Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Prosím o kontrolu logu

#1 Příspěvek od flatoutik »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by User007 (administrator) on PC (08-09-2018 00:38:00)
Running from C:\Users\User007\Downloads
Loaded Profiles: User007 (Available Profiles: User007)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Program Files\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-06-06] (Razer Inc.)
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Run: [Steam] => D:\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-08-08] (Nota Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.3.1
Tcpip\..\Interfaces\{F7338606-2457-406D-8D6F-93CBB961C305}: [DhcpNameServer] 8.8.8.8 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-24] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={5956E8DE-0AB4-44F0-9994-C43C6A2B698C}&mid=63707ee875e347d3a46ad15e773bc7dc-886f6850bec2f11c50e27e95d4c9a92f80d65ea9&lang=en&ds=es011&coid=avgtbdises&pr=sa&d=2013-11-02 18:08:11&v=17.0.0.12&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default [2018-09-08]
CHR Extension: (Prezentace) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-23]
CHR Extension: (Dokumenty) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23]
CHR Extension: (Disk Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-08]
CHR Extension: (YouTube) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-23]
CHR Extension: (Adblock na Youtube™) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-03-07]
CHR Extension: (Tabulky) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-23]
CHR Extension: (Gyazo) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2018-05-25]
CHR Extension: (Authy Chrome Extension) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2017-12-23]
CHR Extension: (Authy) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2018-05-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-06]
CHR Extension: (Grammarly for Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-09-07]
CHR Extension: (City and Bridge in the Fog - Full HD - Axlg) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdegpmcndhhenlehkilbepaihkaefkom [2017-12-23]
CHR Extension: (Counter for Messenger) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2018-09-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522912 2018-08-07] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-09] (EasyAntiCheat Ltd)
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [754984 2018-09-05] (Reto-Moto ApS)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-12-23] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-12-23] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-06] (Malwarebytes)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [11677112 2018-08-16] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2018-05-30] (LogMeIn Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-07] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [52328 2018-09-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-07] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [109872 2018-09-08] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R1 MpKsl84e0128e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2CB0739-FF74-4549-B485-E1B53F6922EC}\MpKsl84e0128e.sys [58120 2018-09-07] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [57400 2018-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51736 2016-06-22] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2016-02-23] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 00:38 - 2018-09-08 00:38 - 000017767 _____ C:\Users\User007\Downloads\FRST.txt
2018-09-08 00:37 - 2018-09-08 00:38 - 000000000 ____D C:\FRST
2018-09-08 00:37 - 2018-09-08 00:37 - 002413056 _____ (Farbar) C:\Users\User007\Downloads\FRST64.exe
2018-09-06 22:16 - 2018-09-06 22:16 - 000000000 ____D C:\Users\User007\Downloads\idle_master_extended_v1.3
2018-09-06 22:09 - 2018-09-06 22:09 - 001363209 _____ C:\Users\User007\Downloads\idle_master_extended_v1.3.zip
2018-09-06 21:24 - 2018-09-06 21:24 - 000000000 ____D C:\Users\User007\AppData\Local\mbam
2018-09-06 21:17 - 2018-09-06 21:18 - 000000000 ____D C:\Users\User007\Documents\Battlefield V Open Beta
2018-09-06 15:28 - 2018-09-08 00:30 - 000109872 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-06 15:28 - 2018-09-07 12:27 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-06 15:28 - 2018-09-07 12:27 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-06 15:28 - 2018-09-07 12:27 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-06 15:28 - 2018-09-06 15:28 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-05 22:40 - 2018-09-05 22:40 - 000000000 ____D C:\Users\User007\Downloads\wordpress-4.9.8-cs_CZ
2018-09-05 22:39 - 2018-09-05 22:40 - 010097666 _____ C:\Users\User007\Downloads\wordpress-4.9.8-cs_CZ.zip
2018-09-05 22:34 - 2018-09-05 23:06 - 000000161 _____ C:\Users\User007\Desktop\Tatarák.txt
2018-09-04 15:22 - 2018-09-04 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-09-03 11:42 - 2018-09-03 11:42 - 000000000 ____D C:\Users\User007\AppData\LocalLow\Facepunch Studios LTD
2018-09-03 10:51 - 2018-09-03 10:51 - 000111990 _____ C:\Users\User007\Downloads\Plan-treninku-36.-tyden-MSK.pdf
2018-09-02 18:14 - 2018-09-02 18:14 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\User007\Downloads\flashplayer30pp_xa_install.exe
2018-08-29 00:50 - 2018-08-21 12:24 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-08-29 00:48 - 2018-08-29 00:49 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-08-29 00:47 - 2018-08-22 18:12 - 040189616 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 032457736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 017014632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-08-29 00:47 - 2018-08-22 18:12 - 000628560 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 000519120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 000057400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2018-08-29 00:47 - 2018-08-22 18:11 - 040346976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 035250176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 031248576 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 025964944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 020330616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 017755768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 015169920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 013732120 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 011276424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 003967304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 003504968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001564136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001420296 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001217352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001159096 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001093456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000915616 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000906608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000546880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000464536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000420032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000182624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000170216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000164792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000159736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000148168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000142656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000133960 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2018-08-29 00:35 - 2018-08-29 00:35 - 000112477 _____ C:\Users\User007\Downloads\Plan-treninku-35.-tyden-MSK (1).pdf
2018-08-27 03:06 - 2018-08-27 03:06 - 000112477 _____ C:\Users\User007\Downloads\Plan-treninku-35.-tyden-MSK.pdf
2018-08-24 22:55 - 2018-08-24 22:55 - 000000000 ____D C:\Users\User007\Documents\League of Legends
2018-08-24 22:51 - 2018-08-24 22:51 - 000000684 _____ C:\Users\Public\Desktop\League of Legends.lnk
2018-08-24 22:51 - 2018-08-24 22:51 - 000000000 ____D C:\ProgramData\Riot Games
2018-08-24 22:51 - 2018-08-24 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-08-24 22:51 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-08-24 22:51 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-08-24 22:51 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-08-24 22:50 - 2018-08-24 22:50 - 085168872 _____ (Riot Games, Inc) C:\Users\User007\Downloads\League of Legends installer EUNE.exe
2018-08-23 16:16 - 2018-08-23 16:16 - 000000000 ____D C:\ProgramData\PingPlotter 5
2018-08-23 16:15 - 2018-08-23 16:17 - 000000000 ____D C:\Users\User007\AppData\Local\PingPlotter 5
2018-08-23 16:15 - 2018-08-23 16:15 - 000000000 ____D C:\Users\User007\AppData\Roaming\Downloaded Installations
2018-08-23 16:15 - 2018-08-23 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5
2018-08-23 16:15 - 2018-08-23 16:15 - 000000000 ____D C:\Program Files (x86)\PingPlotter 5
2018-08-23 16:11 - 2018-08-23 16:14 - 015200560 _____ C:\Users\User007\Downloads\pingplotter_install.exe
2018-08-22 22:22 - 2018-08-22 22:22 - 000044025 _____ C:\Users\User007\Downloads\EasyAntiCheat_x64.zip
2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H C:\Program Files (x86)\ziiugfdbmr.dat
2018-08-16 19:47 - 2018-08-16 19:47 - 042471892 _____ C:\Users\User007\Downloads\ASUS_AMDA00_ACPI_Win7Win8Win8_1.zip
2018-08-15 12:32 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 12:32 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 12:32 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 12:32 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 12:32 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 12:32 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 12:32 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 12:32 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 12:32 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 12:32 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 12:32 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 12:32 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 12:32 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 12:32 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 12:32 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 12:32 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-15 12:32 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 12:32 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 12:32 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 12:32 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 12:32 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 12:32 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-15 12:32 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 12:32 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 12:32 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 12:32 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 12:32 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 12:32 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-15 12:32 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 12:32 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 12:32 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 12:32 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 12:32 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 12:32 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-15 12:32 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 12:32 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 12:32 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 12:32 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 12:32 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 12:32 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-15 12:32 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-15 12:32 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 12:32 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 12:32 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 12:32 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 12:32 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 12:32 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 12:32 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 12:32 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 12:32 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 12:32 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-15 12:32 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 12:32 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-15 12:32 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 12:32 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-15 12:32 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-15 12:32 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-15 12:32 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-15 12:32 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-15 12:32 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 12:22 - 2018-08-14 12:22 - 000000979 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2018-08-14 12:22 - 2018-08-14 12:22 - 000000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2018-08-14 12:22 - 2018-08-14 12:22 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2018-08-14 12:21 - 2018-08-14 12:21 - 077976048 _____ (TeamSpeak Systems GmbH) C:\Users\User007\Downloads\TeamSpeak3-Client-win64-3.1.10.exe
2018-08-13 11:53 - 2018-08-13 11:53 - 000112944 _____ C:\Users\User007\Downloads\Plan-treninku-33.-tyden-MSK.pdf
2018-08-12 22:39 - 2018-08-29 00:50 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-12 22:39 - 2018-08-21 12:14 - 005947600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 002612264 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000634352 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000450768 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000124216 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-08-12 22:39 - 2018-08-03 00:32 - 008273432 _____ C:\Windows\system32\nvcoproc.bin
2018-08-12 22:38 - 2018-08-12 22:38 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-08-12 22:38 - 2018-08-01 11:49 - 000551616 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-08-12 22:38 - 2018-08-01 11:49 - 000456992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-08-12 22:37 - 2018-08-22 18:12 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2018-08-12 22:37 - 2018-08-22 18:11 - 019088480 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-08-12 22:37 - 2018-08-22 18:11 - 000505592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-08-12 22:37 - 2018-08-21 14:08 - 000041866 _____ C:\Windows\system32\nvinfo.pb
2018-08-12 22:37 - 2018-08-01 11:47 - 002002448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439882.dll
2018-08-12 22:37 - 2018-08-01 11:47 - 001467920 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439882.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-08-12 22:37 - 2018-07-30 21:08 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-08-12 22:37 - 2018-07-30 21:08 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-08-12 22:32 - 2018-09-07 12:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-12 22:32 - 2018-08-29 00:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-29 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-27 00:14 - 000000000 ____D C:\Users\User007\AppData\Local\NVIDIA
2018-08-12 22:32 - 2018-08-26 17:36 - 000000000 ____D C:\Users\User007\AppData\Local\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-21 12:15 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-08-12 22:32 - 2018-08-12 22:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000001390 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-08-12 22:32 - 2018-07-19 22:16 - 001311784 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-08-12 22:32 - 2018-07-19 19:44 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-08-12 22:32 - 2018-06-28 02:26 - 000206760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-08-12 22:32 - 2018-06-28 02:26 - 000185256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-08-12 22:32 - 2018-06-08 03:59 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-08-12 22:32 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-08-12 22:31 - 2018-08-12 22:32 - 087630520 _____ (NVIDIA Corporation) C:\Users\User007\Downloads\GeForce_Experience_v3.14.1.48.exe
2018-08-12 22:28 - 2018-08-12 22:28 - 000000000 ____D C:\Users\User007\Downloads\[Guru3D.com]-DDU
2018-08-12 22:25 - 2018-08-12 22:25 - 000000000 ____D C:\Users\User007\AppData\Local\ElevatedDiagnostics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 00:24 - 2018-01-02 17:21 - 000000000 ____D C:\Users\User007\AppData\Local\Spotify
2018-09-07 21:40 - 2018-01-02 17:21 - 000000000 ____D C:\Users\User007\AppData\Roaming\Spotify
2018-09-07 18:33 - 2017-12-30 14:51 - 000000000 ____D C:\Users\User007\AppData\Roaming\TS3Client
2018-09-07 12:33 - 2014-03-18 17:33 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-07 12:33 - 2014-03-18 16:54 - 000734306 _____ C:\Windows\system32\perfh005.dat
2018-09-07 12:33 - 2014-03-18 16:54 - 000149150 _____ C:\Windows\system32\perfc005.dat
2018-09-07 12:33 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-09-07 12:27 - 2018-01-12 21:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-09-07 12:27 - 2014-12-04 13:40 - 000003014 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-09-07 12:27 - 2014-12-04 13:18 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-09-07 12:27 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-06 22:17 - 2018-06-13 18:54 - 000000000 ____D C:\Users\User007\AppData\Local\IdleMaster
2018-09-06 21:24 - 2017-12-24 01:20 - 000000000 ____D C:\ProgramData\Origin
2018-09-06 21:17 - 2017-12-24 01:21 - 000000000 ____D C:\Users\User007\AppData\Roaming\Origin
2018-09-06 17:52 - 2014-12-04 13:18 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4136323759-1055153502-2705366783-1001
2018-09-06 15:28 - 2018-05-31 01:27 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-04 15:52 - 2017-12-24 01:57 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-09-03 23:09 - 2014-12-04 13:12 - 000000000 ____D C:\Users\User007
2018-09-02 18:57 - 2018-01-06 20:11 - 000000000 ____D C:\Users\User007\AppData\Local\Ubisoft Game Launcher
2018-09-02 18:26 - 2017-12-23 13:21 - 000000000 ____D C:\Users\User007\Documents\My Games
2018-09-02 18:25 - 2014-12-04 13:28 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-02 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-01 23:25 - 2018-06-29 09:49 - 000000508 _____ C:\Users\User007\Desktop\Pozice.txt
2018-08-29 00:51 - 2014-12-04 17:12 - 000000000 ____D C:\Temp
2018-08-24 22:48 - 2018-01-08 22:39 - 000000000 ____D C:\Users\User007\Documents\Assassin's Creed Origins
2018-08-24 18:16 - 2017-12-23 13:17 - 000000000 ____D C:\Users\User007\AppData\Local\CrashDumps
2018-08-24 13:07 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-24 13:06 - 2018-01-21 20:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-22 18:11 - 2017-12-23 12:24 - 023305232 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 015699512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 004616904 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 004085328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-08-21 12:25 - 2018-01-06 00:50 - 000003404 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-08-21 12:25 - 2018-01-06 00:50 - 000003278 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-08-21 12:25 - 2018-01-06 00:50 - 000000000 ____D C:\Program Files (x86)\Gyazo
2018-08-20 20:45 - 2018-07-30 18:12 - 000000254 _____ C:\Users\User007\Desktop\NEMAZAT marovo heslo od seznamu.txt
2018-08-19 16:38 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-16 19:38 - 2013-08-22 16:44 - 000496760 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-16 19:37 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-16 18:59 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-16 18:44 - 2018-06-01 21:26 - 011677112 _____ C:\Windows\system32\Drivers\FACEIT.sys
2018-08-16 16:22 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-16 16:21 - 2014-12-04 13:45 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-16 16:21 - 2014-12-04 13:45 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 15:10 - 2018-01-12 21:11 - 000000000 ____D C:\Users\User007\AppData\Roaming\TeamViewer
2018-08-15 12:32 - 2018-01-12 21:11 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-08-15 01:27 - 2017-12-23 13:16 - 000000000 ____D C:\Users\User007\AppData\Local\Steam
2018-08-13 15:52 - 2017-12-24 12:55 - 000000000 ____D C:\Users\User007\Documents\FIFA 18
2018-08-12 22:39 - 2014-12-04 13:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-12 22:39 - 2014-12-04 13:12 - 000000000 ____D C:\Users\User007\AppData\Local\VirtualStore
2018-08-12 22:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\Help
2018-08-12 22:32 - 2018-03-20 23:38 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:28 - 2018-06-02 00:22 - 000000000 ____D C:\ProgramData\VEGAS
2018-08-12 11:04 - 2018-01-05 18:46 - 000000000 ____D C:\Users\User007\AppData\Roaming\MPC-HC
2018-08-12 11:04 - 2017-12-23 14:38 - 000000000 ____D C:\Users\User007\AppData\Roaming\DAEMON Tools Lite
2018-08-10 09:35 - 2017-12-23 13:24 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 09:35 - 2017-12-23 13:24 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H () C:\Program Files (x86)\ziiugfdbmr.dat
2014-12-04 13:40 - 2014-12-04 13:40 - 001065984 _____ () C:\Users\User007\AppData\Local\file__0.localstorage

Some files in TEMP:
====================
2014-12-04 13:18 - 2018-09-07 12:28 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2018-08-27 12:54 - 2018-09-07 12:28 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-01 17:34

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by User007 (08-09-2018 00:38:18)
Running from C:\Users\User007\Downloads
Windows 8.1 (Update) (X64) (2014-12-04 11:12:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4136323759-1055153502-2705366783-500 - Administrator - Disabled)
Guest (S-1-5-21-4136323759-1055153502-2705366783-501 - Limited - Disabled)
User007 (S-1-5-21-4136323759-1055153502-2705366783-1001 - Administrator - Enabled) => C:\Users\User007

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Battlefield V™ Open Beta (HKLM-x32\...\{2B3B5324-E6E1-4E32-9938-898AD1CA8D8A}) (Version: 1.0.57.30348 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{FE3CD7B8-14D4-46E9-A206-2C8F2C0E6F1F}) (Version: 1.1.139.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\FACEITApp) (Version: 0.17.3 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Far Cry 5 (HKLM-x32\...\Uplay Install 1803) (Version: - Ubisoft)
Far Cry 5 Server Stress Test (HKLM-x32\...\Uplay Install 5051) (Version: - Ubisoft)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
GameMaker-Studio 1.4 (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\GameMaker-Studio14) (Version: - YoYo Games Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gyazo 3.3.9 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 10.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.5 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2275 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 399.07 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
PingPlotter 5 (HKLM-x32\...\{F513FFE3-ED3B-4DC1-BB41-DABEBCAE2F6F}) (Version: 5.5.14.4908 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.5.14.4908) (Version: 5.5.14.4908 - Pingman Tools, LLC)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.20.606 - Razer Inc.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.2426 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 46.0 - Ubisoft)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4136323759-1055153502-2705366783-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-4136323759-1055153502-2705366783-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4136323759-1055153502-2705366783-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13F26DCB-D3D0-42D1-AF1C-6D5B6CD727D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {1CF9D29D-800A-44E5-A148-58ADF4E499EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {20672076-D804-4BF9-875C-6A4F53278620} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4136323759-1055153502-2705366783-1001 => C:\Users\User007\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {258AEDAE-3692-490B-B644-2C0B5473BE4B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {27F6AA28-0EAC-46A9-926E-4C6E9D11E4F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {2A32F531-E1EB-49D6-8E99-F41508D46C7D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
Task: {2C371094-B37A-4A72-B512-D0D2B579E1E0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {302DD677-5EEF-4069-9225-EAD0355DB414} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.)
Task: {44754FED-AD0E-49DC-B369-80C9BCA6E1C9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {451D4290-8B75-4D9C-B7B9-BFC97BC21856} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {4BD824C5-FD4B-440E-A5AD-3D5FA7A0DBB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {4F995AFF-F2D5-4416-B4E8-117B056C1528} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {508C03C8-B2D1-42D6-9424-0BD092F1552F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-24] (Microsoft Corporation)
Task: {55CD0E14-6370-4F7F-A7FB-9062559CAD08} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {60EC4222-70D2-4376-83B9-F61214385802} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-24] (Microsoft Corporation)
Task: {61BF2655-B0A4-4FFD-9BD2-E91C2E58B6A6} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()
Task: {6331AA7E-B144-4211-B0A8-92C14E2E331C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {6DDA8BD0-31AA-488B-A72F-90C146216C5F} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {7000C8B2-856D-4250-B387-D5294DA5C82E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {70B071BB-7747-4AB9-8920-57044FC15F59} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-08-16] (Microsoft Corporation)
Task: {715B4C37-9972-416E-98D5-F47B1A3038E5} - System32\Tasks\KiN\SF => C:\Program Files (x86)\SpeedFan\speedfan.exe [2016-09-18] ()
Task: {799A4891-6A06-4C0F-8608-BA584AFF3C44} - System32\Tasks\Core Temp Autostart User007 => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {860E0DC1-816E-40D2-892C-7426AD0DE918} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.)
Task: {862F71F8-302A-4148-997D-9C8B4B098022} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-24] (Microsoft Corporation)
Task: {88760C63-280E-42C8-A853-6BD59CDCC1F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {AA9428FB-31E5-4CD6-B3AB-EABCF495DBC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {ACBE1CD6-1986-457C-BFAB-C101D63FD2A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-24] (Microsoft Corporation)
Task: {B34FD4AE-B224-4DD9-AD80-6A729F65DD06} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {B4590766-A6D8-41A4-A9BC-FA6ED4EF00B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {C71E3678-138E-444E-A436-9AACB1A7C3B1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {EC97E70B-9D0F-4C54-88EB-2814352C70A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {EF6194E0-9286-4C2E-A762-6415F83045A2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {F5D1762B-534B-4A62-9AA8-91E6B7143AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {F9669CCB-E179-43AD-86F8-CE2EDC350529} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-24] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb

==================== Loaded Modules (Whitelisted) ==============

2014-12-04 13:17 - 2013-10-08 14:23 - 000890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2018-08-12 22:32 - 2018-07-19 22:16 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-03-14 21:13 - 2018-03-14 21:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-05-31 01:27 - 2018-09-06 15:28 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-31 01:27 - 2018-09-06 15:28 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-06-02 09:47 - 2016-09-18 12:05 - 008166536 _____ () C:\Program Files (x86)\SpeedFan\speedfan.exe
2018-08-10 09:35 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 09:35 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-08-12 22:32 - 2018-07-19 22:16 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-08 13:41 - 2018-05-08 13:41 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2018-08-27 12:54 - 2018-09-07 12:28 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
2014-12-04 13:18 - 2018-09-07 12:28 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2014-04-03 17:48 - 2014-04-03 17:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User007:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\hola.org -> hxxp://hola.org

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User007\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{14F1DAAB-049A-4481-8B35-31F51C6F321F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{D1CEAF50-B13B-4972-909E-85813DC4DF96}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6D623C95-53DD-40A0-8292-8F42DA327F08}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9F9DA079-99E2-4DC6-A9D0-1B731C2B2118}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C4659EC7-A588-4067-B2FF-1AB8313D2183}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{74757D24-CDA6-441C-AB2E-DE861712458A}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5C918C4F-3F38-4E03-A79C-4BE0281B6FC4}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3B63C522-6CB7-470B-8285-8908E3068500}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{DEB88C5C-8847-4488-9E83-A030A7E8E344}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{98596ECB-9BAA-4EF5-9795-267DDDF94603}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{486AB59A-A1D8-406F-A375-C1ABD828AA7D}D:\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{A7A58457-3B38-4BAB-840C-561582E96BD5}D:\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{A4935A66-10EC-4321-BC67-EFEBC482FAB9}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{9CB6B898-616A-4B0D-BE5B-FC62D5900B2F}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{6BD82F76-8DEB-4AB9-B64B-B72086B1CAD3}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{D5AAE783-8709-47D0-9C1E-68ECE80B9C77}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [TCP Query User{D9137134-6D25-465D-9826-3D9757789D42}D:\program files\fifa 18\fifa18.exe] => (Allow) D:\program files\fifa 18\fifa18.exe
FirewallRules: [UDP Query User{23690659-FAEC-4B9C-893F-EC8863D181B0}D:\program files\fifa 18\fifa18.exe] => (Allow) D:\program files\fifa 18\fifa18.exe
FirewallRules: [{6834FC34-AACA-48A3-A69D-F46D6583A8D0}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{C53F207E-1130-4604-A5B3-B6FDB7BABCFB}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{4364DE31-CA9D-473E-BFE0-1DD8355D283E}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{7A0E25F9-D6EF-4792-A27C-7C96BA4C2BC6}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{6C65CCB7-84C1-473E-9CFC-65C0BA543741}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D2518DF1-0CBA-4D99-A54B-CE9A091987BE}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{F448F383-AF02-450C-B776-550D18722F99}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{02801158-F4AF-41A9-9677-DFDEC9A64422}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DB2B8DD4-062B-4C26-A472-8EC11BE7A286}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F29DDA2D-B044-42D4-BAFD-0194233724EC}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{197D92A3-E2B6-4B89-B218-9CBF414F6178}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{B4E9AC88-64A2-4977-9FA8-CED2C0532BF1}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{31B34810-8DA3-49C7-9C31-68F6BD54CE02}C:\users\user007\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D56CDAB7-1F96-4B31-832F-B1106E63746D}C:\users\user007\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{86BE02EE-8CB2-4B0A-B203-55DDE75B87CD}] => (Block) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62B1DE4A-1B37-4AD2-8C3C-CA11A694BCAD}] => (Block) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2E93F6CE-DC30-44CA-A432-802D50B58B5E}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{1DE58D68-E0C1-4A0F-A6A9-7F972D5B5321}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{23272254-9EAB-4A8A-B4D1-414F2EBECC8F}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D6CDFB5F-93D4-47EA-9522-4BAE8F45D930}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{40D763E5-77A2-4A3E-AF00-49F3137D2475}] => (Allow) D:\Steam\steamapps\common\FORTIFY\Fortify.exe
FirewallRules: [{2F4A5F84-FF11-4F94-A18A-F0579DAAC817}] => (Allow) D:\Steam\steamapps\common\FORTIFY\Fortify.exe
FirewallRules: [{D18733A9-FBF6-474F-9BE3-B26BD542685A}] => (Allow) D:\Program Files\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A4839233-0F1F-4126-A22B-972FEE7F1CDB}] => (Allow) D:\Program Files\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{29B429AD-EC5A-4177-8712-402174EE810D}] => (Allow) D:\Program Files\World_of_Tanks\worldoftanks.exe
FirewallRules: [{120F0258-47BD-4E4A-831D-74243EBA138C}] => (Allow) D:\Program Files\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{7423E388-FBCF-43E1-B88A-F33964FDFE08}D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{72B35740-62FF-4830-87BF-14F96556B287}D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{CEDC2396-57EC-484E-9FFB-9B508E60960B}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08F9CB81-74E9-451C-855F-719819E57983}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4CAB9DAD-FDF6-42E9-9066-308073D9214C}] => (Block) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A0153AC8-0E3A-4F0A-8242-15C730983865}] => (Block) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3B14838C-2E77-45AA-98F8-AB676F991947}] => (Allow) D:\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe
FirewallRules: [{D474A942-F906-4EA6-85E9-018E9DEB8251}] => (Allow) D:\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe
FirewallRules: [{D5DB7B32-A9A6-40BE-A214-7039A4D823D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{123871AA-5FE5-44A1-BF5A-3A226B5236A2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C84354CD-F93D-4F9F-862B-D93D62EA9FD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CDF54B15-8068-48AC-9210-31F8E47C2A45}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{BF5AD8B9-47B7-42C5-9953-106195972C3D}D:\program files\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{AF17E724-26DA-4E77-99C8-469A1AB37224}D:\program files\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{B34CC4B3-BF73-46BC-BBDE-687756793563}] => (Block) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{499C9668-7670-48E3-89F2-7D150F968EB6}] => (Block) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{E0C26A57-56DE-4FA2-B468-6149044F80AC}] => (Allow) D:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{03BA39DA-FDD5-4C84-81E0-9D3C1D46939E}] => (Allow) D:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{7D7C39FE-294B-434E-BF69-44F16A522F13}D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{5B0ACC11-D921-43C7-B66C-11670335AB40}D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{DC5AC6A6-2CA9-43CF-A7C8-800AA582756D}] => (Block) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{31334B43-3921-4855-B3B4-AC5BF497FE07}] => (Block) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8CDF08E5-B396-454B-B5AA-03A9054A5F90}D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4F98FFA0-93A1-4EEA-B5D4-A0C56EDCBBC3}D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{400B61FE-8B8C-41A0-A11C-5165C58865F4}] => (Block) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{6621D037-6F7C-45B7-AE28-D68583086C63}] => (Block) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{7AF6078E-A051-41F4-91E0-573BD8C84240}D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Allow) D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe
FirewallRules: [UDP Query User{D65D0F17-FE21-43A0-B159-71BBB23E5C63}D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Allow) D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe
FirewallRules: [TCP Query User{3FB902E6-D34B-40F8-BBF8-7BCF75DB95DD}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{C7074100-D903-43D0-8DBF-3CF532E9E32D}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{CFB5D18C-ADB2-4B22-BFB9-824E138FF8E6}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{966A6D0E-F6BB-48D3-9238-85F5C630DBF2}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{E5B8EEA8-6469-4162-8FE1-789007D9E829}D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [UDP Query User{EA02DA6F-9F7C-4A0B-90D7-63D261B5DFD1}D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [{33D10E45-077D-4015-9014-00626F5F8AFF}] => (Block) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [{A19A6C72-B255-4735-9731-A724A1469422}] => (Block) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [TCP Query User{C787DD17-BDD2-455A-AAD1-C878B8C5032A}C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [UDP Query User{00D95BC1-D49B-4DBA-9C45-D3DCDE21062C}C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{81CCC74B-A845-4F97-B682-DBEE43EB5B7A}] => (Block) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{AD7E3E66-8267-4A28-9A2F-217AA9E5BA14}] => (Block) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{6F647243-1D22-4EB8-BA22-1066FD165348}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{6690BC9E-A8F9-4049-8CEC-4B58EC5D0FB8}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{2EEB0B46-B5C5-4BEB-AD96-98F7CEF4765C}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [{714A7A2E-BFB8-44D6-B91B-EDB4CFF681B3}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [TCP Query User{25A4D7AA-5EEE-473B-BCDF-2B02986E3314}D:\program files\nhll\nhl2009.exe] => (Allow) D:\program files\nhll\nhl2009.exe
FirewallRules: [UDP Query User{ACF2800B-2F57-4D87-A905-B26961B878B3}D:\program files\nhll\nhl2009.exe] => (Allow) D:\program files\nhll\nhl2009.exe
FirewallRules: [{A5A8452C-38F3-4BB7-B535-D6A02E3EEFDD}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{13915B7F-667C-4F32-9085-47B41E44C94D}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CE1955F9-18B0-4FD6-8C8F-234AD8DD09A0}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{39479846-53BC-485F-8ABC-B68F085BCFEF}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [TCP Query User{483BAE7D-81C9-43CC-91E4-A7F21EDD41D5}D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{429F4C7A-352F-434E-81C9-74467DA33FF6}D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{C498742C-3CB2-4080-BD2F-6D9709552401}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{B6AB9DC5-AEBF-4594-BBC2-4B211CA053AB}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{F01B14E1-D7A0-4AF4-B169-FED0B330AF9B}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{5855BDC3-6DE6-4F8F-A473-2B5DEBAC02C1}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{230E79B8-EA53-4663-AE3B-B01AFD47C196}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{8A49C900-289C-4336-91A6-3BBCBE9DE500}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{374D52F7-526B-4B89-85E9-7AD977A70C91}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{60FB9601-C49C-4C9E-9955-D98C947C6183}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{303B2490-A1CC-4FC4-907E-4F8E132D3754}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{06141DD5-1AA0-489E-8543-B03DE48A6365}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{DA2A9889-B801-416B-87E2-C2223461C110}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{75E37A1C-5376-4601-8E2C-AD7A67D1F313}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ECD48977-10DC-48FC-A841-76DE322A89EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C2704404-ADED-43E2-BD47-B8E40255ECBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F18D66B5-B68F-4AF2-97B7-5AA37AD742DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8FF3D4F2-97DB-4AE9-99AC-A7DD8EC41A22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1466BBDA-E2DB-4BED-9110-CC00FB929B6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0EA8C30E-1B63-437C-9D48-7FF3B6F63A0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{55E3E04A-7C30-4A6F-8675-BF8A676A9D56}] => (Allow) D:\Program Files\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [{41A5E966-A37C-4147-A9A4-576D7122468D}] => (Allow) D:\Program Files\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [{ED4B6378-5B96-464E-BF7D-36E434D5519B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E729CE81-33C1-4E1A-83DA-790B6FA33AD1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{49F7A19D-B11B-45FD-BDCE-E0B7BE037967}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{86322F21-EB4B-4DE8-A589-7C9EDB163A19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{258C1119-A7C3-4E34-9EFA-440766AE1695}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\FarCry5.exe
FirewallRules: [{B14E537F-756D-488D-97B5-2BA132D4C75C}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\ArcadeEditor64.exe
FirewallRules: [{A2C722F6-15BC-4535-84AC-A22B4B2BF5D4}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\FarCry5.exe
FirewallRules: [{C6117880-4852-412C-8761-56958313AA1B}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\ArcadeEditor64.exe
FirewallRules: [{29888D7A-A575-4F73-B77B-7D364043CDA1}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{7468C234-56BE-4E6A-BD1B-B063346DEADC}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0F90DB60-1209-47C6-BC57-0A92368E22D9}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe
FirewallRules: [{59559975-402B-4F7D-9AB3-784E8E2E89DA}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe
FirewallRules: [TCP Query User{48CDEB17-8D9D-4C9C-9F5F-F951E81F7150}D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0ECC81AC-6282-4E54-8F82-2D1F1C28B8CF}D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B9C8D493-D63B-485C-98A4-9BB5C963098C}D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{982B301E-A9E4-4F16-8F5D-86B29659447B}D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{FB650BD0-BD4C-46F6-BFAA-3C7467ADFE15}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5F1ABDED-D89B-43CD-B1A3-B4E3BE9A57B4}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A81831DD-889E-41D0-A7A8-5C16202A96EA}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CF4977A9-A8D6-416E-BD21-05EDCC988825}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FE7D05F8-F684-4072-B246-3AE6E3A0E8DA}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{D7F49132-090A-41A8-A97C-ECB5CDD24D20}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{0EC2ED7F-6699-45E2-9AA6-2B5D39E93904}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{A4E24F92-BA18-4790-A151-A6A8C63AFEF0}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{7D555A8F-BF64-4CC1-95ED-BD7C65A1876C}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{F0638BCD-3159-4240-864D-C116B8F23A8B}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{F51BD62E-A620-45A5-A5E5-B44A0BC36B35}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{2F0F1EC0-9B39-48D1-89EF-A70B769E637A}] => (Allow) D:\Program Files\Origin Games\Battlefield V Open Beta\bfvob.exe
FirewallRules: [{CE68C17E-D013-4286-995C-CD63A91E8143}] => (Allow) D:\Program Files\Origin Games\Battlefield V Open Beta\bfvob.exe
FirewallRules: [{F786E773-D4BD-4194-97D7-0380C78147B7}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0520112D-DE77-444C-BDD0-EF94D31E8FF3}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{651CA78A-D45D-4EF3-8DDD-01D49417F93D}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5034A0D3-D22A-4E7B-9D40-BC35886E8F66}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

==================== Restore Points =========================

26-08-2018 18:02:23 Nainstalováno rozhraní DirectX
02-09-2018 18:24:57 Nainstalováno rozhraní DirectX
04-09-2018 15:29:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2018 12:28:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/06/2018 08:33:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/06/2018 05:52:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/06/2018 01:35:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/05/2018 12:28:23 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/04/2018 12:28:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/03/2018 12:28:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/02/2018 01:37:02 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/07/2018 05:45:07 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (09/07/2018 03:33:10 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/07/2018 03:32:40 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/07/2018 12:38:29 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/07/2018 12:37:59 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/06/2018 05:53:41 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/06/2018 05:53:11 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/06/2018 03:28:02 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve


Windows Defender:
===================================
Date: 2018-09-07 12:38:46.880
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91B0DD86-4BC1-4A85-A6B8-D4E500EA94FD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 20:44:04.462
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC2694B2-F8DB-4416-878E-B599A91C4BDC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 18:02:48.655
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F2C07A13-563D-4876-A80C-9691B8FDEB00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-04 15:34:06.380
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {60D885E9-91E2-4F5A-AE32-ABA4A0F747E3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-08-30 17:20:34.846
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C6A339E8-F171-4BB8-B1A0-056F4C59AD32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-08-22 21:07:41.111
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 119.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.107
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.107
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.076
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-05-16 15:21:49.050
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.267.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14800.3
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-08-24 14:00:46.477
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 14:00:46.166
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-23 16:16:55.484
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-23 16:16:55.201
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 40%
Total physical RAM: 8120 MB
Available physical RAM: 4799.41 MB
Total Virtual: 16312 MB
Available Virtual: 12394.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:63.17 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:111.2 GB) NTFS
Drive e: (DISK-E) (Fixed) (Total:596.16 GB) (Free:406.5 GB) NTFS

\\?\Volume{f1d3aa84-7ba5-11e4-824e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 805D29D4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 805D29CC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 596.2 GB) (Disk ID: 5632687A)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Díky

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Re: Prosím o kontrolu logu

#3 Příspěvek od flatoutik »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2018
# Duration: 00:00:01
# OS: Windows 8.1
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Hola
Deleted C:\Users\User007\AppData\Roaming\Hola

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Hola
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted slunecnice.cz
Deleted http://mysearch.avg.com?cid={5956E8DE-0 ... 2013-11-02 18:08:11&v=17.0.0.12&pid=safeguard&sg=0&sap=hp
Deleted AVG Secure Search
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1865 octets] - [08/09/2018 12:32:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#4 Příspěvek od Conder »

:arrow: Poprosim o nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Re: Prosím o kontrolu logu

#5 Příspěvek od flatoutik »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by User007 (administrator) on PC (08-09-2018 21:23:43)
Running from C:\Users\User007\Downloads
Loaded Profiles: User007 (Available Profiles: User007)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Program Files\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-06-06] (Razer Inc.)
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Run: [Steam] => D:\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-08-08] (Nota Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.3.1
Tcpip\..\Interfaces\{F7338606-2457-406D-8D6F-93CBB961C305}: [DhcpNameServer] 8.8.8.8 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-24] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default [2018-09-08]
CHR Extension: (Prezentace) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-23]
CHR Extension: (Dokumenty) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23]
CHR Extension: (Disk Google) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-08]
CHR Extension: (YouTube) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-23]
CHR Extension: (Adblock na Youtube™) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-03-07]
CHR Extension: (Tabulky) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-23]
CHR Extension: (Gyazo) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2018-05-25]
CHR Extension: (Authy Chrome Extension) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2017-12-23]
CHR Extension: (Authy) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2018-05-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-06]
CHR Extension: (Grammarly for Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-09-07]
CHR Extension: (City and Bridge in the Fog - Full HD - Axlg) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdegpmcndhhenlehkilbepaihkaefkom [2017-12-23]
CHR Extension: (Counter for Messenger) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2018-09-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\User007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-09] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522912 2018-08-07] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-09] (EasyAntiCheat Ltd)
S3 HnGSteamService; D:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [754984 2018-09-05] (Reto-Moto ApS)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files\Origin\OriginClientService.exe [2213696 2018-08-20] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files\Origin\OriginWebHelperService.exe [3084104 2018-08-20] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-12-23] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-12-23] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-06] (Malwarebytes)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [11677112 2018-08-16] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2018-05-30] (LogMeIn Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-08] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [52328 2018-09-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-08] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [109872 2018-09-08] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [57400 2018-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51736 2016-06-22] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2016-02-23] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 14:27 - 2018-09-08 14:27 - 006404096 _____ (Piriform Ltd) C:\Users\User007\Downloads\dfsetup222.exe
2018-09-08 14:27 - 2018-09-08 14:27 - 000001736 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-09-08 14:27 - 2018-09-08 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2018-09-08 14:27 - 2018-09-08 14:27 - 000000000 ____D C:\Program Files\Defraggler
2018-09-08 12:32 - 2018-09-08 12:33 - 000000000 ____D C:\AdwCleaner
2018-09-08 12:29 - 2018-09-08 12:29 - 007571152 _____ (Malwarebytes) C:\Users\User007\Desktop\adwcleaner_7.2.3.1.exe
2018-09-08 12:23 - 2018-09-08 12:23 - 000004172 _____ C:\Windows\System32\Tasks\Norton Security Scan for User007
2018-09-08 12:23 - 2018-09-08 12:23 - 000000000 ____D C:\Windows\system32\Drivers\NSSx64
2018-09-08 12:23 - 2018-09-08 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2018-09-08 12:23 - 2018-09-08 12:23 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2018-09-08 00:48 - 2018-09-08 12:23 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-09-08 00:48 - 2018-09-08 00:51 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-09-08 00:47 - 2018-09-08 12:23 - 000000000 ____D C:\ProgramData\Norton
2018-09-08 00:47 - 2018-09-08 00:47 - 000000000 ____D C:\Users\Public\Downloads\Norton
2018-09-08 00:46 - 2018-09-08 00:46 - 001124816 _____ (Symantec Corporation) C:\Users\User007\Downloads\NSPremiumDownloader.exe
2018-09-08 00:45 - 2018-09-08 00:45 - 001450457 _____ C:\Users\User007\Downloads\apr-jun-2018-consumer.pdf
2018-09-08 00:38 - 2018-09-08 21:23 - 000016157 _____ C:\Users\User007\Downloads\FRST.txt
2018-09-08 00:38 - 2018-09-08 00:38 - 000058939 _____ C:\Users\User007\Downloads\Addition.txt
2018-09-08 00:37 - 2018-09-08 21:23 - 000000000 ____D C:\FRST
2018-09-08 00:37 - 2018-09-08 00:37 - 002413056 _____ (Farbar) C:\Users\User007\Downloads\FRST64.exe
2018-09-06 22:16 - 2018-09-06 22:16 - 000000000 ____D C:\Users\User007\Downloads\idle_master_extended_v1.3
2018-09-06 22:09 - 2018-09-06 22:09 - 001363209 _____ C:\Users\User007\Downloads\idle_master_extended_v1.3.zip
2018-09-06 21:24 - 2018-09-06 21:24 - 000000000 ____D C:\Users\User007\AppData\Local\mbam
2018-09-06 21:17 - 2018-09-06 21:18 - 000000000 ____D C:\Users\User007\Documents\Battlefield V Open Beta
2018-09-06 15:28 - 2018-09-08 18:38 - 000109872 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-06 15:28 - 2018-09-08 12:33 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-06 15:28 - 2018-09-08 12:33 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-06 15:28 - 2018-09-08 12:33 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-06 15:28 - 2018-09-06 15:28 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-05 22:40 - 2018-09-05 22:40 - 000000000 ____D C:\Users\User007\Downloads\wordpress-4.9.8-cs_CZ
2018-09-05 22:39 - 2018-09-05 22:40 - 010097666 _____ C:\Users\User007\Downloads\wordpress-4.9.8-cs_CZ.zip
2018-09-05 22:34 - 2018-09-05 23:06 - 000000161 _____ C:\Users\User007\Desktop\Tatarák.txt
2018-09-04 15:22 - 2018-09-04 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-09-03 11:42 - 2018-09-03 11:42 - 000000000 ____D C:\Users\User007\AppData\LocalLow\Facepunch Studios LTD
2018-09-03 10:51 - 2018-09-03 10:51 - 000111990 _____ C:\Users\User007\Downloads\Plan-treninku-36.-tyden-MSK.pdf
2018-09-02 18:14 - 2018-09-02 18:14 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\User007\Downloads\flashplayer30pp_xa_install.exe
2018-08-29 00:50 - 2018-08-21 12:24 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-08-29 00:48 - 2018-08-29 00:49 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-08-29 00:47 - 2018-08-22 18:12 - 040189616 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 032457736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 017014632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-08-29 00:47 - 2018-08-22 18:12 - 000628560 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 000519120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-08-29 00:47 - 2018-08-22 18:12 - 000057400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2018-08-29 00:47 - 2018-08-22 18:11 - 040346976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 035250176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 031248576 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 025964944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 020330616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 017755768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 015169920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 013732120 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 011276424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 003967304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 003504968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001564136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001420296 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001217352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001159096 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 001093456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000915616 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000906608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000546880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000464536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000420032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000182624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000170216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000164792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000159736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000148168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000142656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-08-29 00:47 - 2018-08-22 18:11 - 000133960 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2018-08-29 00:35 - 2018-08-29 00:35 - 000112477 _____ C:\Users\User007\Downloads\Plan-treninku-35.-tyden-MSK (1).pdf
2018-08-27 03:06 - 2018-08-27 03:06 - 000112477 _____ C:\Users\User007\Downloads\Plan-treninku-35.-tyden-MSK.pdf
2018-08-24 22:55 - 2018-08-24 22:55 - 000000000 ____D C:\Users\User007\Documents\League of Legends
2018-08-24 22:51 - 2018-08-24 22:51 - 000000684 _____ C:\Users\Public\Desktop\League of Legends.lnk
2018-08-24 22:51 - 2018-08-24 22:51 - 000000000 ____D C:\ProgramData\Riot Games
2018-08-24 22:51 - 2018-08-24 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-08-24 22:51 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-08-24 22:51 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-08-24 22:51 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-08-24 22:50 - 2018-08-24 22:50 - 085168872 _____ (Riot Games, Inc) C:\Users\User007\Downloads\League of Legends installer EUNE.exe
2018-08-23 16:15 - 2018-08-23 16:15 - 000000000 ____D C:\Users\User007\AppData\Roaming\Downloaded Installations
2018-08-23 16:11 - 2018-08-23 16:14 - 015200560 _____ C:\Users\User007\Downloads\pingplotter_install.exe
2018-08-22 22:22 - 2018-08-22 22:22 - 000044025 _____ C:\Users\User007\Downloads\EasyAntiCheat_x64.zip
2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H C:\Program Files (x86)\ziiugfdbmr.dat
2018-08-16 19:47 - 2018-08-16 19:47 - 042471892 _____ C:\Users\User007\Downloads\ASUS_AMDA00_ACPI_Win7Win8Win8_1.zip
2018-08-15 12:32 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 12:32 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 12:32 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 12:32 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 12:32 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 12:32 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 12:32 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 12:32 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 12:32 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 12:32 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 12:32 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 12:32 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 12:32 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 12:32 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 12:32 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 12:32 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 12:32 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-15 12:32 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 12:32 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 12:32 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 12:32 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 12:32 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 12:32 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-15 12:32 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 12:32 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 12:32 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 12:32 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 12:32 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 12:32 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 12:32 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-15 12:32 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 12:32 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 12:32 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 12:32 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 12:32 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 12:32 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-15 12:32 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 12:32 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 12:32 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 12:32 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 12:32 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 12:32 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-15 12:32 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-15 12:32 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 12:32 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 12:32 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 12:32 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 12:32 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 12:32 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 12:32 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 12:32 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 12:32 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 12:32 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-15 12:32 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 12:32 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-15 12:32 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 12:32 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-15 12:32 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-15 12:32 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-15 12:32 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-15 12:32 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-15 12:32 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 12:22 - 2018-08-14 12:22 - 000000979 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2018-08-14 12:22 - 2018-08-14 12:22 - 000000941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2018-08-14 12:22 - 2018-08-14 12:22 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2018-08-14 12:21 - 2018-08-14 12:21 - 077976048 _____ (TeamSpeak Systems GmbH) C:\Users\User007\Downloads\TeamSpeak3-Client-win64-3.1.10.exe
2018-08-13 11:53 - 2018-08-13 11:53 - 000112944 _____ C:\Users\User007\Downloads\Plan-treninku-33.-tyden-MSK.pdf
2018-08-12 22:39 - 2018-08-29 00:50 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-12 22:39 - 2018-08-21 12:14 - 005947600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 002612264 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000634352 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000450768 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000124216 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-08-12 22:39 - 2018-08-21 12:14 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-08-12 22:39 - 2018-08-03 00:32 - 008273432 _____ C:\Windows\system32\nvcoproc.bin
2018-08-12 22:38 - 2018-08-12 22:38 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-08-12 22:38 - 2018-08-01 11:49 - 000551616 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-08-12 22:38 - 2018-08-01 11:49 - 000456992 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-08-12 22:37 - 2018-08-22 18:12 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2018-08-12 22:37 - 2018-08-22 18:11 - 019088480 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-08-12 22:37 - 2018-08-22 18:11 - 000505592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-08-12 22:37 - 2018-08-21 14:08 - 000041866 _____ C:\Windows\system32\nvinfo.pb
2018-08-12 22:37 - 2018-08-01 11:47 - 002002448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439882.dll
2018-08-12 22:37 - 2018-08-01 11:47 - 001467920 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439882.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-08-12 22:37 - 2018-07-30 21:08 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-08-12 22:37 - 2018-07-30 21:08 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-08-12 22:37 - 2018-07-30 21:08 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-08-12 22:32 - 2018-09-08 12:35 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-12 22:32 - 2018-08-29 00:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-29 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-27 00:14 - 000000000 ____D C:\Users\User007\AppData\Local\NVIDIA
2018-08-12 22:32 - 2018-08-26 17:36 - 000000000 ____D C:\Users\User007\AppData\Local\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-21 12:15 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-08-12 22:32 - 2018-08-12 22:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2018-08-12 22:32 - 000001390 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-08-12 22:32 - 2018-07-19 22:16 - 001311784 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-08-12 22:32 - 2018-07-19 19:44 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-08-12 22:32 - 2018-06-28 02:26 - 000206760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-08-12 22:32 - 2018-06-28 02:26 - 000185256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-08-12 22:32 - 2018-06-08 03:59 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-08-12 22:32 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-08-12 22:31 - 2018-08-12 22:32 - 087630520 _____ (NVIDIA Corporation) C:\Users\User007\Downloads\GeForce_Experience_v3.14.1.48.exe
2018-08-12 22:28 - 2018-08-12 22:28 - 000000000 ____D C:\Users\User007\Downloads\[Guru3D.com]-DDU
2018-08-12 22:25 - 2018-08-12 22:25 - 000000000 ____D C:\Users\User007\AppData\Local\ElevatedDiagnostics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 20:20 - 2018-01-02 17:21 - 000000000 ____D C:\Users\User007\AppData\Local\Spotify
2018-09-08 19:20 - 2018-01-02 17:21 - 000000000 ____D C:\Users\User007\AppData\Roaming\Spotify
2018-09-08 13:50 - 2017-12-30 14:51 - 000000000 ____D C:\Users\User007\AppData\Roaming\TS3Client
2018-09-08 12:39 - 2014-03-18 17:33 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-08 12:39 - 2014-03-18 16:54 - 000734306 _____ C:\Windows\system32\perfh005.dat
2018-09-08 12:39 - 2014-03-18 16:54 - 000149150 _____ C:\Windows\system32\perfc005.dat
2018-09-08 12:39 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-09-08 12:38 - 2014-12-04 13:18 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4136323759-1055153502-2705366783-1001
2018-09-08 12:34 - 2014-12-04 13:18 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-09-08 12:33 - 2018-01-12 21:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-09-08 12:33 - 2014-12-04 13:40 - 000003014 _____ C:\Windows\System32\Tasks\MSIAfterburner
2018-09-08 12:33 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-08 00:56 - 2018-01-06 20:11 - 000000000 ____D C:\Users\User007\AppData\Local\Ubisoft Game Launcher
2018-09-08 00:54 - 2018-02-15 23:17 - 000000000 ____D C:\Users\User007\AppData\Local\Black_Tree_Gaming
2018-09-08 00:53 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-09-08 00:53 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2018-09-06 22:17 - 2018-06-13 18:54 - 000000000 ____D C:\Users\User007\AppData\Local\IdleMaster
2018-09-06 21:24 - 2017-12-24 01:20 - 000000000 ____D C:\ProgramData\Origin
2018-09-06 21:17 - 2017-12-24 01:21 - 000000000 ____D C:\Users\User007\AppData\Roaming\Origin
2018-09-06 15:28 - 2018-05-31 01:27 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-04 15:52 - 2017-12-24 01:57 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-09-03 23:09 - 2014-12-04 13:12 - 000000000 ____D C:\Users\User007
2018-09-02 18:26 - 2017-12-23 13:21 - 000000000 ____D C:\Users\User007\Documents\My Games
2018-09-02 18:25 - 2014-12-04 13:28 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-02 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-09-01 23:25 - 2018-06-29 09:49 - 000000508 _____ C:\Users\User007\Desktop\Pozice.txt
2018-08-29 00:51 - 2014-12-04 17:12 - 000000000 ____D C:\Temp
2018-08-24 22:48 - 2018-01-08 22:39 - 000000000 ____D C:\Users\User007\Documents\Assassin's Creed Origins
2018-08-24 18:16 - 2017-12-23 13:17 - 000000000 ____D C:\Users\User007\AppData\Local\CrashDumps
2018-08-24 13:07 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-24 13:06 - 2018-01-21 20:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-22 18:11 - 2017-12-23 12:24 - 023305232 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 015699512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 004616904 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-08-22 18:11 - 2017-12-23 12:24 - 004085328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-08-21 12:25 - 2018-01-06 00:50 - 000003404 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-08-21 12:25 - 2018-01-06 00:50 - 000003278 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-08-21 12:25 - 2018-01-06 00:50 - 000000000 ____D C:\Program Files (x86)\Gyazo
2018-08-20 20:45 - 2018-07-30 18:12 - 000000254 _____ C:\Users\User007\Desktop\NEMAZAT marovo heslo od seznamu.txt
2018-08-19 16:38 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-16 19:38 - 2013-08-22 16:44 - 000496760 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-16 19:37 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-16 18:59 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-16 18:44 - 2018-06-01 21:26 - 011677112 _____ C:\Windows\system32\Drivers\FACEIT.sys
2018-08-16 16:22 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-16 16:21 - 2014-12-04 13:45 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-16 16:21 - 2014-12-04 13:45 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 15:10 - 2018-01-12 21:11 - 000000000 ____D C:\Users\User007\AppData\Roaming\TeamViewer
2018-08-15 12:32 - 2018-01-12 21:11 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-08-15 01:27 - 2017-12-23 13:16 - 000000000 ____D C:\Users\User007\AppData\Local\Steam
2018-08-13 15:52 - 2017-12-24 12:55 - 000000000 ____D C:\Users\User007\Documents\FIFA 18
2018-08-12 22:39 - 2014-12-04 13:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-12 22:39 - 2014-12-04 13:12 - 000000000 ____D C:\Users\User007\AppData\Local\VirtualStore
2018-08-12 22:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\Help
2018-08-12 22:32 - 2018-03-20 23:38 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:32 - 2017-12-23 12:26 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 22:28 - 2018-06-02 00:22 - 000000000 ____D C:\ProgramData\VEGAS
2018-08-12 11:04 - 2018-01-05 18:46 - 000000000 ____D C:\Users\User007\AppData\Roaming\MPC-HC
2018-08-12 11:04 - 2017-12-23 14:38 - 000000000 ____D C:\Users\User007\AppData\Roaming\DAEMON Tools Lite
2018-08-10 09:35 - 2017-12-23 13:24 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 09:35 - 2017-12-23 13:24 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H () C:\Program Files (x86)\ziiugfdbmr.dat
2014-12-04 13:40 - 2014-12-04 13:40 - 001065984 _____ () C:\Users\User007\AppData\Local\file__0.localstorage

Some files in TEMP:
====================
2014-12-04 13:18 - 2018-09-08 12:34 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2018-08-27 12:54 - 2018-09-08 12:34 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-01 17:34

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by User007 (08-09-2018 21:24:00)
Running from C:\Users\User007\Downloads
Windows 8.1 (Update) (X64) (2014-12-04 11:12:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4136323759-1055153502-2705366783-500 - Administrator - Disabled)
Guest (S-1-5-21-4136323759-1055153502-2705366783-501 - Limited - Disabled)
User007 (S-1-5-21-4136323759-1055153502-2705366783-1001 - Administrator - Enabled) => C:\Users\User007

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Battlefield V™ Open Beta (HKLM-x32\...\{2B3B5324-E6E1-4E32-9938-898AD1CA8D8A}) (Version: 1.0.57.30348 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{FE3CD7B8-14D4-46E9-A206-2C8F2C0E6F1F}) (Version: 1.1.139.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\FACEITApp) (Version: 0.17.3 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Far Cry 5 (HKLM-x32\...\Uplay Install 1803) (Version: - Ubisoft)
Far Cry 5 Server Stress Test (HKLM-x32\...\Uplay Install 5051) (Version: - Ubisoft)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gyazo 3.3.9 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 10.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.7.5 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2275 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 399.07 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.26.8488 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.20.606 - Razer Inc.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.2426 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 46.0 - Ubisoft)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4136323759-1055153502-2705366783-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User007\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-4136323759-1055153502-2705366783-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4136323759-1055153502-2705366783-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13F26DCB-D3D0-42D1-AF1C-6D5B6CD727D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {1CF9D29D-800A-44E5-A148-58ADF4E499EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {20672076-D804-4BF9-875C-6A4F53278620} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4136323759-1055153502-2705366783-1001 => C:\Users\User007\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {27F6AA28-0EAC-46A9-926E-4C6E9D11E4F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {2A32F531-E1EB-49D6-8E99-F41508D46C7D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
Task: {2C371094-B37A-4A72-B512-D0D2B579E1E0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {302DD677-5EEF-4069-9225-EAD0355DB414} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.)
Task: {44754FED-AD0E-49DC-B369-80C9BCA6E1C9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {451D4290-8B75-4D9C-B7B9-BFC97BC21856} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {4F995AFF-F2D5-4416-B4E8-117B056C1528} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {508C03C8-B2D1-42D6-9424-0BD092F1552F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-24] (Microsoft Corporation)
Task: {55CD0E14-6370-4F7F-A7FB-9062559CAD08} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {60EC4222-70D2-4376-83B9-F61214385802} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-24] (Microsoft Corporation)
Task: {6331AA7E-B144-4211-B0A8-92C14E2E331C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {6DDA8BD0-31AA-488B-A72F-90C146216C5F} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {7000C8B2-856D-4250-B387-D5294DA5C82E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {70B071BB-7747-4AB9-8920-57044FC15F59} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-08-16] (Microsoft Corporation)
Task: {715B4C37-9972-416E-98D5-F47B1A3038E5} - System32\Tasks\KiN\SF => C:\Program Files (x86)\SpeedFan\speedfan.exe [2016-09-18] ()
Task: {799A4891-6A06-4C0F-8608-BA584AFF3C44} - System32\Tasks\Core Temp Autostart User007 => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {860E0DC1-816E-40D2-892C-7426AD0DE918} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-08-08] (Nota Inc.)
Task: {862F71F8-302A-4148-997D-9C8B4B098022} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-24] (Microsoft Corporation)
Task: {88760C63-280E-42C8-A853-6BD59CDCC1F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-23] (Google Inc.)
Task: {ACBE1CD6-1986-457C-BFAB-C101D63FD2A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-24] (Microsoft Corporation)
Task: {B34FD4AE-B224-4DD9-AD80-6A729F65DD06} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {C71E3678-138E-444E-A436-9AACB1A7C3B1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {DCBE5998-3BCB-4656-A4C8-CFAD8EF061F1} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()
Task: {E0E2E8C4-81D1-43E7-B6E7-188E182B0B40} - System32\Tasks\Norton Security Scan for User007 => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
Task: {EC97E70B-9D0F-4C54-88EB-2814352C70A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {EF6194E0-9286-4C2E-A762-6415F83045A2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {F5D1762B-534B-4A62-9AA8-91E6B7143AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {F9669CCB-E179-43AD-86F8-CE2EDC350529} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-24] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb

==================== Loaded Modules (Whitelisted) ==============

2018-08-12 22:39 - 2018-08-21 12:14 - 000142888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-04 13:17 - 2013-10-08 14:23 - 000890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2018-08-12 22:32 - 2018-07-19 22:16 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-03-14 21:13 - 2018-03-14 21:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-05-31 01:27 - 2018-09-06 15:28 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-31 01:27 - 2018-09-06 15:28 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-08-12 22:32 - 2018-07-19 22:15 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-06-02 09:47 - 2016-09-18 12:05 - 008166536 _____ () C:\Program Files (x86)\SpeedFan\speedfan.exe
2018-08-12 22:32 - 2018-07-19 22:16 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-05-08 13:41 - 2018-05-08 13:41 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2018-08-27 12:54 - 2018-09-08 12:34 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
2014-12-04 13:18 - 2018-09-08 12:34 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2014-04-03 17:48 - 2014-04-03 17:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User007:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User007\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4136323759-1055153502-2705366783-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{14F1DAAB-049A-4481-8B35-31F51C6F321F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{D1CEAF50-B13B-4972-909E-85813DC4DF96}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6D623C95-53DD-40A0-8292-8F42DA327F08}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9F9DA079-99E2-4DC6-A9D0-1B731C2B2118}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C4659EC7-A588-4067-B2FF-1AB8313D2183}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{74757D24-CDA6-441C-AB2E-DE861712458A}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5C918C4F-3F38-4E03-A79C-4BE0281B6FC4}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3B63C522-6CB7-470B-8285-8908E3068500}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{DEB88C5C-8847-4488-9E83-A030A7E8E344}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{98596ECB-9BAA-4EF5-9795-267DDDF94603}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{486AB59A-A1D8-406F-A375-C1ABD828AA7D}D:\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{A7A58457-3B38-4BAB-840C-561582E96BD5}D:\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{A4935A66-10EC-4321-BC67-EFEBC482FAB9}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{9CB6B898-616A-4B0D-BE5B-FC62D5900B2F}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{6BD82F76-8DEB-4AB9-B64B-B72086B1CAD3}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{D5AAE783-8709-47D0-9C1E-68ECE80B9C77}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [TCP Query User{D9137134-6D25-465D-9826-3D9757789D42}D:\program files\fifa 18\fifa18.exe] => (Allow) D:\program files\fifa 18\fifa18.exe
FirewallRules: [UDP Query User{23690659-FAEC-4B9C-893F-EC8863D181B0}D:\program files\fifa 18\fifa18.exe] => (Allow) D:\program files\fifa 18\fifa18.exe
FirewallRules: [{6834FC34-AACA-48A3-A69D-F46D6583A8D0}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{C53F207E-1130-4604-A5B3-B6FDB7BABCFB}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{4364DE31-CA9D-473E-BFE0-1DD8355D283E}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{7A0E25F9-D6EF-4792-A27C-7C96BA4C2BC6}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{6C65CCB7-84C1-473E-9CFC-65C0BA543741}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D2518DF1-0CBA-4D99-A54B-CE9A091987BE}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{F448F383-AF02-450C-B776-550D18722F99}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{02801158-F4AF-41A9-9677-DFDEC9A64422}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DB2B8DD4-062B-4C26-A472-8EC11BE7A286}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F29DDA2D-B044-42D4-BAFD-0194233724EC}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{197D92A3-E2B6-4B89-B218-9CBF414F6178}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{B4E9AC88-64A2-4977-9FA8-CED2C0532BF1}D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{31B34810-8DA3-49C7-9C31-68F6BD54CE02}C:\users\user007\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D56CDAB7-1F96-4B31-832F-B1106E63746D}C:\users\user007\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{86BE02EE-8CB2-4B0A-B203-55DDE75B87CD}] => (Block) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62B1DE4A-1B37-4AD2-8C3C-CA11A694BCAD}] => (Block) C:\users\user007\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2E93F6CE-DC30-44CA-A432-802D50B58B5E}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{1DE58D68-E0C1-4A0F-A6A9-7F972D5B5321}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{23272254-9EAB-4A8A-B4D1-414F2EBECC8F}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D6CDFB5F-93D4-47EA-9522-4BAE8F45D930}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{40D763E5-77A2-4A3E-AF00-49F3137D2475}] => (Allow) D:\Steam\steamapps\common\FORTIFY\Fortify.exe
FirewallRules: [{2F4A5F84-FF11-4F94-A18A-F0579DAAC817}] => (Allow) D:\Steam\steamapps\common\FORTIFY\Fortify.exe
FirewallRules: [{D18733A9-FBF6-474F-9BE3-B26BD542685A}] => (Allow) D:\Program Files\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A4839233-0F1F-4126-A22B-972FEE7F1CDB}] => (Allow) D:\Program Files\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{29B429AD-EC5A-4177-8712-402174EE810D}] => (Allow) D:\Program Files\World_of_Tanks\worldoftanks.exe
FirewallRules: [{120F0258-47BD-4E4A-831D-74243EBA138C}] => (Allow) D:\Program Files\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{7423E388-FBCF-43E1-B88A-F33964FDFE08}D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{72B35740-62FF-4830-87BF-14F96556B287}D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944 test zone\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{CEDC2396-57EC-484E-9FFB-9B508E60960B}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{08F9CB81-74E9-451C-855F-719819E57983}D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4CAB9DAD-FDF6-42E9-9066-308073D9214C}] => (Block) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A0153AC8-0E3A-4F0A-8242-15C730983865}] => (Block) D:\program files\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3B14838C-2E77-45AA-98F8-AB676F991947}] => (Allow) D:\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe
FirewallRules: [{D474A942-F906-4EA6-85E9-018E9DEB8251}] => (Allow) D:\Steam\steamapps\common\BATTALION 1944 TEST ZONE\Launcher\BattalionLauncher.exe
FirewallRules: [{D5DB7B32-A9A6-40BE-A214-7039A4D823D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{123871AA-5FE5-44A1-BF5A-3A226B5236A2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C84354CD-F93D-4F9F-862B-D93D62EA9FD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CDF54B15-8068-48AC-9210-31F8E47C2A45}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{BF5AD8B9-47B7-42C5-9953-106195972C3D}D:\program files\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{AF17E724-26DA-4E77-99C8-469A1AB37224}D:\program files\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{B34CC4B3-BF73-46BC-BBDE-687756793563}] => (Block) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{499C9668-7670-48E3-89F2-7D150F968EB6}] => (Block) D:\program files\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{E0C26A57-56DE-4FA2-B468-6149044F80AC}] => (Allow) D:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{03BA39DA-FDD5-4C84-81E0-9D3C1D46939E}] => (Allow) D:\Program Files\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{7D7C39FE-294B-434E-BF69-44F16A522F13}D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{5B0ACC11-D921-43C7-B66C-11670335AB40}D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{DC5AC6A6-2CA9-43CF-A7C8-800AA582756D}] => (Block) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{31334B43-3921-4855-B3B4-AC5BF497FE07}] => (Block) D:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8CDF08E5-B396-454B-B5AA-03A9054A5F90}D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4F98FFA0-93A1-4EEA-B5D4-A0C56EDCBBC3}D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{400B61FE-8B8C-41A0-A11C-5165C58865F4}] => (Block) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{6621D037-6F7C-45B7-AE28-D68583086C63}] => (Block) D:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{7AF6078E-A051-41F4-91E0-573BD8C84240}D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Allow) D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe
FirewallRules: [UDP Query User{D65D0F17-FE21-43A0-B159-71BBB23E5C63}D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe] => (Allow) D:\steam\steamapps\common\hunt showdown (test server)\bin\win_x64\gamelauncher.exe
FirewallRules: [TCP Query User{3FB902E6-D34B-40F8-BBF8-7BCF75DB95DD}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{C7074100-D903-43D0-8DBF-3CF532E9E32D}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{CFB5D18C-ADB2-4B22-BFB9-824E138FF8E6}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [UDP Query User{966A6D0E-F6BB-48D3-9238-85F5C630DBF2}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{E5B8EEA8-6469-4162-8FE1-789007D9E829}D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [UDP Query User{EA02DA6F-9F7C-4A0B-90D7-63D261B5DFD1}D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [{33D10E45-077D-4015-9014-00626F5F8AFF}] => (Block) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [{A19A6C72-B255-4735-9731-A724A1469422}] => (Block) D:\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [TCP Query User{C787DD17-BDD2-455A-AAD1-C878B8C5032A}C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [UDP Query User{00D95BC1-D49B-4DBA-9C45-D3DCDE21062C}C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe] => (Allow) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{81CCC74B-A845-4F97-B682-DBEE43EB5B7A}] => (Block) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{AD7E3E66-8267-4A28-9A2F-217AA9E5BA14}] => (Block) C:\users\user007\appdata\roaming\gamemaker-studio\runner.exe
FirewallRules: [{6F647243-1D22-4EB8-BA22-1066FD165348}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{6690BC9E-A8F9-4049-8CEC-4B58EC5D0FB8}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{2EEB0B46-B5C5-4BEB-AD96-98F7CEF4765C}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [{714A7A2E-BFB8-44D6-B91B-EDB4CFF681B3}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [TCP Query User{25A4D7AA-5EEE-473B-BCDF-2B02986E3314}D:\program files\nhll\nhl2009.exe] => (Allow) D:\program files\nhll\nhl2009.exe
FirewallRules: [UDP Query User{ACF2800B-2F57-4D87-A905-B26961B878B3}D:\program files\nhll\nhl2009.exe] => (Allow) D:\program files\nhll\nhl2009.exe
FirewallRules: [{A5A8452C-38F3-4BB7-B535-D6A02E3EEFDD}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{13915B7F-667C-4F32-9085-47B41E44C94D}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CE1955F9-18B0-4FD6-8C8F-234AD8DD09A0}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{39479846-53BC-485F-8ABC-B68F085BCFEF}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [TCP Query User{483BAE7D-81C9-43CC-91E4-A7F21EDD41D5}D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{429F4C7A-352F-434E-81C9-74467DA33FF6}D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{C498742C-3CB2-4080-BD2F-6D9709552401}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{B6AB9DC5-AEBF-4594-BBC2-4B211CA053AB}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{F01B14E1-D7A0-4AF4-B169-FED0B330AF9B}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{5855BDC3-6DE6-4F8F-A473-2B5DEBAC02C1}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [{230E79B8-EA53-4663-AE3B-B01AFD47C196}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{8A49C900-289C-4336-91A6-3BBCBE9DE500}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{374D52F7-526B-4B89-85E9-7AD977A70C91}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{60FB9601-C49C-4C9E-9955-D98C947C6183}] => (Allow) D:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{303B2490-A1CC-4FC4-907E-4F8E132D3754}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{06141DD5-1AA0-489E-8543-B03DE48A6365}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{DA2A9889-B801-416B-87E2-C2223461C110}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{75E37A1C-5376-4601-8E2C-AD7A67D1F313}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ECD48977-10DC-48FC-A841-76DE322A89EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C2704404-ADED-43E2-BD47-B8E40255ECBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F18D66B5-B68F-4AF2-97B7-5AA37AD742DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8FF3D4F2-97DB-4AE9-99AC-A7DD8EC41A22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1466BBDA-E2DB-4BED-9110-CC00FB929B6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0EA8C30E-1B63-437C-9D48-7FF3B6F63A0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{55E3E04A-7C30-4A6F-8675-BF8A676A9D56}] => (Allow) D:\Program Files\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [{41A5E966-A37C-4147-A9A4-576D7122468D}] => (Allow) D:\Program Files\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [{ED4B6378-5B96-464E-BF7D-36E434D5519B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E729CE81-33C1-4E1A-83DA-790B6FA33AD1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{49F7A19D-B11B-45FD-BDCE-E0B7BE037967}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{86322F21-EB4B-4DE8-A589-7C9EDB163A19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{258C1119-A7C3-4E34-9EFA-440766AE1695}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\FarCry5.exe
FirewallRules: [{B14E537F-756D-488D-97B5-2BA132D4C75C}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\ArcadeEditor64.exe
FirewallRules: [{A2C722F6-15BC-4535-84AC-A22B4B2BF5D4}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\FarCry5.exe
FirewallRules: [{C6117880-4852-412C-8761-56958313AA1B}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Far Cry 5\bin\ArcadeEditor64.exe
FirewallRules: [{29888D7A-A575-4F73-B77B-7D364043CDA1}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{7468C234-56BE-4E6A-BD1B-B063346DEADC}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0F90DB60-1209-47C6-BC57-0A92368E22D9}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe
FirewallRules: [{59559975-402B-4F7D-9AB3-784E8E2E89DA}] => (Allow) D:\Program Files\Uplay\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe
FirewallRules: [TCP Query User{48CDEB17-8D9D-4C9C-9F5F-F951E81F7150}D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0ECC81AC-6282-4E54-8F82-2D1F1C28B8CF}D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B9C8D493-D63B-485C-98A4-9BB5C963098C}D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{982B301E-A9E4-4F16-8F5D-86B29659447B}D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) D:\program files\lol\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{FB650BD0-BD4C-46F6-BFAA-3C7467ADFE15}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5F1ABDED-D89B-43CD-B1A3-B4E3BE9A57B4}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A81831DD-889E-41D0-A7A8-5C16202A96EA}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CF4977A9-A8D6-416E-BD21-05EDCC988825}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{D7F49132-090A-41A8-A97C-ECB5CDD24D20}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{0EC2ED7F-6699-45E2-9AA6-2B5D39E93904}] => (Allow) D:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{A4E24F92-BA18-4790-A151-A6A8C63AFEF0}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{7D555A8F-BF64-4CC1-95ED-BD7C65A1876C}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{F0638BCD-3159-4240-864D-C116B8F23A8B}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{F51BD62E-A620-45A5-A5E5-B44A0BC36B35}] => (Allow) D:\Program Files\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{2F0F1EC0-9B39-48D1-89EF-A70B769E637A}] => (Allow) D:\Program Files\Origin Games\Battlefield V Open Beta\bfvob.exe
FirewallRules: [{CE68C17E-D013-4286-995C-CD63A91E8143}] => (Allow) D:\Program Files\Origin Games\Battlefield V Open Beta\bfvob.exe
FirewallRules: [{F786E773-D4BD-4194-97D7-0380C78147B7}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0520112D-DE77-444C-BDD0-EF94D31E8FF3}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{651CA78A-D45D-4EF3-8DDD-01D49417F93D}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5034A0D3-D22A-4E7B-9D40-BC35886E8F66}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe

==================== Restore Points =========================

26-08-2018 18:02:23 Nainstalováno rozhraní DirectX
02-09-2018 18:24:57 Nainstalováno rozhraní DirectX
04-09-2018 15:29:24 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2018 12:28:23 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/07/2018 12:28:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/06/2018 08:33:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/06/2018 05:52:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (09/06/2018 01:35:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/05/2018 12:28:23 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/04/2018 12:28:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/03/2018 12:28:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/08/2018 12:33:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Razer Game Scanner neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Game Scanner byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Chroma SDK Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/08/2018 12:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Chroma SDK Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2018-09-07 12:38:46.880
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91B0DD86-4BC1-4A85-A6B8-D4E500EA94FD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 20:44:04.462
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC2694B2-F8DB-4416-878E-B599A91C4BDC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-06 18:02:48.655
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F2C07A13-563D-4876-A80C-9691B8FDEB00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-04 15:34:06.380
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {60D885E9-91E2-4F5A-AE32-ABA4A0F747E3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-08-30 17:20:34.846
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C6A339E8-F171-4BB8-B1A0-056F4C59AD32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-08-22 21:07:41.111
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 119.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.107
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.107
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-08-22 21:07:41.076
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1749.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-05-16 15:21:49.050
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.267.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14800.3
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-08-24 14:00:46.477
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-24 14:00:46.166
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-23 16:16:55.484
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-23 16:16:55.201
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 24%
Total physical RAM: 8120 MB
Available physical RAM: 6097 MB
Total Virtual: 16312 MB
Available Virtual: 13623.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:62.99 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:159.45 GB) NTFS
Drive e: (DISK-E) (Fixed) (Total:596.16 GB) (Free:406.5 GB) NTFS

\\?\Volume{f1d3aa84-7ba5-11e4-824e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 805D29D4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 805D29CC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 596.2 GB) (Disk ID: 5632687A)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    VirusTotal: C:\Program Files\Core Temp\Core Temp.exe
    Folder: C:\Program Files\Core Temp
    File: C:\Program Files\Core Temp\Core Temp.exe
    File: C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
    File: C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
    CMD: type "C:\Program Files (x86)\ziiugfdbmr.dat"
    
    HKLM-x32\...\Run: [] => [X]
    R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
    S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
    S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
    2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H () C:\Program Files (x86)\ziiugfdbmr.dat
    2014-12-04 13:18 - 2018-09-08 12:34 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
    2018-08-27 12:54 - 2018-09-08 12:34 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
    Task: {799A4891-6A06-4C0F-8608-BA584AFF3C44} - System32\Tasks\Core Temp Autostart User007 => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
    AlternateDataStreams: C:\Users\User007:Heroes & Generals [38]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
    C:\Program Files\Core Temp
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Re: Prosím o kontrolu logu

#7 Příspěvek od flatoutik »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by User007 (09-09-2018 22:31:01) Run:1
Running from C:\Users\User007\Desktop
Loaded Profiles: User007 (Available Profiles: User007)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Program Files\Core Temp\Core Temp.exe
Folder: C:\Program Files\Core Temp
File: C:\Program Files\Core Temp\Core Temp.exe
File: C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
File: C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
CMD: type "C:\Program Files (x86)\ziiugfdbmr.dat"

HKLM-x32\...\Run: [] => [X]
R3 ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
2018-08-22 07:51 - 2018-08-22 07:51 - 000000048 ____H () C:\Program Files (x86)\ziiugfdbmr.dat
2014-12-04 13:18 - 2018-09-08 12:34 - 000192512 _____ () C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
2018-08-27 12:54 - 2018-09-08 12:34 - 000158720 _____ () C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
Task: {799A4891-6A06-4C0F-8608-BA584AFF3C44} - System32\Tasks\Core Temp Autostart User007 => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
AlternateDataStreams: C:\Users\User007:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
C:\Program Files\Core Temp

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 16
Average :
Sum : 10412670
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

VirusTotal: C:\Program Files\Core Temp\Core Temp.exe => https://www.virustotal.com/file/da7360c ... 536299259/

========================= Folder: C:\Program Files\Core Temp ========================

2014-12-04 13:17 - 2013-10-08 14:23 - 000890016 ____A [E8F746CD86EFBCD5AB43F01A59CFE49D] () C:\Program Files\Core Temp\Core Temp.exe
2014-12-04 13:17 - 2016-09-18 12:13 - 000001355 ____A [D3F432B4AD609890C86AB1CBBED687B9] () C:\Program Files\Core Temp\CoreTemp.ini
2014-12-04 13:17 - 2013-10-08 14:20 - 000027155 ____A [FAF7BA3B9544210796D6364771E9929D] () C:\Program Files\Core Temp\Changes.txt
2014-12-04 13:17 - 2010-06-30 19:32 - 000006594 ____A [932B5FB4B60BBA2DBF7D178518C69670] () C:\Program Files\Core Temp\License.txt
2014-12-04 13:17 - 2010-09-06 04:55 - 000003630 ____A [9AB877751224D96448876F7ECF15559F] () C:\Program Files\Core Temp\Readme.txt
2014-12-04 13:17 - 2013-12-01 21:22 - 000018867 ____A [30A05374A7D0F4F63EEFCC98B87D2DF1] () C:\Program Files\Core Temp\unins000.dat
2014-12-04 13:17 - 2013-12-01 21:22 - 001193161 ____A [467E3D2E77E846B0EDB07B4DEDD5215E] () C:\Program Files\Core Temp\unins000.exe
2014-12-04 13:17 - 2014-12-04 13:17 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\Core Temp\Languages
2014-12-04 13:17 - 2012-01-25 15:45 - 000056057 ____A [D8B810613B3F333FA6AD901902C79A25] () C:\Program Files\Core Temp\Languages\de-DE.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000055628 ____A [0C675E198488845C65F1A0AF96CE1724] () C:\Program Files\Core Temp\Languages\fi-Fi.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000056911 ____A [426FAF5AFA3BDB0CABCAD0C37145E9DB] () C:\Program Files\Core Temp\Languages\fr-FR.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000057615 ____A [04EB5F5EDE7117BE8AA96AB1CA4B349E] () C:\Program Files\Core Temp\Languages\he-IL.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000057463 ____A [0A85B7A06B8276DE75F1FAFE39A4D3D8] () C:\Program Files\Core Temp\Languages\ja-JP.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000055949 ____A [116106FE5B1A370DFC46D11C0AB7FBBC] () C:\Program Files\Core Temp\Languages\nl-NL.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000060974 ____A [04B7C069CB3D100281314F82E085616E] () C:\Program Files\Core Temp\Languages\ru-RU.lng
2014-12-04 13:17 - 2012-01-25 15:45 - 000054193 ____A [DD080E139E11125FAEF8698F514166BC] () C:\Program Files\Core Temp\Languages\sv-SV.lng
2014-12-04 13:17 - 2012-01-25 15:43 - 000060682 ____A [F346B830268088AEB192F76F18911372] () C:\Program Files\Core Temp\Languages\ua-UA.lng
2014-12-04 13:17 - 2014-10-01 00:57 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\Core Temp\Plugins
2014-12-04 13:17 - 2014-10-01 00:57 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer
2014-12-04 13:17 - 2013-04-15 20:40 - 000013824 ____A [EDE636B249B22AC7CBCD04CAC385940B] (Alcpu) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll
2014-12-04 13:17 - 2013-04-21 15:21 - 000026112 ____A [EC229247DE9FFF9C4339FE93238B0F0A] (Microsoft) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll
2014-12-04 13:17 - 2011-09-08 14:41 - 000011776 ____A [2C34B55A3F05CA021EBCAB34F7C92141] (Microsoft) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\Logger.dll
2014-12-04 13:17 - 2011-06-17 23:21 - 000000136 ____A [548F8F26370AE22C5CEACD72ED8EE240] () C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\Plugin.cfg
2014-12-04 13:17 - 2013-04-15 20:17 - 000112128 ____A [826A73A5A224ABCA94A9DA2FF064906F] (Alcpu) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll
2014-12-04 13:17 - 2013-04-15 20:17 - 000095232 ____A [B7E12DCDE557479E781D1A5D8C59AA82] (Alcpu) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\PluginNetInterface-x86.dll
2014-12-04 13:17 - 2011-08-30 16:09 - 000000524 ____A [91302885F4607CC39A8E67DF37A323C5] () C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\Readme.txt
2014-12-04 13:17 - 2011-09-08 14:41 - 000008192 ____A [C84B662C958E6D80106E267CA06CCF10] () C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\SystemInfo.dll
2014-12-04 13:17 - 2011-09-08 14:41 - 000013312 ____A [CC2E36FCE6F64E2058B57AC1E3764456] (Microsoft) C:\Program Files\Core Temp\Plugins\CoreTempRemoteServer\TcpServer.dll

====== End of Folder: ======


========================= File: C:\Program Files\Core Temp\Core Temp.exe ========================

C:\Program Files\Core Temp\Core Temp.exe
File is digitally signed
MD5: E8F746CD86EFBCD5AB43F01A59CFE49D
Creation and modification date: 2014-12-04 13:17 - 2013-10-08 14:23
Size: 000890016
Attributes: ----A
Company Name:
Internal Name: Core Temp
Original Name: Core Temp.exe
Product: Core Temp
Description: CPU temperature and system information utility
File Version: 1.0.6.0
Product Version: 1.0.6.0
Copyright: Copyright (C) 2006 - 2013 Alcpu
VirusTotal: https://www.virustotal.com/file/da7360c ... 536299259/

====== End of File: ======


========================= File: C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll ========================

C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll
File not signed
MD5: 7E7EB7AFF595774E5E500B34058CC1A7
Creation and modification date: 2014-12-04 13:18 - 2018-09-09 11:10
Size: 000192512
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/d9c89e6 ... 532943193/

====== End of File: ======


========================= File: C:\Users\User007\AppData\Local\Temp\sfareca00001.dll ========================

C:\Users\User007\AppData\Local\Temp\sfareca00001.dll
File not signed
MD5: 51151D3AD8DA0DFA0E7A681AA2FF8870
Creation and modification date: 2018-08-27 12:54 - 2018-09-09 11:10
Size: 000158720
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/1bf07b5 ... 532943153/

====== End of File: ======


========= type "C:\Program Files (x86)\ziiugfdbmr.dat" =========

†Ą:w(çÇ

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#8 Příspěvek od Conder »

:arrow: Fixlog nie je cely, mal by koncit textom "==== End of Fixlog xx:xx:xx ===="
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Re: Prosím o kontrolu logu

#9 Příspěvek od flatoutik »

Omlouvám se, zde je zbytek:
========= type "C:\Program Files (x86)\ziiugfdbmr.dat" =========

†Ą:w(çÇ

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
ALSysIO => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ALSysIO" => removed successfully
ALSysIO => service removed successfully
"HKLM\System\CurrentControlSet\Services\cpuz138" => removed successfully
cpuz138 => service removed successfully
"HKLM\System\CurrentControlSet\Services\GPUZ" => removed successfully
GPUZ => service removed successfully
C:\Program Files (x86)\ziiugfdbmr.dat => moved successfully
C:\Users\User007\AppData\Local\Temp\sfamcc00001.dll => moved successfully
C:\Users\User007\AppData\Local\Temp\sfareca00001.dll => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{799A4891-6A06-4C0F-8608-BA584AFF3C44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{799A4891-6A06-4C0F-8608-BA584AFF3C44}" => removed successfully
C:\Windows\System32\Tasks\Core Temp Autostart User007 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Core Temp Autostart User007" => removed successfully
C:\Users\User007 => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Program Files\Core Temp => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 276985650 B
Java, Flash, Steam htmlcache => 406944912 B
Windows/system/drivers => 13738040 B
Edge => 0 B
Chrome => 787441052 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 40178 B
NetworkService => 35720 B
User007 => 318683773 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:31:21 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#10 Příspěvek od Conder »

:arrow: Vyzera to OK. Su nejake problemy s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

flatoutik
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 26 črc 2015 16:10

Re: Prosím o kontrolu logu

#11 Příspěvek od flatoutik »

Žádné problémy, takže díky moc! :thumbsup:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu

#12 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět