Pěkně prosím o preventivní kontrolu

Zpráva

tomik258 · #1 Příspěvek od **tomik258** » 05 dub 2020 10:14

Ahoj, prosím o kontrolu mého stařičkého NTB.

Mám dlouhé starty, což je spíš díky tomu, že NTB zapínám 1x za měsíc.

Pak jsem ho měl celý rozdělaný a rozšrubovaný, přepastovával jsem chladiče na procesoru a externí grafice. Nicméně když zapnu náročnou hru, tak jede chvili a poté se zasekne. Nevím jestli má vliv pasta (ARCTIC MX-2), přepastovával jsem to dokonce nadvakrát, jestli jsem tam toho nedal málo, nicméně stejný výsledek, tak mě napadá jestli to není softwarové.... Díky moc Tom

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2020-04-05 11:06:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 169 GB (40%) free of 420 GB
Total RAM: 6088 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:44, on 5.4.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [OPENVPN-GUI] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Core Temp.lnk = C:\Program Files\Core Temp\Core Temp.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe,-100 (CIJSRegister) - CANON INC. - C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: OpenVPNService - - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: OpenVPN Legacy Service (OpenVPNServiceLegacy) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\GAMES\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\GAMES\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - E:\GAMES\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11318 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\windows\system32\WLANExt.exe 24450736
\??\C:\windows\system32\conhost.exe "8636564291620729714787877894748043904760172127-1239908006-441306831-1972599224
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\windows\Explorer.EXE
taskeng.exe {FC130F1C-7921-4CA1-B725-78B701F4C1D5}
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\OpenVPN\bin\openvpnserv.exe"
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\windows\system32\conhost.exe "808949126-171197338-73836346-24355338010205661041636653773-1989220301578044884
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2316
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Core Temp\Core Temp.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"taskhost.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

"C:\Users\Tom\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-28 2841896]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-05-19 789920]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-05-19 206176]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-05-19 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-05-19 5908928]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\windows\system32\igfxpers.exe [2013-11-07 442328]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11 1391472]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11 1391472]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-04-24 330552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OPENVPN-GUI"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2019-04-25 698328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-05-19 329056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-12 283160]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
Core Temp.lnk - C:\Program Files\Core Temp\Core Temp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll C:\Windows\System32\nvinitx.dll,C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux9"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2020-04-05 11:06:37 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2020-04-05 11:06:42 ----D---- C:\Program Files\trend micro
2020-04-05 11:06:23 ----D---- C:\windows\temp
2020-04-05 10:22:12 ----D---- C:\windows\system32\config
2020-04-05 10:13:00 ----SHD---- C:\windows\Installer
2020-04-05 10:12:57 ----D---- C:\ProgramData\NVIDIA
2020-04-05 10:12:39 ----D---- C:\windows\Prefetch
2020-04-05 10:12:30 ----D---- C:\windows\system32\Tasks
2020-04-05 10:09:47 ----D---- C:\windows\SysWOW64
2020-04-05 10:03:32 ----D---- C:\windows\System32
2020-04-05 10:03:32 ----D---- C:\windows\inf
2020-04-05 10:03:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2020-04-05 10:02:28 ----A---- C:\windows\SYSWOW64\log.txt
2020-03-17 21:40:54 ----D---- C:\windows\system32\NDF
2020-03-15 20:18:38 ----D---- C:\Users\Tom\AppData\Roaming\vlc
2020-03-14 22:56:48 ----D---- C:\windows\Minidump
2020-03-14 22:56:36 ----D---- C:\Windows
2020-03-14 22:49:21 ----D---- C:\Users\Tom\AppData\Roaming\SpinTires
2020-03-13 18:49:05 ----D---- C:\windows\system32\MRT
2020-03-13 18:27:58 ----AC---- C:\windows\system32\MRT.exe
2020-03-13 18:27:39 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2012-05-19 57952]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2012-08-30 132704]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-05-19 39008]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2018-03-25 48032]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2012-05-19 13408]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2018-04-10 134344]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2017-10-11 180088]
R1 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2017-09-25 77736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 winioex;winioex; C:\windows\system32\drivers\winioex.sys [2012-05-19 15456]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2012-05-19 29792]
R3 ALSysIO;ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys []
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 DelayMan;ACPI DelayMan Filter Service; C:\windows\system32\DRIVERS\delayman.sys [2012-05-19 20064]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [2014-04-24 25528]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 174168]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 LgBttPort;LGE Bluetooth TransPort; C:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;NVVHCI Enumerator Service; C:\windows\system32\DRIVERS\nvvhci.sys [2018-03-24 58816]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-10-28 398896]
R3 tap0901;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2019-04-23 28160]
R3 usb3Hub;UoIP Hub; C:\windows\system32\DRIVERS\usb3Hub.sys [2014-03-04 204184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AF15BDA;AF9015 BDA Device; C:\windows\system32\DRIVERS\AF15BDA.sys [2014-05-19 507392]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2013-04-18 29184]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2019-02-07 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-05-13 437288]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-05-13 150568]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2011-05-13 164392]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2011-05-13 89640]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-05-13 39976]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-05-13 21544]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-04-24 35256]
S3 mdf16;mdf16; \??\C:\Users\Tom\AppData\Local\Temp\mdf16.sys []
S3 mvd23;mvd23; \??\C:\Users\Tom\AppData\Local\Temp\mvd23.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2019-12-10 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 wdkmd;Intel WiDi KMD; C:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2011-05-12 970016]
R2 CIJSRegister;@C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe,-100; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [2015-02-19 144464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-04-24 2665896]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2019-04-22 398784]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2019-04-25 74712]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-11-18 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-12-11 292568]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; E:\GAMES\Origin\OriginWebHelperService.exe [2018-01-22 3025224]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-02-13 8361960]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe [2020-04-02 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
S3 OpenVPNService;OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2018-03-06 24192]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2019-04-25 74712]
S3 Origin Client Service;Origin Client Service; E:\GAMES\Origin\OriginClientService.exe [2018-01-22 2155328]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Rockstar Service;Rockstar Game Library Service; E:\GAMES\Launcher\RockstarService.exe [2019-12-01 474256]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-03-27 1781536]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-08-29 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 05 dub 2020 14:01

Ahoj,
urob zakladnu udrzbu ☺
1. Vycisti PC CCleanerom, vcetne registrov
2. Pozri aka je velkost adresara plocha ?
3. Spust s prikazoveho riadku chkdsk/F

tomik258 · #3 Příspěvek od **tomik258** » 07 dub 2020 11:27

Ahoj

provedeno, plocha má 63 MB.

Zásadní zlepšení jsem nezpozoroval

#4 Příspěvek od **JaRon** » 07 dub 2020 11:41

prescanuj s ADWCleanerom

tomik258 · #5 Příspěvek od **tomik258** » 07 dub 2020 16:01

čisté

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-07-2020
# Duration: 00:00:43
# OS: Windows 7 Home Premium
# Scanned: 32067
# Detected: 21

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPMediaSmart Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8990319-C2D6-43FE-A60F-BD20CE82FDCE}
Preinstalled.HPMediaSmart Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Task C:\Windows\System32\Tasks\MIRAGEAGENT
Preinstalled.LenovoEasyCamera Registry HKCU\Software\Sunplus SPUVCb
Preinstalled.LenovoEasyCamera Registry HKLM\Software\Sunplus SPUVCb
Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}
Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT
Preinstalled.LenovoEnergyManagement Folder C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT
Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management
Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility
Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D0956C11-0F60-43FE-99AD-524E833471BB}
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Folder C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoYouCam Folder C:\Program Files (x86)\LENOVO\YOUCAM
Preinstalled.LenovoYouCam Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\YOUCAM
Preinstalled.LenovoYouCam Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Mirage
Preinstalled.LenovoYouCam Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Tray

AdwCleaner[S00].txt - [1257 octets] - [13/12/2018 16:01:27]
AdwCleaner[S01].txt - [1318 octets] - [28/12/2018 16:18:00]
AdwCleaner[S02].txt - [1379 octets] - [04/01/2019 11:00:50]
AdwCleaner[S03].txt - [1440 octets] - [14/01/2019 17:18:30]
AdwCleaner[S04].txt - [1501 octets] - [02/02/2019 14:26:32]
AdwCleaner[S05].txt - [1562 octets] - [13/02/2019 19:57:14]
AdwCleaner[S06].txt - [1623 octets] - [30/03/2019 07:42:28]
AdwCleaner[S07].txt - [1684 octets] - [04/04/2019 17:07:23]
AdwCleaner[S08].txt - [1745 octets] - [30/06/2019 16:20:53]
AdwCleaner[S09].txt - [1806 octets] - [08/07/2019 21:52:35]
AdwCleaner[S10].txt - [1867 octets] - [21/07/2019 21:28:36]
AdwCleaner[S11].txt - [2146 octets] - [08/08/2019 21:25:31]
AdwCleaner[S12].txt - [2207 octets] - [27/08/2019 23:36:20]
AdwCleaner_Debug.log - [67315 octets] - [15/09/2019 13:27:34]
AdwCleaner[S13].txt - [4711 octets] - [15/09/2019 13:28:10]
AdwCleaner[S14].txt - [4773 octets] - [08/10/2019 21:43:50]
AdwCleaner[S15].txt - [4834 octets] - [11/10/2019 15:56:51]
AdwCleaner[S16].txt - [4895 octets] - [14/11/2019 07:43:57]
AdwCleaner[S17].txt - [4956 octets] - [02/12/2019 16:40:44]
AdwCleaner[S18].txt - [5017 octets] - [14/12/2019 07:58:40]
AdwCleaner[S19].txt - [5078 octets] - [31/12/2019 10:34:44]
AdwCleaner[S20].txt - [5139 octets] - [26/01/2020 12:29:57]
AdwCleaner[S21].txt - [5280 octets] - [14/03/2020 09:20:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S22].txt ##########

#6 Příspěvek od **JaRon** » 07 dub 2020 16:56

Vloz oba logy FRST

tomik258 · #7 Příspěvek od **tomik258** » 08 dub 2020 12:33

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Ran by Tom (administrator) on TOMES-PC (LENOVO 20091) (08-04-2020 13:22:37)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\GAMES\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2012-05-19] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-19] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2012-05-19] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-05-19] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [330552 2018-04-24] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [698328 2019-04-25] (OpenVPN Technologies, Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2011-05-12] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{7C2CDE72-05FD-4829-980A-EFBAD05B7697}] -> C:\windows\system32\ImageReog.dll [2012-05-19] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182784 2
18-
3-25] (NVIDIA Corporation PE Sign v2
16 -> NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [182784 2
18-
3-25] (NVIDIA Corporation PE Sign v2
16 -> NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [182784 2
18-
3-25] (NVIDIA Corporation PE Sign v2
16 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-05-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp.lnk [2018-08-14]
ShortcutTarget: Core Temp.lnk -> C:\Program Files\Core Temp\Core Temp.exe (ALCPU -> ALCPU)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D0AD63-E77C-4EB8-9CFE-45458FA15559} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {0AAC5A29-5F89-4E94-A57D-CA34617DABEC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {148A28B0-1D3F-48EC-A6A0-AA7410AE7E20} - System32\Tasks\Core Temp Autostart Tom => C:\Users\Tom\Downloads\Core Temp.exe
Task: {28634AF0-AADE-4F71-B35C-EA88BFF3B3C5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2DACE59A-0245-48E9-AD8D-11DBB65856B3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3BA8F933-AC99-4466-8DCF-82499938BA43} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50CDD041-F3BE-4F64-A818-8C49CCF69E08} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {55D51F65-B1F0-4FAD-9FED-0D1B0450954B} - System32\Tasks\{2791A409-68B2-40A0-AA23-DC98E3223CE8} => E:\GAMES\Codemasters\Colin McRae Rally 2\CMR2.exe [1534083 2000-12-05] (Codemasters Software Ltd) [File not signed]
Task: {6EF86366-E901-4CA2-8246-A852C9FA96BF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75BF2746-06B9-43B9-B120-5B450BEBB58B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C81106A-B94D-40D1-813B-0F0DACAAAFBD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84272220-1ACA-4DA7-854A-6B028EF33F85} - System32\Tasks\{E2693A60-0A16-489F-B7CC-63DD818C767D} => E:\GAMES\Steam\SteamApps\common\Grand Theft Auto San Andreas\GGMM.exe [446976 2007-02-07] () [File not signed]
Task: {8B8DDE4A-ACA2-450D-B1BB-801638DAD640} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B45ADD7-46E6-4569-AFAD-3944C14F317C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6796298-A130-4871-B552-FE3B08D169AC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B147E8F1-AFB0-4542-81AB-BFF32959B839} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {C8990319-C2D6-43FE-A60F-BD20CE82FDCE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {CDE79D39-A386-40E5-B070-4BF1266B1C17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {E04AA0AA-E08D-4B0A-BC15-A44F83F13111} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {E3C06B03-85D4-4AA0-A9E0-1B39581CC4B6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3DE25EE-2316-4729-8031-DB9300145C1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {FCA96936-8148-48BB-B1CB-68A4FDF084CE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1506385281-2691020431-3212168025-1001] => 192.168.2.2:3128
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{891B5BDE-F6EE-4528-AA0E-F647F6FE4342}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\windows\SysWOW64\npDeployJava1.dll [2012-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1506385281-2691020431-3212168025-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-18] (Ubisoft Entertainment Sweden AB -> )

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2020-04-08]
CHR Notifications: Default -> hxxp://9gag.com; hxxp://steamcommunity.com; hxxps://2conv.com; hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://steamdb.info; hxxps://www.sevt.cz
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://google.cz/"
CHR Extension: (BetterTTV) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-05]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2019-09-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-05]
CHR Extension: (Převod měn) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2014-08-29]
CHR Extension: (Twitch Now) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2020-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-09-11]
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-14] (BattlEye Innovations e.K. -> )
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation -> Broadcom Corporation.)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (Canon Inc. -> CANON INC.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2665896 2018-04-24] (ESET, spol. s r.o. -> ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [398784 2019-04-22] (Canon Inc. -> )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] (Intel Corporation - Mobile Wireless Group -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Origin Client Service; E:\GAMES\Origin\OriginClientService.exe [2155328 2018-01-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\GAMES\Origin\OriginWebHelperService.exe [3025224 2018-01-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-11-18] (Even Balance, Inc. -> )
S3 Rockstar Service; E:\GAMES\Launcher\RockstarService.exe [474256 2019-12-01] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\windows\System32\DRIVERS\AF15BDA.sys [507392 2014-05-19] (Microsoft Windows Hardware Compatibility Publisher -> ITETech )
S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) [File not signed]
S3 BTWDPAN; C:\windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation -> Broadcom Corporation.)
R3 clwvd; C:\windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
R3 DelayMan; C:\windows\System32\DRIVERS\delayman.sys [20064 2012-05-19] (Lenovo (Beijing) Limited -> Ensurebit Inc.)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [134344 2018-04-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [180088 2017-10-11] (ESET, spol. s r.o. -> ESET)
R1 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [77736 2017-09-25] (ESET, spol. s r.o. -> ESET)
R3 LgBttPort; C:\windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 lgbusenum; C:\windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R3 LGVMODEM; C:\windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
R3 SPUVCbv; C:\windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Windows -> Microsoft Corporation)
R3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [28160 2019-04-23] (OpenVPN Inc. -> The OpenVPN Project)
R3 usb3Hub; C:\windows\System32\DRIVERS\usb3Hub.sys [204184 2014-03-04] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdkmd; C:\windows\System32\DRIVERS\WDKMD.sys [42392 2010-12-01] (Wireless Display -> Intel Corporation)
R1 winioex; C:\windows\System32\drivers\winioex.sys [15456 2012-05-19] (Lenovo (Beijing) Limited -> Ensurebit Inc.)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
S3 XSplit_Dummy; C:\windows\System32\drivers\xspltspk.sys [26200 2015-05-26] (Splitmedialabs Limited -> SplitmediaLabs Limited)
S3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 mdf16; \??\C:\Users\Tom\AppData\Local\Temp\mdf16.sys [X] <==== ATTENTION
S3 mvd23; \??\C:\Users\Tom\AppData\Local\Temp\mvd23.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-08 13:22 - 2020-04-08 13:24 - 000030593 _____ C:\Users\Tom\Desktop\FRST.txt
2020-04-08 13:21 - 2020-04-08 13:23 - 000000000 ____D C:\FRST
2020-04-08 13:16 - 2020-04-08 13:20 - 002281472 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
2020-04-07 17:12 - 2020-04-07 17:13 - 000075820 _____ C:\Users\Tom\Downloads\oil_cdr.zip
2020-04-07 16:57 - 2020-04-07 16:57 - 008196784 _____ (Malwarebytes) C:\Users\Tom\Desktop\adwcleaner_8.0.4.exe
2020-04-07 12:49 - 2020-04-07 12:49 - 002776800 _____ (Kaspersky) C:\Users\Tom\Downloads\kfa20.0.14.1085abccs_20888.exe
2020-04-05 11:16 - 2020-04-05 11:52 - 000000000 ____D C:\Users\Tom\AppData\Local\DayZ Launcher
2020-04-05 11:16 - 2020-04-05 11:16 - 000000000 ____D C:\Users\Tom\AppData\Local\Bohemia_Interactive
2020-04-05 11:06 - 2020-04-05 11:06 - 000000000 ____D C:\rsit
2020-04-05 10:51 - 2020-04-05 10:51 - 001222144 _____ C:\Users\Tom\Desktop\RSITx64.exe
2020-03-13 18:36 - 2020-03-13 18:36 - 000243739 _____ C:\Users\Tom\Desktop\PayPal_ Údaje o transakci_táhla_rizeni.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-08 13:23 - 2012-05-19 12:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-08 13:19 - 2012-05-19 04:13 - 000669070 _____ C:\windows\system32\perfh005.dat
2020-04-08 13:19 - 2012-05-19 04:13 - 000141696 _____ C:\windows\system32\perfc005.dat
2020-04-08 13:19 - 2009-07-14 07:13 - 001584368 _____ C:\windows\system32\PerfStringBackup.INI
2020-04-08 13:19 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-04-08 13:18 - 2009-07-14 06:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-08 13:18 - 2009-07-14 06:45 - 000028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-08 13:13 - 2012-05-19 13:36 - 000554568 _____ C:\windows\system32\fastboot.set
2020-04-08 13:11 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-04-07 15:47 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2020-04-07 15:41 - 2015-12-26 23:26 - 000000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2020-04-07 15:40 - 2015-02-01 12:57 - 000000000 ____D C:\Users\Tom\Documents\Euro Truck Simulator 2
2020-04-06 08:56 - 2015-04-27 15:41 - 000000000 ____D C:\Program Files\Rockstar Games
2020-04-06 08:56 - 2013-10-30 23:37 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-04-05 16:49 - 2013-09-20 15:20 - 000000000 ____D C:\windows\Minidump
2020-04-05 16:48 - 2017-10-25 15:07 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2020-04-05 16:48 - 2012-09-07 09:54 - 000000000 ____D C:\Users\Tom\Documents\zaloha registru
2020-04-05 11:58 - 2018-11-26 16:25 - 000003798 _____ C:\windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:58 - 2018-11-26 16:25 - 000003790 _____ C:\windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:58 - 2012-05-19 12:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-05 11:58 - 2012-05-19 12:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-05 11:57 - 2019-11-14 07:47 - 000003704 _____ C:\windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2019-11-14 07:47 - 000003704 _____ C:\windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2019-11-14 07:47 - 000003704 _____ C:\windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2019-11-14 07:47 - 000003704 _____ C:\windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2018-11-26 16:24 - 000004146 _____ C:\windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2018-11-26 16:24 - 000003940 _____ C:\windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:57 - 2012-05-19 12:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-05 11:56 - 2018-11-26 16:24 - 000003738 _____ C:\windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:56 - 2016-09-30 14:25 - 000003494 _____ C:\windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-05 11:23 - 2014-08-27 15:50 - 000000000 ____D C:\Users\Tom\Documents\DayZ
2020-04-05 11:20 - 2014-08-27 15:50 - 000000000 ____D C:\Users\Tom\AppData\Local\DayZ
2020-04-05 11:06 - 2013-08-30 23:13 - 000000000 ____D C:\Program Files\trend micro
2020-04-05 10:16 - 2012-05-19 13:35 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-05 10:12 - 2015-11-24 22:23 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-05 10:10 - 2018-07-25 21:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-04-05 10:07 - 2017-02-28 21:47 - 000003388 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-05 10:07 - 2017-02-28 21:47 - 000003260 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-15 20:18 - 2016-12-24 21:46 - 000000000 ____D C:\Users\Tom\AppData\Roaming\vlc
2020-03-14 22:49 - 2017-11-05 18:41 - 000000000 ____D C:\Users\Tom\AppData\Roaming\SpinTires
2020-03-13 18:49 - 2013-07-21 00:41 - 000000000 ____D C:\windows\system32\MRT
2020-03-13 18:27 - 2012-08-29 11:51 - 121542864 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories ========

2015-02-19 09:32 - 2015-11-06 15:06 - 000008192 _____ () C:\Users\Tom\AppData\Roaming\records_db
2014-05-07 16:58 - 2017-01-26 15:50 - 000005632 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-27 13:30 - 2014-05-27 13:30 - 000004096 ____H () C:\Users\Tom\AppData\Local\keyfile3.drm
2012-08-28 23:38 - 2012-08-28 23:38 - 000001567 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20120828.233811.txt
2012-09-03 15:07 - 2012-09-03 15:07 - 000001541 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20120903.150709.txt
2012-10-31 12:48 - 2012-10-31 12:48 - 000001541 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20121031.114803.txt
2018-06-09 18:45 - 2018-06-09 18:45 - 000001565 _____ () C:\Users\Tom\AppData\Local\PDLSetup.20180609.184538.txt
2013-10-06 13:05 - 2016-04-26 15:10 - 000007601 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg
2018-06-09 19:06 - 2018-06-09 19:09 - 000035874 _____ () C:\Users\Tom\AppData\Local\WiDiSetupLog.20180609.190641.wdl
2019-06-26 15:15 - 2019-06-26 15:15 - 000000000 _____ () C:\Users\Tom\AppData\Local\{DA6C6CE1-CE9E-46A5-8764-956168A3A953}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-04-07 10:19
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by Tom (08-04-2020 13:26:35)
Running from C:\Users\Tom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-08-28 07:12:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1506385281-2691020431-3212168025-500 - Administrator - Disabled)
Guest (S-1-5-21-1506385281-2691020431-3212168025-501 - Limited - Disabled)
Tom (S-1-5-21-1506385281-2691020431-3212168025-1001 - Administrator - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1025 - DsNET Corp)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\BeamNG-Techdemo-0.3) (Version: - )
BlazeDTV 6.0 (HKLM-x32\...\BlazeDTV 6.0_is1) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.3.3 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.3 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Colin McRae Rally 2 (HKLM-x32\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: 7.3.393 - Softland)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
ESET NOD32 Antivirus (HKLM\...\{A4B1B610-A6AF-475C-B5ED-C288AC7983FE}) (Version: 10.1.245.1 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Fotogaléria (HKLM-x32\...\{4FA8AECA-ECB4-4A7F-A400-8CCBA745FA6A}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{B4299C72-D4BF-4F29-A5A6-63294B1C0368}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{78091D68-706D-4893-B287-9F1DFB24F7AF}) (Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{9C798E99-094E-4289-A6C8-1D5EE63AFFE3}) (Version: 4.2.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{24758B1D-9345-4538-A69A-05660F63A296}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo R.I.C. (Robust Intelligent Companion) (HKLM\...\Lenovo R.I.C. (Robust Intelligent Companion)) (Version: 1.0.10.1220 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{750E0BB5-CB46-4B52-8C42-77D4168DD786}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8C22A294-DBBA-445F-B55C-E26817CCFE69}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9A0C0A74-8AC8-4216-8E1F-B9AD2E14C950}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.4.7-I607-Win7 (HKLM\...\OpenVPN) (Version: 2.4.7-I607-Win7 - OpenVPN Technologies, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QIP 2005 8097 (HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\...\QIP 2005) (Version: 8097 - )
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.15.182 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.31.1 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TAP-Windows 9.23.3 (HKLM\...\TAP-Windows) (Version: 9.23.3 - OpenVPN Technologies, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulož.to FileManager verze 1.96 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 1.96 - Uloz.to cloud a.s.)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0-git - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio 14 FREE (HKLM-x32\...\ZonerPhotoStudio14_EN_is1) (Version: 14.0.1.4 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1506385281-2691020431-3212168025-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2012-05-19] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] (Notepad++ -> )
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\windows\system32\SimpleExt.dll [2012-05-19] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2013-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-13] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-19] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2015-04-14] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) =============

2012-05-19 12:41 - 2011-01-12 19:56 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-05-02 15:41 - 2011-05-02 15:41 - 001501696 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2019-05-15 20:30 - 2019-05-15 20:30 - 000169984 _____ () [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\63059d61593158ea2ebbd142e6face39\IsdiInterop.ni.dll
2012-08-28 09:28 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2012-05-19 12:41 - 2010-12-21 03:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2019-08-09 19:40 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2019-05-15 20:30 - 2019-05-15 20:30 - 000014336 _____ (Intel Corp.) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\cac34f7340af9f12979fefbaa51d2446\IAStorCommon.ni.dll
2012-05-19 12:41 - 2010-12-21 03:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 000006656 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 000165376 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2012-05-19 12:41 - 2011-01-12 19:56 - 001109504 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2012-05-19 12:41 - 2011-01-12 19:52 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2011-03-17 22:47 - 2011-03-17 22:47 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2020-01-26 11:14 - 2020-01-26 11:14 - 000218624 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\6d5a37a33e3473c2f81a898077ee6fea\IAStorDataMgr.ni.dll
2020-01-26 11:14 - 2020-01-26 11:14 - 000475648 _____ (Intel Corporation) [File not signed] C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d8f5e5480fdf1746af83ea34ea6c632a\IAStorUtil.ni.dll
2011-05-02 16:20 - 2011-05-02 16:20 - 001738240 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2011-05-02 16:50 - 2011-05-02 16:50 - 000043008 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2011-05-02 16:10 - 2011-05-02 16:10 - 001077248 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-05-02 16:11 - 2011-05-02 16:11 - 001045504 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-05-02 16:12 - 2011-05-02 16:12 - 003719168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-05-02 16:10 - 2011-05-02 16:10 - 000846336 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-05-02 16:12 - 2011-05-02 16:12 - 000841728 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-05-02 16:12 - 2011-05-02 16:12 - 000336896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-05-02 16:59 - 2011-05-02 16:59 - 000095232 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2011-05-02 16:16 - 2011-05-02 16:16 - 001277952 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-05-02 16:17 - 2011-05-02 16:17 - 000464384 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2011-05-02 16:15 - 2011-05-02 16:15 - 002072576 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-05-02 16:10 - 2011-05-02 16:10 - 000177152 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-05-02 16:10 - 2011-05-02 16:10 - 000234496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2011-05-02 16:23 - 2011-05-02 16:23 - 001793024 _____ (Intel(R) Corporation) [File not signed] C:\windows\System32\IWMSSvc.dll
2012-05-19 13:10 - 2012-05-19 13:10 - 001605120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\MFC80.DLL
2012-05-19 13:10 - 2012-05-19 13:10 - 001602560 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\MFC80U.DLL
2012-08-29 13:26 - 2012-08-29 13:26 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-08-15 22:53 - 2018-01-22 16:13 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\GAMES\Origin\LIBEAY32.dll
2013-08-15 22:54 - 2018-01-22 16:13 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\GAMES\Origin\ssleay32.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\platforms\qwindows.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\Qt5Core.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\Qt5Gui.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 001177600 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\Qt5Network.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\Qt5Widgets.dll
2014-03-05 22:49 - 2018-01-22 16:13 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\GAMES\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => Applications\CCleaner.exe

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-04-17 09:34 - 2018-07-20 14:35 - 000000035 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files\Broadcom\WHL;C:\Program Files\Broadcom\WHL\syswow64;C:\Program Files\Broadcom\WHL\SysWow64;C:\Program Files\Broadcom\WHL\SysWow64\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Skype\Phone;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1506385281-2691020431-3212168025-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C9EF5F82-8173-41F4-A5EB-E136FD7766E5}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Backgammon.exe (EasyBits Software AS -> EasyBits Media AS)
FirewallRules: [{569D6764-E26A-4452-84AD-A108C8E5EDA3}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Checkers.exe (EasyBits Software AS -> EasyBits Media AS)
FirewallRules: [{D4FD7CEA-8552-4AE1-84AD-C7A778C26D81}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\Chess.exe (EasyBits Software AS -> EasyBits Media AS)
FirewallRules: [{6AF790A6-7BAB-4418-BD74-9F855F256D71}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\EasyChat.exe (EasyBits Software AS -> EasyBits Software AS)
FirewallRules: [{D4A40F07-D5E2-4B59-A1D6-9CF6122D9A4B}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\SeaBattle.exe (EasyBits Software AS -> EasyBits Media AS)
FirewallRules: [{DFC949B5-2DAF-4198-AA88-26951BD00558}] => (Allow) C:\Program Files\Lenovo\Bluetooth Software\EasyBits Games\TicTacToe.exe (EasyBits Software AS -> EasyBits Media AS)
FirewallRules: [TCP Query User{F725ABB5-CE0A-471C-89A1-E815C36E3924}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B08C65CF-964E-4E42-B27A-B8DFC812C193}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{FBA49717-8BE2-49C6-A097-577BAAA55DC9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BEBE0D42-FB10-4B21-A2D7-3D2EBB85A2CC}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{6BFC0368-A17C-4505-A6D2-F0396398B0C8}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe (DsNET Corp. -> DsNET)
FirewallRules: [UDP Query User{28DE854D-8CCF-4757-9AA4-B6AA3B7F7373}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Allow) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe (DsNET Corp. -> DsNET)
FirewallRules: [TCP Query User{664F6674-95E0-433C-9C81-BA9D6E914994}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{67480F39-4F44-4025-91CE-B60ACBE0695E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C7943361-D394-4809-AFE5-63EF86032788}] => (Allow) E:\GAMES\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{71333F8D-AD17-4A83-B0C3-166D278489B1}] => (Allow) E:\GAMES\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0B4FC421-E9AF-4C41-9141-EC166A2C2CDD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{EBB0F69A-4735-4641-B3A6-3530E26B3C09}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{7F90B883-6059-4C37-8481-74A29CEA4D3D}] => (Allow) C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7F96A1D-CA14-4C0E-9D2C-023B627DC69C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{435144DB-29E2-47C8-BDAE-0861656257B9}] => (Allow) LPort=2869
FirewallRules: [{8359B2B7-7BB6-4B54-B271-AF57E07C6A7B}] => (Allow) LPort=1900
FirewallRules: [{3E7CD4C6-8074-47FE-AE65-F45116027537}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87EF61EB-898C-4EA1-8C57-0324161F8956}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{752080A9-82F2-4F7D-9659-73AE101A9535}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{5B52C0A8-78AE-4524-A285-88439BE0709E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E035E9D0-922A-43D6-9463-E549EAB87D55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{2A6D932F-1ECD-49B6-9F14-22D891B93864}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{87D4C357-D37C-459D-869C-DCEAEAF6AF51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A2844A5B-1DAF-4D46-9305-6AA2F3105027}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9D00CE9C-66D9-4866-BA8E-5BAD813AF063}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [TCP Query User{20F5995C-BB5D-468C-8BB6-8AF81B634D29}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN) [File not signed]
FirewallRules: [UDP Query User{7176CE15-EAAF-42F1-9344-462F8A8BC66A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN) [File not signed]
FirewallRules: [{537B42D1-F59F-4F72-ADE4-878FE7054C53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{872ECDDF-0F06-4E63-89D5-C7BEF6608DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4628EAD-F8A4-4B0C-8E15-50189D0C0C7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3D80546E-2F18-4003-AB84-65E46D3151A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65B69093-C099-4F8B-AA01-A0041C7F951A}] => (Allow) E:\GAMES\Steam\SteamApps\common\Turmoil\Turmoil_PC_Full.exe (Gamious ) [File not signed]
FirewallRules: [{2B373AF0-5C01-4F0F-8C39-06DF0C2EF607}] => (Allow) E:\GAMES\Steam\SteamApps\common\Turmoil\Turmoil_PC_Full.exe (Gamious ) [File not signed]
FirewallRules: [{B6AEA471-F280-4DF3-9D0C-79CBA4C55003}] => (Allow) LPort=5556
FirewallRules: [{1F8C38D2-4016-4865-8C0F-37FA5DF31DB0}] => (Allow) LPort=5558
FirewallRules: [{2C169132-7C36-48BA-96AC-445C5B60EC4E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{3BB9E91C-95DE-4D9A-8EC8-630540D05C51}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Wireless Display -> Intel Corporation)
FirewallRules: [{16D51119-778D-4AF6-9123-AB204D4295F0}] => (Allow) E:\GAMES\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{75BE848F-69F2-4869-8A3E-C246A3353749}] => (Allow) E:\GAMES\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CF234E81-6534-46A1-AAFE-698F984B13D0}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{89B40D9F-BA99-4585-9752-C7153456F340}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{A867180C-C3B0-4BB5-B40F-2775796CF414}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{621C6F9B-9680-4B28-AB59-1BAFEA483302}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5BC65C06-DD1D-46DD-9EA3-ABC6D030EA03}] => (Allow) E:\GAMES\Steam\SteamApps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{B31B9BA6-EE35-4399-8C86-713A1187CA8F}] => (Allow) E:\GAMES\Steam\SteamApps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{B612DB6D-A359-4852-86D3-3E258FADDA9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A9040800-6734-404E-B262-244C0A42DEEB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{805E2292-85EE-47EF-B7F2-774C0D3819D5}E:\games\steam\steamapps\common\thelongdark\tld.exe] => (Allow) E:\games\steam\steamapps\common\thelongdark\tld.exe () [File not signed]
FirewallRules: [UDP Query User{021ECD3B-EE80-49E9-A1E4-66BAFCE4C3E3}E:\games\steam\steamapps\common\thelongdark\tld.exe] => (Allow) E:\games\steam\steamapps\common\thelongdark\tld.exe () [File not signed]
FirewallRules: [{26C6E5D0-78F6-4735-B71F-C13C4A851491}] => (Allow) E:\GAMES\Steam\SteamApps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{8FA6AAA4-23CD-4C8A-880A-F645FA941098}] => (Allow) E:\GAMES\Steam\SteamApps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{A9E11FD7-EA6C-4456-A686-BADF1D795CC6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4AB3227-DF4F-405D-B8CE-41AC6508D9FA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39D6261A-5CCB-4E86-B036-9AB8DF506586}] => (Allow) E:\GAMES\Steam\SteamApps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{C4AB7462-04FD-4912-94D0-EBA8B3ECCF25}] => (Allow) E:\GAMES\Steam\SteamApps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{AEDB5BCC-2537-4CAD-BF51-17193D14254B}] => (Allow) E:\GAMES\Steam\SteamApps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{B7BFA7A7-E817-4C0A-A9A1-968FC2B16E9D}] => (Allow) E:\GAMES\Steam\SteamApps\common\My Summer Car\mysummercar.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{C7CFA4DB-9D39-4850-B8F3-BCB84BC40AF9}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{50E0F054-39CC-4087-AEED-137ABD13FCB1}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3FE7F552-59ED-4FA2-A1A6-37975A759111}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{06D78F52-7691-497F-94FC-DEA5D7EDDD2C}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DDB514DC-BDD9-4DDE-B2C2-AEBEE55D9A10}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{33DA6802-2C2E-4D41-BFF7-91178B044B23}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{12D385A6-58D0-4D0F-8D2D-C2AEA2C32192}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B395E57E-D340-483F-95A9-348203AF2970}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7CCC1219-6A37-4AA5-8922-FC8B3E5E92E9}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DF632CD0-576E-4064-BEF9-D5D344DEA6F5}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{88724103-CF85-447E-B3A9-7F75C0CDAC92}] => (Allow) E:\GAMES\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D2F965F4-E267-499B-A528-E1C14A590647}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{EF45E3F7-AE0C-424E-8552-4462C0AA1DF8}] => (Allow) E:\GAMES\Steam\SteamApps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{0D574E87-44C4-4471-BBE2-89655B0E4ADC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{29D2C339-06FD-434A-BD63-DDF91FC5F73B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E5EF336-72E0-479B-8019-B6FB3441C5D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D0CAEDCF-E7C5-4786-9AE1-5547EF1C2564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A0C73DC-A101-4AE4-A703-2A3E42C460C0}] => (Allow) E:\GAMES\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A502B72F-1512-44D2-856B-3603A8EF3BF9}] => (Allow) E:\GAMES\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)

==================== Restore Points =========================

27-01-2020 18:04:12 Windows Update
13-03-2020 18:25:50 Windows Update
05-04-2020 15:06:14 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/08/2020 01:12:44 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/07/2020 06:03:47 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/07/2020 04:55:13 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/07/2020 03:40:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eurotrucks2.exe, verze: 1.36.2.48, časové razítko: 0x5e6ca5e5
Název chybujícího modulu: eurotrucks2.exe, verze: 1.36.2.48, časové razítko: 0x5e6ca5e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000021f524
ID chybujícího procesu: 0x2038
Čas spuštění chybující aplikace: 0x01d60ce218e314af
Cesta k chybující aplikaci: E:\GAMES\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Cesta k chybujícímu modulu: E:\GAMES\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
ID zprávy: 61859193-78d5-11ea-942e-dc0ea1ebdf19

Error: (04/07/2020 07:29:50 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/06/2020 09:04:51 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/06/2020 07:49:07 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2020 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy G:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

System errors:
=============
Error: (04/08/2020 01:18:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (04/07/2020 04:59:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (04/07/2020 04:53:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (16:45:29, ‎7.‎4.‎2020) bylo neočekávané.

Error: (04/06/2020 10:28:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2020 10:28:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (04/06/2020 09:04:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2020 09:04:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (04/06/2020 09:03:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:59:33, ‎6.‎4.‎2020) bylo neočekávané.

Windows Defender:
===================================
Date: 2012-10-31 11:07:16.735
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-10-31 11:07:16.732
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2012-10-31 11:48:21.610
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-10-31 11:48:21.605
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

CodeIntegrity:
===================================

Date: 2018-11-18 13:01:15.463
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\GAMES\Steam\SteamApps\downloading\221100\BattlEye\BEService.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 15:29:44.451
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\GAMES\Steam\SteamApps\downloading\221100\BattlEye\BEService_x64.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-11-12 15:29:42.134
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\GAMES\Steam\SteamApps\downloading\221100\BattlEye\BEService_x64.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-05-15 19:01:40.663
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-15 19:01:40.012
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-15 19:01:39.347
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-16 16:24:25.402
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-09-30 09:30:37.840
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO 47CN32WW(V2.10) 01/04/2012
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 6087.86 MB
Available physical RAM: 2435.94 MB
Total Virtual: 12173.86 MB
Available Virtual: 8433.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:410.56 GB) (Free:169.65 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:21.43 GB) NTFS
Drive e: () (Fixed) (Total:477.01 GB) (Free:63.61 GB) NTFS
Drive f: (Svatba) (CDROM) (Total:4.1 GB) (Free:0 GB) UDF

\\?\Volume{e7473845-a19c-11e1-9c75-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AD299837)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=410.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End of Addition.txt =======================

#8 Příspěvek od **JaRon** » 08 dub 2020 12:49

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
S3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 mdf16; \??\C:\Users\Tom\AppData\Local\Temp\mdf16.sys [X] <==== ATTENTION
S3 mvd23; \??\C:\Users\Tom\AppData\Local\Temp\mvd23.sys [X] <==== ATTENTION



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

tomik258 · #9 Příspěvek od **tomik258** » 08 dub 2020 13:06

NTB po restartu naběhlo rychleji - aspoň můj dojem.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by Tom (08-04-2020 13:59:03) Run:1
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
S3 ALSysIO; \??\C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 mdf16; \??\C:\Users\Tom\AppData\Local\Temp\mdf16.sys [X] <==== ATTENTION
S3 mvd23; \??\C:\Users\Tom\AppData\Local\Temp\mvd23.sys [X] <==== ATTENTION

EmptyTemp:
Reboot:
End
*****************

HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\mdf16 => removed successfully
mdf16 => service removed successfully
HKLM\System\CurrentControlSet\Services\mvd23 => removed successfully
mvd23 => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9425137 B
Java, Flash, Steam htmlcache => 291272146 B
Windows/system/drivers => 35046967 B
Edge => 0 B
Chrome => 370087093 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 30779 B
NetworkService => 30779 B
UpdatusUser => 30779 B
Tom => 41950670 B

RecycleBin => 32748664 B
EmptyTemp: => 752.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:00:18 ====

#10 Příspěvek od **JaRon** » 08 dub 2020 13:11

fajn, ak si za ostatny rok nerobil defragmentaciu, tak ju urob

tomik258 · #11 Příspěvek od **tomik258** » 09 dub 2020 19:14

OK děkuji za pomoc a rady!!

#12 Příspěvek od **JaRon** » 09 dub 2020 19:20

Rado sa stalo
Pekne sviatky

VIRY.CZ

Pěkně prosím o preventivní kontrolu

Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu

Re: Pěkně prosím o preventivní kontrolu