96181951177C}D:\male hry\tumbleseed\tumbleseed.exe] => (Block) D:\male hry\tumbleseed\tumbleseed.exe () [File not signed]
FirewallRules: [{4AC623E1-04E4-45A1-B41B-219CF699353F}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
FirewallRules: [TCP Query User{E89C938B-2CE1-40FE-A766-571B48214E8B}C:\program files (x86)\vlc\vlc.exe] => (Block) C:\program files (x86)\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3945F989-F92F-40C8-B9BC-4FEC5A17F9DD}C:\program files (x86)\vlc\vlc.exe] => (Block) C:\program files (x86)\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{58353E8E-8DB4-4EA9-A7BE-DE3D4C894FF3}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B752F2E8-55CC-4F20-B2AA-F85FD2069745}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{29BB622B-0083-4853-ACEA-03D2538577EF}] => (Allow) D:\steam\steamapps\common\Reus\Reus.exe (Abbey Games BV) [File not signed]
FirewallRules: [{F8BAB061-AA11-4F24-AFEE-BC000BCCC26A}] => (Allow) D:\steam\steamapps\common\Reus\Reus.exe (Abbey Games BV) [File not signed]
FirewallRules: [TCP Query User{19164D3B-7E1E-4613-80D3-000F48404B3D}D:\mwll\bin64\crysis.exe] => (Allow) D:\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{6BC6ADFA-3A97-4455-A868-E80A6AD19DB6}D:\mwll\bin64\crysis.exe] => (Allow) D:\mwll\bin64\crysis.exe (Crytek GmbH) [File not signed]
FirewallRules: [{5B6423FA-3479-410D-96D4-7EBAA0738158}] => (Allow) D:\steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [{A09F26AC-2CA7-4053-8CF4-25AB9AA4AE06}] => (Allow) D:\steam\steamapps\common\Into the Breach\Breach.exe () [File not signed]
FirewallRules: [{A4882BA1-4E6C-4010-ACB5-126DE7A137FE}] => (Allow) D:\steam\steamapps\common\Poly Bridge\polybridge.exe () [File not signed]
FirewallRules: [{40D0418F-99A5-4A3E-9E19-BBBF67D067A4}] => (Allow) D:\steam\steamapps\common\Poly Bridge\polybridge.exe () [File not signed]
FirewallRules: [{9B996178-D5A1-4CAA-AAD6-EA390328D22B}] => (Allow) D:\steam\steamapps\common\SunlessSea\Sunless Sea.exe () [File not signed]
FirewallRules: [{B2A26293-430B-45E3-A6DA-B9CA59205E40}] => (Allow) D:\steam\steamapps\common\SunlessSea\Sunless Sea.exe () [File not signed]
FirewallRules: [{27352122-E882-4785-B6AA-7A6FEC4BCB3A}] => (Allow) D:\steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [{128C7E2B-2E90-4CA7-8155-BE5B3EA28A32}] => (Allow) D:\steam\steamapps\common\Human Fall Flat\Human.exe () [File not signed]
FirewallRules: [TCP Query User{CF3A1515-CAD4-4915-8EE3-EA9BBF63E617}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{8061E5F7-B804-49FF-BF1C-DC2EB7724B9F}D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) D:\male hry\twitch\install\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{C1A23106-24A8-4B25-84EF-12CADB1F7F1A}] => (Allow) D:\steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{EA4784AB-7A31-41A8-8AA6-B4C43F407604}] => (Allow) D:\steam\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{79A521E6-00C6-4591-B7AB-B72A09510C09}] => (Allow) D:\steam\steamapps\common\When Ski Lifts Go Wrong\When Ski Lifts Go Wrong.exe () [File not signed]
FirewallRules: [{65B42AC9-B3A5-4092-9759-50012F382F69}] => (Allow) D:\steam\steamapps\common\When Ski Lifts Go Wrong\When Ski Lifts Go Wrong.exe () [File not signed]
FirewallRules: [{700C026C-87A2-4979-A144-E224D111356C}] => (Allow) D:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{F595B7B9-5961-4990-BF87-36A074691254}] => (Allow) D:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{A6D35DEE-3158-4223-BD31-32172A7F7D3C}] => (Allow) D:\steam\steamapps\common\Massive Chalice\MC.exe () [File not signed]
FirewallRules: [{C5D57D7E-4A26-484B-8676-1D549E545479}] => (Allow) D:\steam\steamapps\common\Massive Chalice\MC.exe () [File not signed]
FirewallRules: [{87F9F654-2837-434E-A780-5EA18C8D69DE}] => (Allow) D:\steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{738E02A8-5238-4E27-A100-8983555D0D76}] => (Allow) D:\steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{16CC304D-648D-4B67-884F-5C7F47C9520A}] => (Allow) D:\steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{0820A00C-D701-4E9B-AB92-62AEB04AAFE9}] => (Allow) D:\steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [TCP Query User{2CD56DD0-07CB-414A-A5E7-53C712A23917}D:\steam\steamapps\common\supraland demo\supraland\binaries\win64\supraland-win64-shipping.exe] => (Block) D:\steam\steamapps\common\supraland demo\supraland\binaries\win64\supraland-win64-shipping.exe No File
FirewallRules: [UDP Query User{DEB3250A-2A1A-40EE-99C5-9C723848FBA3}D:\steam\steamapps\common\supraland demo\supraland\binaries\win64\supraland-win64-shipping.exe] => (Block) D:\steam\steamapps\common\supraland demo\supraland\binaries\win64\supraland-win64-shipping.exe No File
FirewallRules: [{343B79CB-C253-4854-84B9-684F663598C5}] => (Allow) D:\steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [{D133E5D8-0764-45D2-824F-CEB1EBAB61B7}] => (Allow) D:\steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
FirewallRules: [TCP Query User{0B4ED57B-A50C-4270-961F-3A908067BF4C}D:\steam\steamapps\common\castle story\castle story.exe] => (Allow) D:\steam\steamapps\common\castle story\castle story.exe () [File not signed]
FirewallRules: [UDP Query User{742C7BE9-0ECE-47F1-91C7-3E75E37B9B59}D:\steam\steamapps\common\castle story\castle story.exe] => (Allow) D:\steam\steamapps\common\castle story\castle story.exe () [File not signed]
FirewallRules: [TCP Query User{80D72567-5B70-4D81-BD2F-1F56A7D234D0}D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{0D9D7D36-377A-49DF-A7D2-62A1D8D4EEC4}D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) D:\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [TCP Query User{99FD84D4-E5FB-46ED-B7E8-BC8EE3892D4E}G:\antichamber\binaries\win32\udk.exe] => (Block) G:\antichamber\binaries\win32\udk.exe No File
FirewallRules: [UDP Query User{61FB5FCD-8FB3-497F-9230-949F22704021}G:\antichamber\binaries\win32\udk.exe] => (Block) G:\antichamber\binaries\win32\udk.exe No File
FirewallRules: [{F814009F-D111-4726-9B29-1718EB5B28EC}] => (Allow) D:\steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{1EF33C23-26A2-48E9-87DC-2ACBE307C2EA}] => (Allow) D:\steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [File not signed]
FirewallRules: [{C6C8C735-F766-4721-8BAF-D601460163A6}] => (Allow) D:\steam\steamapps\common\Lonk's Adventure\Reventure.exe () [File not signed]
FirewallRules: [{EF406C78-A7EB-42BB-ADAF-F3DCBD9559B3}] => (Allow) D:\steam\steamapps\common\Lonk's Adventure\Reventure.exe () [File not signed]
FirewallRules: [{FE1CFA7C-2DBD-4696-81C5-6C4D1255E127}] => (Allow) D:\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe No File
FirewallRules: [{95386B02-0865-4492-8C87-A0356FA4BEB1}] => (Allow) D:\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe No File
FirewallRules: [{4197D852-F637-4B87-924F-B7AC2CA55649}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{88851EB4-C22F-48BC-956D-88994C18D0BE}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{FCBF04CD-DD37-4CE1-B133-8F0262EE7532}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{BDC53401-3FE8-44BE-82B5-1F761FD352A3}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{711FA219-3A3A-42E1-BD7B-13D9939C2B37}] => (Allow) D:\steam\steamapps\common\Autonauts\Autonauts.exe () [File not signed]
FirewallRules: [{010551FF-F3C8-428E-ABF1-F32C11CE83F7}] => (Allow) D:\steam\steamapps\common\Autonauts\Autonauts.exe () [File not signed]
FirewallRules: [{CF8C220D-621B-4626-93F6-103DF1976E91}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{36304C96-3BE9-4505-8E95-D6C0471A1ED1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8F1E38BB-D2A4-4E02-BF80-9898DE6DFCD1}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{569E136A-0E45-41FE-93F4-FAFBEB8EE493}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F44075B9-3156-4424-9F81-B8AADBA27A91}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0A9E6591-4EDC-4033-BD9D-C0FE0562798E}] => (Allow) D:\steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{463C8CEC-1202-4A75-A166-9B6D17F55462}] => (Allow) D:\steam\steamapps\common\BadNorth\BadNorth.exe (Raw Fury AB -> )
FirewallRules: [{01AFAA4C-BD07-4EB5-80C7-97ED428D1ED7}] => (Allow) D:\steam\steamapps\common\BadNorth\BadNorth.exe (Raw Fury AB -> )
FirewallRules: [{494818E7-5971-4FC7-8A72-7372727CBAC5}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed]
FirewallRules: [{A7A26410-75AC-4418-8FA8-C4B70A46F080}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\ActionSquad.exe (PixelShard.com) [File not signed]
FirewallRules: [{6C48B6F8-E3B2-48BC-87FA-9007A781985D}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{45519D1F-1817-4C20-8638-1B673AC83B0A}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_game.exe () [File not signed]
FirewallRules: [{FF38B8F4-87C6-4763-BCD2-9BEFFCC63527}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{56380126-64C0-4666-8091-5FF77B1A4195}] => (Allow) D:\steam\steamapps\common\RunningWithRifles\rwr_config.exe () [File not signed]
FirewallRules: [{D82EF880-E7F8-4447-8633-F2F0230BD716}] => (Allow) D:\steam\steamapps\common\Forager\Forager.exe (HopFrog) [File not signed]
FirewallRules: [{2F29226E-7D74-4C3A-974D-22DDA0683011}] => (Allow) D:\steam\steamapps\common\Forager\Forager.exe (HopFrog) [File not signed]
FirewallRules: [{EE3B8D63-FD0E-4B41-A1FE-7A6BEEDB8608}] => (Allow) D:\steam\steamapps\common\Environmental Station Alpha\Environmental Station Alpha.exe ( ) [File not signed]
FirewallRules: [{37CA1B92-030F-4024-88D2-9291A6EE8978}] => (Allow) D:\steam\steamapps\common\Environmental Station Alpha\Environmental Station Alpha.exe ( ) [File not signed]
FirewallRules: [{4A846438-9443-451D-8878-A84450ABAD8D}] => (Allow) D:\steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{6D462FE8-5DD5-4326-AF9D-7EC12378A84A}] => (Allow) D:\steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed]
FirewallRules: [{A528E348-A3C8-41A3-A4CC-CF5F15B0EF78}] => (Allow) D:\steam\steamapps\common\Halcyon 6 Lightspeed Edition\H6.exe () [File not signed]
FirewallRules: [{0A50E877-BC1E-44AE-B8CC-C7D626FCEBCF}] => (Allow) D:\steam\steamapps\common\Halcyon 6 Lightspeed Edition\H6.exe () [File not signed]
FirewallRules: [{4CB3548C-A774-44D2-91E8-4A34416C1E6A}] => (Allow) D:\steam\steamapps\common\Shortest Trip to Earth\ST Earth.exe () [File not signed]
FirewallRules: [{DADE0867-72FC-4E12-9F46-91B741DA480F}] => (Allow) D:\steam\steamapps\common\Shortest Trip to Earth\ST Earth.exe () [File not signed]
FirewallRules: [{9D76D783-C84D-47C7-B4AB-222219D54688}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed]
FirewallRules: [{C45B7336-FC96-4205-8D9A-C060B3AB335F}] => (Allow) D:\steam\steamapps\common\Door Kickers - Action Squad\tools\ActionSquadEd.exe (ACME) [File not signed]
FirewallRules: [{9DEA78B0-DADC-47DE-9075-C572833EB717}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{1AF31FDE-5019-4639-8FC1-CB63E3AAD771}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C368F30D-F7EB-458D-B473-9B245D8C5D90}] => (Allow) D:\steam\steamapps\common\Cortex Command\Cortex Command.exe () [File not signed]
FirewallRules: [{3BA2C2B2-A260-4586-A812-D932FF777A82}] => (Allow) D:\steam\steamapps\common\Cortex Command\Cortex Command.exe () [File not signed]
FirewallRules: [{26347314-A320-4B86-AAF9-8311A9F15BBB}] => (Allow) D:\steam\steamapps\common\Nimbatus\Windows64\Nimbatus.exe () [File not signed]
FirewallRules: [{FF8FCA2F-E78D-4D95-B529-3BAB319CF0D2}] => (Allow) D:\steam\steamapps\common\Nimbatus\Windows64\Nimbatus.exe () [File not signed]
FirewallRules: [{2E8C318F-727E-4FE5-AB1B-5FB3FC3B3D6B}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{94B9B6D7-259E-4126-AB4D-3AE043C6FA7E}] => (Allow) D:\steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{99629E20-A63D-4974-AD07-0982A57CB776}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{C009971C-F8E2-4885-A3B4-0B58EE81A63F}] => (Allow) D:\steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]

==================== Restore Points =========================

24-01-2020 19:21:24 Naplánovaný kontrolní bod
27-01-2020 22:44:02 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
30-01-2020 23:54:43 Operace obnovení
31-01-2020 00:09:29 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
31-01-2020 00:42:05 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry
31-01-2020 01:47:59 Operace obnovení
31-01-2020 02:23:05 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/31/2020 02:28:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2020 02:28:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003dc34
ID chybujícího procesu: 0x95c
Čas spuštění chybující aplikace: 0x01d5d7d5a82e25af
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\Explorer.EXE
ID zprávy: f01b0718-43c8-11ea-8ba2-303a64fb21be

Error: (01/31/2020 02:28:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/31/2020 02:28:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/31/2020 02:19:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2020 02:19:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/31/2020 02:19:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (01/31/2020 02:08:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (01/31/2020 02:28:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (01/31/2020 02:28:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/31/2020 02:28:35 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/31/2020 02:28:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/31/2020 02:28:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (01/31/2020 02:28:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby IObit Uninstaller Service bylo dosaženo časového limitu (30000 ms).

Error: (01/31/2020 02:28:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (01/31/2020 02:28:02 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.


==================== Memory info ===========================

BIOS: American Megatrends Inc. E1759IMS.520 08/26/2014
Motherboard: Micro-Star International Co., Ltd. MS-1759
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 66%
Total physical RAM: 8111.06 MB
Available physical RAM: 2730.09 MB
Total Virtual: 16220.26 MB
Available Virtual: 9995.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:41.18 GB) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:62.98 GB) NTFS
Drive e: () (Fixed) (Total:687.27 GB) (Free:108.99 GB) NTFS

\\?\Volume{66bfb446-7e3a-11e4-a897-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 65178622)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 65178610)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3523344 2019-06-03] (IObit Information Technology -> IObit)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {10fdefd4-3c37-11e6-957d-303a64fb21ba} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {66bfb44c-7e3a-11e4-a897-806e6f6e6963} - F:\CDSetup.exe
Task: {18B38D4D-6F18-4A80-8918-40D391BCE4AD} - System32\Tasks\ASCU12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [3148560 2019-05-20] (IObit Information Technology -> IObit)
Task: {25AA5207-9FB8-4406-9442-7B969492C521} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [498976 2016-06-06] (IObit Information Technology -> IObit)
Task: {691B3FEC-7A10-4740-96F6-911E1953CC7F} - System32\Tasks\ASCU12_SkipUac_Drakuba => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [8707344 2019-08-21] (IObit Information Technology -> IObit)
Task: {80B02AD8-6A01-4C60-9CB2-6AFC01AC3685} - System32\Tasks\Uninstaller_SkipUac_Drakuba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {8ACA9EA4-3903-42A4-93E4-4FBD25B67815} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5386528 2016-11-21] (IObit Information Technology -> IObit)
Task: {DCB58E37-9411-4159-B958-0C6CF03837AC} - System32\Tasks\Driver Booster SkipUAC (Drakuba) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe
Task: {EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2848032 2016-07-22] (IObit Information Technology -> IObit)
R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1271056 2019-08-12] (IObit Information Technology -> IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1740560 2019-01-02] (IObit Information Technology -> IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
S3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
S3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2018-03-20] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [19856 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [33240 2018-04-04] (IObit Information Technology -> IObit.com)
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2018-03-20] (IObit Information Technology -> IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit)
S3 IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [X]
2020-01-31 02:29 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\IObit
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\IObit
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\ProgramData\IObit
2020-01-31 01:54 - 2019-11-15 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-01-31 01:54 - 2018-06-21 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2020-01-31 01:54 - 2016-03-02 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2020-01-31 01:54 - 2015-11-30 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2020-01-24 15:08 - 2019-05-23 14:00 - 000002850 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Drakuba)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
FirewallRules: [{5A1F5E5F-8955-4A92-BA27-D61F7EE8991A}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{ADA3AD36-38A6-4CC1-AE8B-AA0000A14F72}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File


EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[drakuba]

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by Drakuba (01-02-2020 01:17:41) Run:1
Running from C:\Users\Drakuba\Desktop
Loaded Profiles: Drakuba (Available Profiles: Drakuba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3523344 2019-06-03] (IObit Information Technology -> IObit)
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\Run: [] => [X]
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {10fdefd4-3c37-11e6-957d-303a64fb21ba} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\...\MountPoints2: {66bfb44c-7e3a-11e4-a897-806e6f6e6963} - F:\CDSetup.exe
Task: {18B38D4D-6F18-4A80-8918-40D391BCE4AD} - System32\Tasks\ASCU12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [3148560 2019-05-20] (IObit Information Technology -> IObit)
Task: {25AA5207-9FB8-4406-9442-7B969492C521} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [498976 2016-06-06] (IObit Information Technology -> IObit)
Task: {691B3FEC-7A10-4740-96F6-911E1953CC7F} - System32\Tasks\ASCU12_SkipUac_Drakuba => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [8707344 2019-08-21] (IObit Information Technology -> IObit)
Task: {80B02AD8-6A01-4C60-9CB2-6AFC01AC3685} - System32\Tasks\Uninstaller_SkipUac_Drakuba => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {8ACA9EA4-3903-42A4-93E4-4FBD25B67815} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5386528 2016-11-21] (IObit Information Technology -> IObit)
Task: {DCB58E37-9411-4159-B958-0C6CF03837AC} - System32\Tasks\Driver Booster SkipUAC (Drakuba) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe
Task: {EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2848032 2016-07-22] (IObit Information Technology -> IObit)
R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1271056 2019-08-12] (IObit Information Technology -> IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1740560 2019-01-02] (IObit Information Technology -> IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
S3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit Information Technology -> IObit)
S3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit Information Technology -> IObit)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2018-03-20] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2018-03-20] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [19856 2018-03-20] (IObit Information Technology -> IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [33240 2018-04-04] (IObit Information Technology -> IObit.com)
S3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2018-03-20] (IObit Information Technology -> IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit)
S3 IURegProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [X]
2020-01-31 02:29 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\LocalLow\IObit
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\Users\Drakuba\AppData\Roaming\IObit
2020-01-31 02:27 - 2015-07-20 15:59 - 000000000 ____D C:\ProgramData\IObit
2020-01-31 01:54 - 2019-11-15 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-01-31 01:54 - 2018-06-21 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2020-01-31 01:54 - 2016-03-02 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2020-01-31 01:54 - 2015-11-30 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2020-01-24 15:08 - 2019-05-23 14:00 - 000002850 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Drakuba)
ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
FirewallRules: [{5A1F5E5F-8955-4A92-BA27-D61F7EE8991A}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File
FirewallRules: [{ADA3AD36-38A6-4CC1-AE8B-AA0000A14F72}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe No File


EmptyTemp:
Reboot:
End
*****************

[184] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe => process closed successfully.
[972] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe => process closed successfully.
[2296] C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe => process closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate" => removed successfully
"HKU\S-1-5-21-628811325-4240189017-3329868707-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I => removed successfully
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10fdefd4-3c37-11e6-957d-303a64fb21ba} => removed successfully
HKU\S-1-5-21-628811325-4240189017-3329868707-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66bfb44c-7e3a-11e4-a897-806e6f6e6963} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18B38D4D-6F18-4A80-8918-40D391BCE4AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18B38D4D-6F18-4A80-8918-40D391BCE4AD}" => removed successfully
C:\Windows\System32\Tasks\ASCU12_PerformanceMonitor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASCU12_PerformanceMonitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25AA5207-9FB8-4406-9442-7B969492C521}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25AA5207-9FB8-4406-9442-7B969492C521}" => removed successfully
C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_AutoAnalyze" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{691B3FEC-7A10-4740-96F6-911E1953CC7F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{691B3FEC-7A10-4740-96F6-911E1953CC7F}" => removed successfully
C:\Windows\System32\Tasks\ASCU12_SkipUac_Drakuba => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASCU12_SkipUac_Drakuba" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80B02AD8-6A01-4C60-9CB2-6AFC01AC3685}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80B02AD8-6A01-4C60-9CB2-6AFC01AC3685}" => removed successfully
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Drakuba => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Drakuba" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8ACA9EA4-3903-42A4-93E4-4FBD25B67815}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ACA9EA4-3903-42A4-93E4-4FBD25B67815}" => removed successfully
C:\Windows\System32\Tasks\SmartDefrag_Startup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_Startup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCB58E37-9411-4159-B958-0C6CF03837AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCB58E37-9411-4159-B958-0C6CF03837AC}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Drakuba) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Drakuba)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC216FFB-56E3-4E4D-BE38-32C9CEA23C6E}" => removed successfully
C:\Windows\System32\Tasks\SmartDefrag_Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag_Update" => removed successfully
HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService12 => removed successfully
AdvancedSystemCareService12 => service removed successfully
HKLM\System\CurrentControlSet\Services\ASCAntivirusSrv => removed successfully
ASCAntivirusSrv => service removed successfully
HKLM\System\CurrentControlSet\Services\IObitUnSvr => removed successfully
IObitUnSvr => service removed successfully
HKLM\System\CurrentControlSet\Services\AscFileFilter => removed successfully
AscFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\AscRegistryFilter => removed successfully
AscRegistryFilter => service removed successfully
IMFCameraProtect => Unable to stop service.
HKLM\System\CurrentControlSet\Services\IMFCameraProtect => removed successfully
IMFCameraProtect => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}\\UpperFilters IMFCameraProtect => value removed successfully
HKLM\System\CurrentControlSet\Services\IMFDownProtect => removed successfully
IMFDownProtect => service removed successfully
HKLM\System\CurrentControlSet\Services\IMFFilter => removed successfully
IMFFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\IMFForceDelete => removed successfully
IMFForceDelete => service removed successfully
IMFMBRProtect => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IMFMBRProtect => removed successfully
IMFMBRProtect => service removed successfully
IMFSafeBox => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IMFSafeBox => removed successfully
IMFSafeBox => service removed successfully
HKLM\System\CurrentControlSet\Services\iobit_monitor_server => removed successfully
iobit_monitor_server => service removed successfully
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully
IUFileFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\IUProcessFilter => removed successfully
IUProcessFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\IURegistryFilter => removed successfully
IURegistryFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\RegFilter => removed successfully
RegFilter => service removed successfully
SmartDefragDriver => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\SmartDefragDriver => removed successfully
SmartDefragDriver => service removed successfully
HKLM\System\CurrentControlSet\Services\IURegProcessFilter => removed successfully
IURegProcessFilter => service removed successfully
C:\Users\Drakuba\AppData\LocalLow\IObit => moved successfully
C:\Users\Drakuba\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7 => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller => moved successfully
"C:\Windows\system32\Tasks\Driver Booster SkipUAC (Drakuba)" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ IMFSafeBox => not found
HKLM\Software\Classes\CLSID\{0BB81440-5F42-4480-A5F7-770A6F439FC8} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A1F5E5F-8955-4A92-BA27-D61F7EE8991A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADA3AD36-38A6-4CC1-AE8B-AA0000A14F72}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57815977 B
Java, Flash, Steam htmlcache => 560754047 B
Windows/system/drivers => 55258 B
Edge => 0 B
Chrome => 0 B
Firefox => 51921024 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 167602 B
systemprofile32 => 233958 B
LocalService => 366202 B
NetworkService => 437688 B
Drakuba => 82484511 B
UpdatusUser => 82484511 B

RecycleBin => 107289 B
EmptyTemp: => 806.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:17:57 ====

[JaRon]

IOBit odstraneny, virovy problem tam nie je
Snad hotovo

[drakuba]

to jsem rád že tam nic neni, díky za pomoc

[JaRon]

Rado sa stalo