Kontrola logu

Zpráva

jiji01 · #1 Příspěvek od **jiji01** » 16 dub 2020 19:49

Dobrý den, prosím o kontrolu logu. Ve správci jsou soubory winlogon.exe a csrss.exe, které nelze ukončit.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2020
Ran by Jirka (16-04-2020 20:37:10)
Running from C:\Users\Jirka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-14 12:15:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-694281153-3178257476-2985367732-500 - Administrator - Disabled)
Guest (S-1-5-21-694281153-3178257476-2985367732-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-694281153-3178257476-2985367732-1002 - Limited - Enabled)
Jirka (S-1-5-21-694281153-3178257476-2985367732-1000 - Administrator - Enabled) => C:\Users\Jirka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version: - )
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version: - )
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version: - )
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.2.3116 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 80.1.3901.164 - Autoři prohlížeče AVG Secure Browser)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.3.60 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 cs) (HKLM\...\Mozilla Firefox 75.0 (x64 cs)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 45.2 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
X3: Reunion 1.4.02 (HKLM-x32\...\X3: Reunion_is1) (Version: - CINEMAX, s.r.o.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-694281153-3178257476-2985367732-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-694281153-3178257476-2985367732-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-694281153-3178257476-2985367732-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-694281153-3178257476-2985367732-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jirka\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-02-14 20:55 - 2020-02-14 20:55 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-02-14 20:55 - 2020-02-14 20:55 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-02-14 20:55 - 2020-02-14 20:55 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-10-26 13:04 - 2019-10-26 13:04 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-10-26 13:04 - 2019-10-26 13:04 - 000650240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000369664 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-09-09 16:29 - 2019-09-09 16:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 16:30 - 2019-09-09 16:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 16:30 - 2019-09-09 16:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-08-13 14:00 - 2014-12-04 00:38 - 000074240 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2017-11-01 22:48 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2017-11-01 22:48 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2020-02-14 20:55 - 2020-02-14 20:55 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Jirka:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-12-07 20:35 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E9BC1E1D-59B7-42FB-9A1C-CC9EE2BEF3C4}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8A60279A-44A9-440E-91DD-57D663D92A1F}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{947BD237-0C34-473B-9259-F0836D9EC1AA}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{5DF5B0E2-DFB0-4DC5-8774-5049165F8C93}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{CD1E8EA5-5602-43F8-A711-80049FC17C53}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{FB80C945-0995-4ECE-B9C2-D97018C3BBF2}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{5DCE83BD-CDED-437E-968D-95DE1838C528}] => (Allow) D:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{56C207E8-464D-4022-90A1-029C985AAC95}] => (Allow) D:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{0AD25F4E-E123-4858-ABEA-93CFCE3A9BB8}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{4796B783-16F8-4884-8345-AD6959B36663}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{9AB60133-BE0C-4589-9501-EE21BEEE4A76}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{4D3E719E-F060-4E70-A591-000AD2C184F6}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{7E573A66-8A80-4D13-9EC8-D4DB81ABC14F}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0E430B4F-3F51-4311-BF7A-9179C9A9E4EB}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6B407DD2-FF63-44FF-B3BD-494EB8B8F0FE}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{831F21D7-BD8F-401F-8620-7100EEAFE025}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe () [File not signed]
FirewallRules: [{6A1430B1-9934-4FE5-8FD6-7F8FDA1DC336}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{1DAC2F1B-AF72-49E5-9A95-CAA6D0097BD2}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{A503E29A-F037-4F55-BD86-E7C4B2F0F5AE}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{4D157DD0-BD80-4B8F-9570-AC95F0FB0414}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{B78BAEB6-E84A-41E4-893F-F9BAB579C082}] => (Allow) D:\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{B00585AB-6174-4CA4-AB91-1251FC49DB58}] => (Allow) D:\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{17C11417-A2B4-4EC4-A968-B0A0A3C99A13}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed]
FirewallRules: [{8864ABE1-F230-4CC0-A5E6-93C7D6032AE7}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed]
FirewallRules: [{F1E23FAA-1519-4AF0-B153-05D6EE248A84}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{C01F1EDA-D12D-4486-981A-EFF343423402}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{B3897E2D-F3AE-498C-997D-1A10D629945F}] => (Allow) D:\Steam\steamapps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{E15E7496-7345-46C8-BA43-84F55CB91680}] => (Allow) D:\Steam\steamapps\common\DCSWorld\Run.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{90AC4274-2599-44CE-9B4A-C8A27435282F}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{90221F91-2141-4F2E-91F4-FC73DDCB31BF}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{D33DDE67-3F44-4E0E-8E74-F2CCA5E7F7EE}] => (Allow) D:\Steam\steamapps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{89F36A09-AD08-4438-83D2-D35C560E0A62}] => (Allow) D:\Steam\steamapps\common\IL 2 Sturmovik 1946\il2fb.exe () [File not signed]
FirewallRules: [{6B38AF46-BD3E-4BD2-AC9A-EB9A082F9453}] => (Allow) D:\Steam\steamapps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{FF69A457-D3FC-4F73-A8A1-1C28E6DBB899}] => (Allow) D:\Steam\steamapps\common\Alien Isolation\AI.exe () [File not signed]
FirewallRules: [{057DACFB-E609-4883-BC0C-15D05660992E}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{155E9798-602D-4C58-9813-1C71A484A833}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{21936736-6B8D-4C40-97DA-ACE47ED7CF84}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{C6683970-E1DD-409B-9A37-A5587F5021D8}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [TCP Query User{5658FE65-AA6F-47EF-96C8-131AAB0B7CC2}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{8412D832-B8DA-4FB9-8D63-4A63B319D734}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{1BC0FA3C-49B8-463E-B41E-3D579E71A026}] => (Allow) D:\Steam\steamapps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{D79E1D0D-BD86-45D9-87BA-06CA2E54EE12}] => (Allow) D:\Steam\steamapps\common\DCSWorld\bin\DCS.exe (The Fighter Collection -> Eagle Dynamics)
FirewallRules: [{C052735B-9B76-488E-B309-A876E1427550}] => (Allow) D:\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{B3A6EEF5-7C64-4F82-BA0A-EC33485B57F6}] => (Allow) D:\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{02F51ECD-051B-4F89-BFDF-57B3F51C5FA6}] => (Allow) D:\Hry\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{68E0C120-2275-4401-88FD-26D968A21F84}] => (Allow) D:\Hry\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{2E943C1D-DA29-4D97-9BA6-E04D4B04FC6A}] => (Allow) D:\Hry\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{35DAA900-78EF-4D96-97DF-70420BBC7831}] => (Allow) D:\Hry\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{291C1C2D-1835-40DC-B2EF-950962F3C2A9}] => (Allow) D:\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{1DAA4049-0652-4C5E-B3F1-8F9DE329164C}] => (Allow) D:\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{5696F637-DDDD-4C5A-85B7-DB036B70E5D5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57ECC736-F506-4247-BE02-3E2FC6639302}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C73DD630-220F-4921-8DE1-C1B7B2799C98}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F66CA568-E530-4821-9E9E-51467A6C9311}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{F2351B2A-0490-4A1B-8B69-D61EBA214870}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{B07C0B1B-79C1-4AAC-B27D-CEC7DB6CC814}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{4DD6C9AA-DFDF-46A1-B017-135787F76F8D}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{32D07D15-AC8F-4EA1-981F-F702E574519C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{474AB1A0-36A6-4536-92ED-6FA6C58D5055}] => (Allow) LPort=26789
FirewallRules: [{103CFCC7-0966-41E4-81C5-3E9225F907C6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{19256F62-0E5B-4D62-93EE-D05460267433}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5932AF0F-CFEF-4028-AA9C-63892FEAD976}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{F7B20833-0829-481D-AEAA-1FE471D1FC0C}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{6EFF0B70-8825-4724-808B-9A1A32DF8D25}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{5827AB77-977F-4411-B4D1-8309AEA5D61A}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{1FF7033C-252F-4E62-96D7-7D2F2A411344}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{7A482B28-25E6-419C-A1F9-295D9D21A55C}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{6DB30E27-062B-4B4F-96DB-B4B8C58EFB89}] => (Allow) D:\Steam\steamapps\common\Verdun\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{941363F1-2CF3-4B4D-B3C6-240025165DC2}] => (Allow) D:\Steam\steamapps\common\Verdun\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{65A38308-DC4D-46C7-B443-E38A83A2BCF3}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{1B745391-6A02-4BA9-876D-48FE5916C933}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{A04910A3-6DE3-415E-B505-918AC144F497}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{63F06F72-8A57-40EE-8C3F-D7ED23040925}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{02CC968F-4C84-4033-9123-1D74E814E072}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{F0ADF275-1A11-4502-AA5B-2E2B8593FC98}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{1E4E96F3-A358-4EE1-AB2D-EB59C84582B9}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{54355835-33F1-41DD-9D31-958769031703}] => (Allow) D:\Steam\steamapps\common\DayZ Exp\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{EDBC6455-FBAE-46B4-A910-5098A34916A9}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5B4D889D-6FF1-4729-9F76-F2B6EC1DC762}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{8B6ACF49-356C-457D-AE9B-0E6D3F76C5E3}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{11C46928-47C2-4076-8DBD-4D9FA2BB5E1E}D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\hry\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{32BF89DF-C508-43AE-9B9F-6A6D471A9AE0}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7A30F895-4884-4AA4-9A30-EC89E7D9A21B}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A66FA99A-6801-4C39-A5C8-798D59BC932E}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1F8482AF-BAD3-419D-B8D7-7BBD46682606}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8E4CF02A-FDED-47E1-883B-5A78795DAFA4}] => (Allow) D:\Hry\WatchDogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{DF0D9B6F-FC36-4D79-9CF4-C6AC074B067B}] => (Allow) D:\Hry\WatchDogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{17CDCDE0-71DC-4BB0-911F-56BE5CE6705F}D:\hry\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\hry\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [UDP Query User{2C96CD1C-7EB6-4EBD-ADED-EEBFCE726F1B}D:\hry\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\hry\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [{B2D978B2-8957-4A5B-B575-8CDB4EED7AA1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5D008AFF-F6D9-4C7A-B2B0-A126F7DA75EA}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)

==================== Restore Points =========================

09-04-2020 17:19:54 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (04/16/2020 08:31:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2020 08:19:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2020 08:17:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2020 08:14:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/16/2020 08:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.607, časové razítko: 0x5e76d351
Název chybujícího modulu: Qt5Core.dll, verze: 5.14.1.0, časové razítko: 0x5e4172be
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219d05
ID chybujícího procesu: 0x1808
Čas spuštění chybující aplikace: 0x01d614193f3866d4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 83dc18c9-800c-11ea-89ad-d8cb8a17b1ab

Error: (04/16/2020 08:02:21 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (7044) Pokus o otevření souboru C:\Users\Jirka\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (04/16/2020 07:18:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2020 07:14:08 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

System errors:
=============
Error: (04/16/2020 08:30:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/16/2020 08:30:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (04/16/2020 08:30:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/16/2020 08:30:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/16/2020 08:30:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/16/2020 08:18:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/16/2020 08:18:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/16/2020 08:18:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

CodeIntegrity:
===================================

Date: 2020-01-20 15:09:41.252
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\MSI Afterburner\RTCore64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-01-20 15:09:40.846
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\MSI Afterburner\RTCore64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-28 22:28:52.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-28 22:28:52.424
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-28 22:28:52.234
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL because the set of per-page image hashes could not be found on the system.

Date: 2018-05-28 22:28:52.063
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\NapiNSP.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-28 22:28:51.912
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nlaapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.8 07/17/2014
Motherboard: MSI B85-G41 PC Mate(MS-7850)
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 51%
Total physical RAM: 8120 MB
Available physical RAM: 3960.51 MB
Total Virtual: 16238.14 MB
Available Virtual: 11756.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:35.71 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:241.44 GB) NTFS

\\?\Volume{9c1cbf0c-41af-11e5-b045-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 37DE127C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 37DE1271)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2020
Ran by Jirka (administrator) on JIRKA-PC (MSI MS-7850) (16-04-2020 20:36:42)
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Intel Corporation - Client Components Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8447192 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156256 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-12-04] (Intel Corporation - Client Components Group -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [Steam] => D:\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31740816 2020-04-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\80.1.3901.164\Installer\chrmstp.exe [2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B01175-AD0D-463E-89FF-7CF14FA5D2E7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {12E4E3F0-D024-4BCB-9E13-5FCB17B22CCA} - System32\Tasks\{481B0461-2B43-49D7-8E1B-46795729CDE4} => D:\Hry\ArmA\arma.exe
Task: {228F3110-4CF2-45A2-97C0-47E712C2F231} - System32\Tasks\{88283B1D-20D3-4CF3-B6BE-FBE76809348A} => D:\Hry\ArmA\arma.exe
Task: {25E516EB-89E1-4324-91E2-70CD28FD4952} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AB4C063-492B-4C2B-8D14-D3C7A0CC8E83} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3B31A0B9-FBEC-4802-AFA0-9E9D11F7D5EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {43D53F06-98A4-42FA-99B9-59CA5571FC7C} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {4D324313-5FF7-4FD7-8A46-5DD509D63508} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1871496 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4EEE005D-E26E-4A0B-92C5-937637F59201} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {5048D6D8-20CB-4CF3-B214-2A8A23D13E8A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-694281153-3178257476-2985367732-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {61A8770B-F7F0-4695-BDC3-5233D26477CF} - System32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {87CEAABC-466C-4B84-B85B-63F9536CBB86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)
Task: {884A946B-C92E-4A30-959E-E1A9CCF60247} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {AA984312-A143-486E-B9DB-79E9E9F516D0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3373072 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {B3EF6477-FAEC-4460-A271-33CC31CDE827} - System32\Tasks\{2DFD272C-026A-4CDB-BA1A-A68483117D46} => C:\Windows\system32\pcalua.exe -a C:\Users\Jirka\Downloads\x3_cz_bonuspack_3.1.07.exe -d C:\Users\Jirka\Downloads
Task: {BBEB2F76-ACA7-409F-A204-19D4C6C356FE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)
Task: {D767A1AB-24C0-4617-8F61-F41A0FD5CF04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-02] (AVG Netherlands B.V. -> AVG Technologies)
Task: {DA821CC1-4E09-4C5B-986D-7B100CCB316D} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1871496 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E2395C34-1B4D-49F2-A626-7E4A0C1D627E} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-02] (AVG Netherlands B.V. -> AVG Technologies)
Task: {F0DDECA1-DEB8-4B2E-A1E0-07142B8296B4} - System32\Tasks\{EC5F44E0-6F92-493F-84BF-E76558B54473} => D:\Hry\ArmA\arma.exe
Task: {FD20E807-7323-4B76-8F10-0DA3AB7E791D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B0E5E73-C748-4170-B7DB-FE1D4DB7EBEA}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F1FDE1C2-CB21-4E7E-88E4-88A6F22D74A6}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-694281153-3178257476-2985367732-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> DefaultScope {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {87A911FA-F734-4013-A051-BC0A123E277F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-694281153-3178257476-2985367732-1000 -> {f0154334-dc25-4677-9226-e07448ea8235} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF DefaultProfile: og8yefo7.default-1518114672207
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 [2020-04-16]
FF Homepage: Mozilla\Firefox\Profiles\og8yefo7.default-1518114672207 -> hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2020-04-16]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-21]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-14]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-12-14]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-21]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-14]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-12-14]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-21]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-02] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [345960 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [5552064 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-02] (AVG Netherlands B.V. -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\80.1.3901.164\elevation_service.exe [973792 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-14] (BattlEye Innovations e.K. -> )
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [788264 2020-04-14] (Reto-Moto ApS -> Reto-Moto ApS)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37960 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206672 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [234840 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [179032 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61272 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43568 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175984 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [110064 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [85664 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [852392 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459992 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235768 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317864 2020-04-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [23784 2016-10-06] (Wacom Technology Corporation -> Windows (R) Win 7 DDK provider)
S3 I2cHkBurn; C:\Windows\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2014-12-10] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] (Intel CASE -> )
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\Legacy\RTCore64.sys [14496 2019-10-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31400 2014-12-23] (Synaptics Incorporated -> Synaptics Incorporated)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-16 20:35 - 2020-04-16 20:35 - 002281472 _____ (Farbar) C:\Users\Jirka\Downloads\FRST64(1).exe
2020-04-16 20:32 - 2020-04-16 20:32 - 000001847 _____ C:\Users\Jirka\Desktop\AdwCleaner[C02].txt
2020-04-16 20:30 - 2020-04-16 20:30 - 008196784 _____ (Malwarebytes) C:\Users\Jirka\Downloads\adwcleaner_8.0.4(1).exe
2020-04-16 20:30 - 2020-04-16 20:30 - 000001657 _____ C:\Users\Jirka\Desktop\AdwCleaner[S02].txt
2020-04-16 20:15 - 2020-04-16 20:16 - 000000000 ____D C:\AdwCleaner
2020-04-16 20:15 - 2020-04-16 20:15 - 008196784 _____ (Malwarebytes) C:\Users\Jirka\Downloads\adwcleaner_8.0.4.exe
2020-04-16 20:01 - 2020-04-16 20:01 - 022267336 _____ (Piriform Software Ltd) C:\Users\Jirka\Downloads\ccsetup565(1).exe
2020-04-16 19:49 - 2020-04-16 19:49 - 000000259 _____ C:\Users\Jirka\Desktop\Just Cause 4.url
2020-04-16 14:50 - 2020-04-16 14:50 - 000337592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-04-16 14:50 - 2020-04-16 14:50 - 000235768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-04-16 14:50 - 2020-04-16 14:50 - 000175984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-04-10 13:03 - 2020-04-10 13:03 - 000000000 ____D C:\Users\Jirka\AppData\Local\ctts
2020-04-10 12:58 - 2020-04-10 12:58 - 000000272 _____ C:\Users\Jirka\Desktop\Close to the Sun.url
2020-04-08 12:09 - 2020-04-08 12:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-04-08 08:29 - 2020-04-09 13:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-28 12:47 - 2020-03-28 12:47 - 000000000 ____D C:\Users\Jirka\AppData\Local\Saber
2020-03-28 12:45 - 2020-03-28 12:45 - 000000280 _____ C:\Users\Jirka\Desktop\World War Z.url
2020-03-25 08:37 - 2020-03-25 08:37 - 000000259 _____ C:\Users\Jirka\Desktop\Watch Dogs.url
2020-03-24 23:24 - 2020-03-24 23:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\cache
2020-03-24 17:38 - 2020-03-24 17:38 - 022267336 _____ (Piriform Software Ltd) C:\Users\Jirka\Downloads\ccsetup565.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-16 20:36 - 2018-04-02 10:45 - 000020909 _____ C:\Users\Jirka\Downloads\FRST.txt
2020-04-16 20:36 - 2018-04-02 10:44 - 000000000 ____D C:\FRST
2020-04-16 20:35 - 2016-11-19 00:51 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\Mozilla
2020-04-16 20:31 - 2016-08-28 22:14 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-16 20:31 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-16 20:27 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-16 20:27 - 2009-07-14 06:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-16 20:25 - 2010-11-21 11:27 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-04-16 20:25 - 2010-11-21 11:27 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-04-16 20:25 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-16 20:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-16 20:16 - 2015-11-24 11:29 - 000000000 ____D C:\ProgramData\Avg
2020-04-16 20:03 - 2016-09-13 15:27 - 000000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2020-04-16 20:01 - 2017-11-06 00:20 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-16 20:01 - 2017-11-06 00:20 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-16 20:01 - 2017-11-06 00:20 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-16 19:18 - 2018-02-07 20:00 - 000003022 _____ C:\Windows\system32\Tasks\MSIAfterburner
2020-04-16 18:28 - 2015-08-26 23:22 - 000000000 ____D C:\Users\Jirka\AppData\Local\Arma 3 Launcher
2020-04-16 18:27 - 2018-10-01 15:34 - 000003002 _____ C:\Windows\system32\Tasks\MSISW_Host
2020-04-16 18:27 - 2018-09-06 20:32 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-16 18:27 - 2018-03-14 22:22 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-16 18:27 - 2017-11-06 00:20 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-16 18:27 - 2017-08-06 16:51 - 000003152 _____ C:\Windows\system32\Tasks\{2DFD272C-026A-4CDB-BA1A-A68483117D46}
2020-04-16 18:27 - 2017-06-02 00:13 - 000003916 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-04-16 18:27 - 2017-01-11 20:37 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-16 18:27 - 2017-01-11 20:37 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-16 18:27 - 2016-09-12 20:00 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-16 18:27 - 2015-08-15 21:21 - 000002906 _____ C:\Windows\system32\Tasks\{EC5F44E0-6F92-493F-84BF-E76558B54473}
2020-04-16 18:27 - 2015-08-15 21:21 - 000002906 _____ C:\Windows\system32\Tasks\{88283B1D-20D3-4CF3-B6BE-FBE76809348A}
2020-04-16 18:27 - 2015-08-15 21:11 - 000003032 _____ C:\Windows\system32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD}
2020-04-16 18:27 - 2015-08-14 15:04 - 000002906 _____ C:\Windows\system32\Tasks\{481B0461-2B43-49D7-8E1B-46795729CDE4}
2020-04-16 15:15 - 2019-04-28 14:50 - 000003706 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2020-04-16 15:15 - 2019-04-28 14:50 - 000003124 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2020-04-16 15:15 - 2018-09-02 18:09 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-04-16 14:58 - 2015-08-26 23:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\Arma 3
2020-04-16 14:50 - 2019-01-11 14:24 - 000037960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2020-04-16 14:50 - 2018-10-22 20:47 - 000043568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-04-16 14:50 - 2017-11-27 22:18 - 000206672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-04-16 14:50 - 2017-06-02 00:13 - 000852392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-04-16 14:50 - 2017-06-02 00:13 - 000459992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-04-16 14:50 - 2017-06-02 00:13 - 000317864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-04-16 14:50 - 2017-06-02 00:13 - 000110064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-04-16 14:50 - 2017-06-02 00:13 - 000085664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2020-04-16 14:49 - 2019-01-14 22:11 - 000234840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-04-16 14:49 - 2019-01-11 14:24 - 000179032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-04-16 14:49 - 2019-01-11 14:24 - 000061272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-04-15 17:12 - 2017-12-13 16:52 - 000000000 ____D C:\Users\Jirka\AppData\Local\Ubisoft Game Launcher
2020-04-14 19:47 - 2016-09-12 20:00 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-14 19:47 - 2016-09-12 20:00 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-14 19:47 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-14 19:47 - 2015-09-12 23:43 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-12 19:19 - 2016-02-05 00:01 - 000000000 ____D C:\Users\Jirka\Documents\American Truck Simulator
2020-04-10 13:03 - 2020-02-14 20:54 - 000000000 ____D C:\Users\Jirka\AppData\Local\UnrealEngine
2020-04-09 13:55 - 2018-02-08 20:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-06 21:56 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-04-06 11:15 - 2019-03-12 17:07 - 000000000 ____D C:\Users\Jirka\AppData\Local\DayZ Launcher
2020-04-06 11:02 - 2019-06-29 21:03 - 000000000 ____D C:\Users\Jirka\AppData\Local\DayZ
2020-04-05 21:57 - 2018-02-03 15:29 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2020-04-04 11:18 - 2015-10-17 23:24 - 000000000 ____D C:\Users\Jirka\AppData\Local\ArmA 2 OA
2020-04-03 17:14 - 2017-01-11 20:38 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 22:11 - 2015-08-16 09:43 - 000000000 ____D C:\Users\Jirka\Documents\Euro Truck Simulator 2
2020-03-25 13:28 - 2018-03-30 18:53 - 000000000 ____D C:\Users\Jirka\Documents\My Games
2020-03-25 13:28 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-03-25 11:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-03-24 23:24 - 2019-11-12 00:03 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-24 23:24 - 2019-11-12 00:03 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-24 23:23 - 2019-11-12 00:03 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-24 23:23 - 2016-07-31 15:55 - 000007607 _____ C:\Users\Jirka\AppData\Local\resmon.resmoncfg
2020-03-22 19:07 - 2015-12-20 22:01 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\SpinTires
2020-03-20 21:15 - 2015-10-12 16:37 - 000000000 ____D C:\Users\Jirka\AppData\Local\ArmA 2

==================== Files in the root of some directories ========

2016-11-02 14:15 - 2016-11-02 14:15 - 000000218 _____ () C:\Users\Jirka\AppData\Local\recently-used.xbel
2016-07-31 15:55 - 2020-03-24 23:23 - 000007607 _____ () C:\Users\Jirka\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-04-08 11:43
==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 16 dub 2020 19:59

Zdravím!
Winlogon.exe a csrss.exe jsou systémové procesy, které nelze ukončit.
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\Jirka:Heroes & Generals [38]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {87CEAABC-466C-4B84-B85B-63F9536CBB86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)
Task: {61A8770B-F7F0-4695-BDC3-5233D26477CF} - System32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {B3EF6477-FAEC-4460-A271-33CC31CDE827} - System32\Tasks\{2DFD272C-026A-4CDB-BA1A-A68483117D46} => C:\Windows\system32\pcalua.exe -a C:\Users\Jirka\Downloads\x3_cz_bonuspack_3.1.07.exe -d C:\Users\Jirka\Downloads
Task: {FD20E807-7323-4B76-8F10-0DA3AB7E791D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\{EC5F44E0-6F92-493F-84BF-E76558B54473}
C:\Windows\system32\Tasks\{88283B1D-20D3-4CF3-B6BE-FBE76809348A}
C:\Windows\system32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD}
C:\Windows\system32\Tasks\{481B0461-2B43-49D7-8E1B-46795729CDE4}

EmptyTemp:
End

Uložte do C:\Users\Jirka\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

jiji01 · #3 Příspěvek od **jiji01** » 16 dub 2020 20:14

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-04-2020
Ran by Jirka (16-04-2020 21:13:11) Run:1
Running from C:\Users\Jirka\Downloads
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\Jirka:Heroes & Generals [38]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {87CEAABC-466C-4B84-B85B-63F9536CBB86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)
Task: {61A8770B-F7F0-4695-BDC3-5233D26477CF} - System32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {B3EF6477-FAEC-4460-A271-33CC31CDE827} - System32\Tasks\{2DFD272C-026A-4CDB-BA1A-A68483117D46} => C:\Windows\system32\pcalua.exe -a C:\Users\Jirka\Downloads\x3_cz_bonuspack_3.1.07.exe -d C:\Users\Jirka\Downloads
Task: {FD20E807-7323-4B76-8F10-0DA3AB7E791D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-11] (Google Inc -> Google Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\{EC5F44E0-6F92-493F-84BF-E76558B54473}
C:\Windows\system32\Tasks\{88283B1D-20D3-4CF3-B6BE-FBE76809348A}
C:\Windows\system32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD}
C:\Windows\system32\Tasks\{481B0461-2B43-49D7-8E1B-46795729CDE4}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
C:\Users\Jirka => ":Heroes & Generals" ADS removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87CEAABC-466C-4B84-B85B-63F9536CBB86}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87CEAABC-466C-4B84-B85B-63F9536CBB86}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61A8770B-F7F0-4695-BDC3-5233D26477CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61A8770B-F7F0-4695-BDC3-5233D26477CF}" => removed successfully
C:\Windows\System32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3EF6477-FAEC-4460-A271-33CC31CDE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3EF6477-FAEC-4460-A271-33CC31CDE827}" => removed successfully
C:\Windows\System32\Tasks\{2DFD272C-026A-4CDB-BA1A-A68483117D46} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2DFD272C-026A-4CDB-BA1A-A68483117D46}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD20E807-7323-4B76-8F10-0DA3AB7E791D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD20E807-7323-4B76-8F10-0DA3AB7E791D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\system32\Tasks\{EC5F44E0-6F92-493F-84BF-E76558B54473} => moved successfully
C:\Windows\system32\Tasks\{88283B1D-20D3-4CF3-B6BE-FBE76809348A} => moved successfully
"C:\Windows\system32\Tasks\{D6FD0DC6-8A6F-4CAF-9598-D2BE3B3E90FD}" => not found
C:\Windows\system32\Tasks\{481B0461-2B43-49D7-8E1B-46795729CDE4} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36883686 B
Java, Flash, Steam htmlcache => 474401906 B
Windows/system/drivers => 3203643 B
Edge => 0 B
Chrome => 167108 B
Firefox => 95591174 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Jirka => 8073504 B

RecycleBin => 0 B
EmptyTemp: => 597.7 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:13:16 ====

#4 Příspěvek od **Rudy** » 16 dub 2020 20:56

Smazáno, log by již měl být OK.

jiji01 · #5 Příspěvek od **jiji01** » 16 dub 2020 21:18

Díky moc za Vaši pomoc.

#6 Příspěvek od **Rudy** » 17 dub 2020 08:59

Rádo se stalo!

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu