Dobrý den,
dnes mi přiša na můj hlavní email zpráva z jednoho z mých sekundárních emailů, zkratkový odkaz kamsi (neklikal jsem). Zdá se, že se někdo dostal do sekundární mailu, rozeslal několik spamů, změnil heslo na steamu (to už mám zpět). Lokace byla Vietnam. Prosím o kontrolu PC, zda zde není keylogger nebo něco podobného.
Děkuji.
Zde log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2020
Ran by L (administrator) on DESKTOP-32STAAT (Gigabyte Technology Co., Ltd. P67A-UD3-B3) (09-12-2020 10:47:57)
Running from C:\Users\L\Desktop
Loaded Profiles: L
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-06-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [371304 2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\WINDOWS\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\WINDOWS\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08D2F711-3250-4CAD-8F40-5978E97F36AB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1D9A65D9-85A9-4655-BB85-C5D144ED1AF3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {371DC6CA-EE81-4888-A140-DE6605930899} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-14] (Adobe Inc. -> Adobe)
Task: {50FBBAE4-3B4B-419C-BBF7-3942DE051D4A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E592A11-3DB2-45A4-A762-A71E2B30DD2E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6F5F6AE1-C9B2-443A-94BD-A4441F63AA80} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {774C2C4E-EE97-449F-AF7E-9C21FB5F4DB0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7B6CA9E4-1889-4183-A5B7-20FC5F44614C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A867E59A-E9BA-43E9-88B3-CF528334FCB3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B552A264-41F2-4709-9F1A-2848B6589416} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {D1054889-9745-4CA2-BDB7-EC9B7745FD4F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1EF71B7-491B-49D3-8A36-8F00F4AF663E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E1CEFBAB-E71B-4612-8C26-7C4E79393C02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{472b527d-5058-45a2-ac57-0aebd5a3e0e4}: [DhcpNameServer] 213.46.172.38 213.46.172.39
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\L\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-14]
FireFox:
========
FF DefaultProfile: 8yeav4tp.default
FF ProfilePath: C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\8yeav4tp.default [2019-06-15]
FF NewTab: Mozilla\Firefox\Profiles\8yeav4tp.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190615
FF ProfilePath: C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\za7g8ypn.default-release [2020-12-09]
FF Homepage: Mozilla\Firefox\Profiles\za7g8ypn.default-release -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\za7g8ypn.default-release -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190615
FF Extension: (BetterTTV) - C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\za7g8ypn.default-release\Extensions\firefox@betterttv.net.xpi [2020-11-29]
FF Extension: (Tampermonkey) - C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\za7g8ypn.default-release\Extensions\firefox@tampermonkey.net.xpi [2020-11-05]
FF Extension: (uBlock Origin) - C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\za7g8ypn.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (No Name) - C:\Users\L\AppData\Roaming\Mozilla\Firefox\Profiles\za7g8ypn.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2019-10-19] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-06-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-03-10] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [528576 2019-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220352 2019-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1191624 2019-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1086656 2019-06-06] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-10-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-06-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2020-10-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [117456 2020-10-29] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2020-10-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_swmon; C:\WINDOWS\System32\Drivers\klupd_klif_swmon.sys [241112 2020-10-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-06-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-28] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-09 10:47 - 2020-12-09 10:48 - 000015730 _____ C:\Users\L\Desktop\FRST.txt
2020-12-09 10:47 - 2020-12-09 10:48 - 000000000 ____D C:\FRST
2020-12-09 10:46 - 2020-12-09 10:46 - 002288640 _____ (Farbar) C:\Users\L\Desktop\FRST64.exe
2020-12-06 18:29 - 2020-12-06 18:29 - 000000000 ____D C:\Users\L\AppData\Local\DOSBox
2020-12-06 16:22 - 2020-12-06 16:22 - 000000000 ____D C:\Users\L\Documents\Bandicam
2020-12-06 16:13 - 2020-12-06 16:13 - 000000000 ____D C:\Users\L\AppData\Roaming\Bandicam Company
2020-12-06 16:12 - 2020-12-06 16:13 - 000000000 ____D C:\Users\L\AppData\LocalLow\uTorrent
2020-12-03 15:05 - 2020-12-03 15:05 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-03 15:04 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-03 15:04 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-03 15:04 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-03 15:04 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-03 15:04 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-03 15:04 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-03 15:04 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-03 15:04 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-03 15:04 - 2020-11-23 15:40 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-03 15:04 - 2020-11-23 15:40 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-03 15:04 - 2020-11-23 15:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 007706352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445751.dll
2020-12-03 15:04 - 2020-11-23 15:37 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445751.dll
2020-12-03 15:04 - 2020-11-23 15:32 - 005978008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-26 15:05 - 2020-11-28 14:59 - 000000000 ____D C:\Users\L\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2020-11-26 15:05 - 2020-11-26 15:05 - 000000000 ____D C:\Users\L\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2020-11-26 14:57 - 2020-11-26 14:57 - 000002559 _____ C:\Users\Public\Desktop\The Lord of the Rings, The Rise of the Witch-king.lnk
2020-11-26 14:57 - 2020-11-26 14:57 - 000002559 _____ C:\ProgramData\Desktop\The Lord of the Rings, The Rise of the Witch-king.lnk
2020-11-26 14:54 - 2020-11-26 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2020-11-26 14:54 - 2020-11-26 14:54 - 000002418 _____ C:\Users\Public\Desktop\The Battle for Middle-earth (tm) II.lnk
2020-11-26 14:54 - 2020-11-26 14:54 - 000002418 _____ C:\ProgramData\Desktop\The Battle for Middle-earth (tm) II.lnk
2020-11-26 14:53 - 2020-11-26 14:57 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2020-11-18 08:03 - 2020-11-18 08:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-13 19:57 - 2012-06-14 09:37 - 000018944 _____ (Hewlett-Packard.) C:\WINDOWS\system32\Drivers\HPubA407.sys
2020-11-13 19:57 - 2011-10-31 17:12 - 000025088 _____ (Hewlett-Packard.) C:\WINDOWS\system32\Drivers\HPMoA407.sys
2020-11-12 17:49 - 2020-11-12 17:49 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-12 17:49 - 2020-11-12 17:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-12 17:48 - 2020-11-12 17:48 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-12 17:48 - 2020-11-12 17:48 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-12 17:48 - 2020-11-12 17:48 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-10 12:23 - 2020-11-10 12:23 - 000000000 ____D C:\Users\L\AppData\Local\LucasArts
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-09 10:47 - 2018-11-30 19:04 - 000000000 ____D C:\Temp
2020-12-09 10:38 - 2019-06-15 11:03 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-09 09:25 - 2020-03-10 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-09 08:04 - 2018-11-30 19:05 - 000000000 ____D C:\Users\L\AppData\LocalLow\Mozilla
2020-12-09 08:03 - 2019-06-14 22:43 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-08 23:09 - 2020-10-05 15:08 - 002787896 _____ C:\WINDOWS\ntbtlog.txt
2020-12-08 18:33 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-08 18:21 - 2020-06-07 10:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-08 17:55 - 2019-06-15 10:28 - 000000000 ____D C:\Users\L\AppData\Roaming\vlc
2020-12-08 14:13 - 2020-03-10 11:54 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-08 14:13 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-08 14:13 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-08 14:13 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-08 14:09 - 2019-06-15 10:50 - 000000000 ____D C:\Users\L\AppData\Roaming\Exodus
2020-12-08 14:06 - 2020-03-10 11:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-08 14:05 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-07 22:50 - 2019-08-15 16:42 - 000000000 ____D C:\Lukas
2020-12-07 11:23 - 2019-09-08 23:59 - 000000000 ____D C:\Knihy
2020-12-06 23:50 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-06 23:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-06 16:20 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-06 16:13 - 2019-06-15 10:46 - 000000000 ____D C:\Users\L\AppData\Roaming\uTorrent
2020-12-06 16:12 - 2019-12-28 00:34 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2020-12-06 16:12 - 2019-06-15 10:46 - 000000000 ____D C:\Users\L\AppData\Local\BitTorrentHelper
2020-12-05 11:08 - 2020-10-10 16:42 - 000002203 _____ C:\Users\L\Desktop\Exodus.lnk
2020-12-05 11:08 - 2020-10-10 16:42 - 000000000 ____D C:\Users\L\AppData\Local\exodus
2020-12-05 11:07 - 2018-11-30 19:51 - 000000000 ____D C:\Users\L\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2020-12-03 15:05 - 2019-06-15 10:04 - 000000000 ____D C:\Users\L\AppData\Local\NVIDIA
2020-12-02 09:36 - 2019-06-14 22:50 - 000000000 ____D C:\Users\L\AppData\Local\Packages
2020-12-01 17:56 - 2019-06-15 12:13 - 000000000 ____D C:\Users\L\AppData\Local\Battle.net
2020-11-28 20:46 - 2019-06-15 10:42 - 000000000 ____D C:\Users\L\AppData\Local\CrashDumps
2020-11-28 15:44 - 2019-06-14 22:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-28 15:44 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-28 10:45 - 2020-06-07 10:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-28 10:45 - 2020-06-07 10:03 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-24 15:20 - 2020-03-10 11:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 15:20 - 2018-12-07 17:23 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 15:32 - 2020-10-05 16:30 - 007006712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-11-22 14:29 - 2020-03-01 20:01 - 000058620 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-22 10:45 - 2019-07-19 19:50 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-11-22 10:45 - 2019-07-19 19:50 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-11-22 10:45 - 2019-07-19 19:50 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-11-22 10:45 - 2019-07-19 19:43 - 005510968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-11-22 10:45 - 2019-07-19 19:43 - 002636264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-11-22 10:45 - 2019-07-19 19:43 - 000194360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-11-22 10:45 - 2019-07-19 19:43 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-11-20 23:50 - 2020-10-01 15:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-20 19:29 - 2019-06-15 12:12 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-11-20 18:56 - 2019-06-15 12:14 - 000000000 ____D C:\Program Files (x86)\Overwatch
2020-11-20 12:47 - 2020-05-12 07:40 - 000000000 ____D C:\Users\L\AppData\Local\ElevatedDiagnostics
2020-11-20 12:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-20 12:32 - 2019-06-15 09:31 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-18 19:48 - 2019-07-13 18:43 - 000007621 _____ C:\Users\L\AppData\Local\resmon.resmoncfg
2020-11-18 19:20 - 2019-06-15 09:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-18 19:20 - 2019-06-15 09:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-18 08:03 - 2019-06-15 09:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-14 15:53 - 2020-03-10 11:52 - 000004604 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-14 15:53 - 2019-06-15 10:10 - 000000000 ____D C:\Users\L\AppData\Local\Adobe
2020-11-14 15:53 - 2019-03-19 05:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-14 15:53 - 2019-03-19 05:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-14 15:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-14 15:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-14 13:26 - 2019-07-12 16:47 - 000000000 ____D C:\Users\L\AppData\Roaming\The Creative Assembly
2020-11-12 20:27 - 2020-03-10 11:41 - 000301704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-12 20:27 - 2018-11-30 18:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-12 20:27 - 2018-11-30 18:56 - 000000000 ___RD C:\Users\L\3D Objects
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-12 20:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-12 17:56 - 2019-06-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-12 17:54 - 2019-06-15 09:33 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-12 17:54 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-12 17:49 - 2019-06-14 23:41 - 000410818 __RSH C:\bootmgr
2020-11-12 17:48 - 2020-03-10 11:44 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-12 11:00 - 2020-02-29 18:14 - 000907064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
==================== Files in the root of some directories ========
2019-07-13 18:43 - 2020-11-18 19:48 - 000007621 _____ () C:\Users\L\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nabouraný účet - email
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nabouraný účet - email
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020
Ran by L (09-12-2020 10:51:11)
Running from C:\Users\L\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-03-10 10:52:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3246024947-146863970-1688253747-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3246024947-146863970-1688253747-503 - Limited - Disabled)
Guest (S-1-5-21-3246024947-146863970-1688253747-501 - Limited - Disabled)
L (S-1-5-21-3246024947-146863970-1688253747-1001 - Administrator - Enabled) => C:\Users\L
WDAGUtilityAccount (S-1-5-21-3246024947-146863970-1688253747-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {B558F217-D667-9806-B388-2B026DB849E4}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {0E3913F3-F05D-9788-8938-1070163F0359}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Europa Universalis IV Golden Century (HKLM-x32\...\Europa Universalis IV Golden Century_is1) (Version: 0.0.0 - DODI-Repacks)
Exodus (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\exodus) (Version: 20.12.4 - Exodus Movement Inc)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.2 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 457.51 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ZoneAlarm Antivirus (HKLM-x32\...\{B451539E-3663-4A0D-9C17-F8941BC3E8A0}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{9FC42B4A-1F1E-4BD4-BA74-10C7E5E26FEB}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.111.18054 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{E090C456-D826-4E0C-9833-34DE06D5F258}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-02] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1910.3.0_x86__kgqvnymyfvs32 [2020-12-04] (king.com)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files (x86)\DAEMON Tools Lite\dtshl64.dll [2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files (x86)\DAEMON Tools Lite\dtshl64.dll [2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-04 09:54 - 2019-06-04 09:54 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-14 23:34 - 2019-06-14 23:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\L\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "ZaAntiRansomware"
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7F495C14-B1E6-4063-B69D-753BAC46B080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{2C201578-9277-4121-BA71-87AC40F900A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{4B48DB15-087B-4CAE-9E3B-99A33512997A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{D1D7701D-434D-4587-A474-1CCA5B73BD8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{A1BD5385-8CB6-4F3B-B22A-6A378B9B4FAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{B7594238-F1A2-46DC-B6C9-43A6C9B5D797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{CA5B1936-0B86-45A7-8C82-9E7AD54D0E02}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55BDDA78-325A-4258-AE6C-B3A8EE35C992}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{71D92B90-C279-4E03-997F-1520B7D5EE0A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F9F94A77-E47A-4A18-A8DA-C313334A9910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E2004D1B-C81A-4A08-A888-B8BB3977F89B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{4FF489B6-AAC0-4235-BBD6-1BBC54C00BA1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0D51F6A8-E850-4121-9ED6-AF3D36C8D67D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{812B464C-AB78-4043-8336-E883D2A43827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{00876B0F-93BB-4699-BD0C-EA6529A38E11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{58BD34F0-11CA-4642-AB2B-FC8529B5A1C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{8B3E5611-BC53-4B01-BED7-7889EC1DB068}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E0FA69E7-2BE8-4EBB-B2DF-C9C4CB7FA40A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FF263550-51D3-4AEA-9029-E8AA1B4FD5A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C4F6EC3C-8E19-4664-B0CD-63A12EA40BF3}] => (Allow) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{648002B9-4C52-4433-8DF4-DF103BC76334}] => (Allow) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{08C2F290-A7B6-4E83-B228-E8850B1D8FF9}] => (Allow) C:\Program Files (x86)\utorrent.exe => No File
FirewallRules: [{04F0631E-A7CC-4487-8C41-B51E19EC07E7}] => (Allow) C:\Program Files (x86)\utorrent.exe => No File
FirewallRules: [{9A376BA3-C272-4724-88BD-D91E4965EC5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6B3FAF03-4B71-4F96-B80F-6DE6C3D7F808}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B512AB02-E86F-4A4C-B3E3-3BA161A1FBFD}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{A8BC71D4-8048-4BF7-997C-0237BA7DF1E0}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{C99B37E7-A160-4261-945F-CA9F2B57D3F4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F858F977-A505-45DA-9F54-C375568D9F2F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{5CEA0C7C-99C7-49E0-8316-7AE401BCD3A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EBFE9442-C234-425F-B035-5CB622F9202D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DDB6B667-D775-45CC-A037-41175DABF5A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4E00A8BC-C22E-4CA0-898C-1330804A8303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4701614E-2572-4534-9279-3DEA7205B0DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{1DF9B3F2-7309-48A7-ABFC-A2D30980F04F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{F0E517E1-24CB-4B4B-995B-F246760D77F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom Rush Vengeance\Kingdom Rush Vengeance.exe (Ironhide S.A.) [File not signed]
FirewallRules: [{EDE5FCAA-B9A1-4346-8433-443D98845E92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom Rush Vengeance\Kingdom Rush Vengeance.exe (Ironhide S.A.) [File not signed]
FirewallRules: [{14C83F26-3F40-4E1A-A35B-2D05DF1C4852}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7667A3E6-376F-4845-A238-2199077B75DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9D88F57-70DA-4ACF-AFFF-D6D9E5122967}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57D4F814-B3F5-4B8A-98DC-B39604970E9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{90EE6F6B-E4E3-4D80-BA2C-EAEAADF92EAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48E9D479-3F0B-4A0F-A11C-B1520F20A525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{6BF17582-E26D-42C6-88AD-A27C00A5BD97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{A602C296-AC2D-40EF-913B-78141F035E26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{5C8ADA90-5288-4392-B280-3E486330EC7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{862E562B-1E7F-41E6-B4C8-EC49FE23E574}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{165F5714-CC3E-4356-BB83-7E9A97CF5E7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{54816FBE-5D0D-4080-92EB-7BC3376C7ED4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{4E91CF02-5404-421B-8B63-4DFB41B4DF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{A6B388A5-635B-4BC8-AB78-800E9696D338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
==================== Restore Points =========================
26-11-2020 14:54:26 Nainstalováno rozhraní DirectX
05-12-2020 15:31:57 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/09/2020 10:51:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1656,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:34:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9600,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:21:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1724,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:10:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8428,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:54:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5284,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:44:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7080,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:03:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 08:49:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/08/2020 09:13:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/08/2020 09:13:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (12/06/2020 04:26:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueVector Internet Monitor byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2020 04:20:28 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/03/2020 05:31:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/03/2020 03:05:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (12/03/2020 03:05:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (12/02/2020 09:25:30 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===================================
Date: 2020-12-09 08:06:32.210
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.197
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.192
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.163
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.089
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.083
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.019
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F2 02/22/2011
Motherboard: Gigabyte Technology Co., Ltd. P67A-UD3-B3
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 55%
Total physical RAM: 8175.43 MB
Available physical RAM: 3607.81 MB
Total Virtual: 13807.43 MB
Available Virtual: 6791.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.72 GB) (Free:88.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{372597b8-0000-0000-0000-305074000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 372597B8)
Partition 1: (Not Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=464.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)
==================== End of Addition.txt =======================
Ran by L (09-12-2020 10:51:11)
Running from C:\Users\L\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-03-10 10:52:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3246024947-146863970-1688253747-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3246024947-146863970-1688253747-503 - Limited - Disabled)
Guest (S-1-5-21-3246024947-146863970-1688253747-501 - Limited - Disabled)
L (S-1-5-21-3246024947-146863970-1688253747-1001 - Administrator - Enabled) => C:\Users\L
WDAGUtilityAccount (S-1-5-21-3246024947-146863970-1688253747-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {B558F217-D667-9806-B388-2B026DB849E4}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {0E3913F3-F05D-9788-8938-1070163F0359}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Europa Universalis IV Golden Century (HKLM-x32\...\Europa Universalis IV Golden Century_is1) (Version: 0.0.0 - DODI-Repacks)
Exodus (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\exodus) (Version: 20.12.4 - Exodus Movement Inc)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.2 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 457.51 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ZoneAlarm Antivirus (HKLM-x32\...\{B451539E-3663-4A0D-9C17-F8941BC3E8A0}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{9FC42B4A-1F1E-4BD4-BA74-10C7E5E26FEB}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.111.18054 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{E090C456-D826-4E0C-9833-34DE06D5F258}) (Version: 15.6.111.18054 - Check Point Software Technologies Ltd.) Hidden
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-02] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1910.3.0_x86__kgqvnymyfvs32 [2020-12-04] (king.com)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files (x86)\DAEMON Tools Lite\dtshl64.dll [2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files (x86)\DAEMON Tools Lite\dtshl64.dll [2019-06-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-06-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-04 09:54 - 2019-06-04 09:54 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-06-14 23:34 - 2019-06-14 23:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\L\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "ZaAntiRansomware"
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3246024947-146863970-1688253747-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7F495C14-B1E6-4063-B69D-753BAC46B080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{2C201578-9277-4121-BA71-87AC40F900A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{4B48DB15-087B-4CAE-9E3B-99A33512997A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{D1D7701D-434D-4587-A474-1CCA5B73BD8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{A1BD5385-8CB6-4F3B-B22A-6A378B9B4FAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{B7594238-F1A2-46DC-B6C9-43A6C9B5D797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{CA5B1936-0B86-45A7-8C82-9E7AD54D0E02}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55BDDA78-325A-4258-AE6C-B3A8EE35C992}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{71D92B90-C279-4E03-997F-1520B7D5EE0A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F9F94A77-E47A-4A18-A8DA-C313334A9910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E2004D1B-C81A-4A08-A888-B8BB3977F89B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{4FF489B6-AAC0-4235-BBD6-1BBC54C00BA1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0D51F6A8-E850-4121-9ED6-AF3D36C8D67D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{812B464C-AB78-4043-8336-E883D2A43827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{00876B0F-93BB-4699-BD0C-EA6529A38E11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{58BD34F0-11CA-4642-AB2B-FC8529B5A1C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{8B3E5611-BC53-4B01-BED7-7889EC1DB068}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E0FA69E7-2BE8-4EBB-B2DF-C9C4CB7FA40A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FF263550-51D3-4AEA-9029-E8AA1B4FD5A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C4F6EC3C-8E19-4664-B0CD-63A12EA40BF3}] => (Allow) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{648002B9-4C52-4433-8DF4-DF103BC76334}] => (Allow) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{08C2F290-A7B6-4E83-B228-E8850B1D8FF9}] => (Allow) C:\Program Files (x86)\utorrent.exe => No File
FirewallRules: [{04F0631E-A7CC-4487-8C41-B51E19EC07E7}] => (Allow) C:\Program Files (x86)\utorrent.exe => No File
FirewallRules: [{9A376BA3-C272-4724-88BD-D91E4965EC5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6B3FAF03-4B71-4F96-B80F-6DE6C3D7F808}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B512AB02-E86F-4A4C-B3E3-3BA161A1FBFD}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{A8BC71D4-8048-4BF7-997C-0237BA7DF1E0}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{C99B37E7-A160-4261-945F-CA9F2B57D3F4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F858F977-A505-45DA-9F54-C375568D9F2F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{5CEA0C7C-99C7-49E0-8316-7AE401BCD3A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EBFE9442-C234-425F-B035-5CB622F9202D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DDB6B667-D775-45CC-A037-41175DABF5A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4E00A8BC-C22E-4CA0-898C-1330804A8303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 6\Tropico6.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4701614E-2572-4534-9279-3DEA7205B0DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{1DF9B3F2-7309-48A7-ABFC-A2D30980F04F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{F0E517E1-24CB-4B4B-995B-F246760D77F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom Rush Vengeance\Kingdom Rush Vengeance.exe (Ironhide S.A.) [File not signed]
FirewallRules: [{EDE5FCAA-B9A1-4346-8433-443D98845E92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom Rush Vengeance\Kingdom Rush Vengeance.exe (Ironhide S.A.) [File not signed]
FirewallRules: [{14C83F26-3F40-4E1A-A35B-2D05DF1C4852}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7667A3E6-376F-4845-A238-2199077B75DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9D88F57-70DA-4ACF-AFFF-D6D9E5122967}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{57D4F814-B3F5-4B8A-98DC-B39604970E9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{90EE6F6B-E4E3-4D80-BA2C-EAEAADF92EAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48E9D479-3F0B-4A0F-A11C-B1520F20A525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{6BF17582-E26D-42C6-88AD-A27C00A5BD97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{A602C296-AC2D-40EF-913B-78141F035E26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{5C8ADA90-5288-4392-B280-3E486330EC7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{862E562B-1E7F-41E6-B4C8-EC49FE23E574}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{165F5714-CC3E-4356-BB83-7E9A97CF5E7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{54816FBE-5D0D-4080-92EB-7BC3376C7ED4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{4E91CF02-5404-421B-8B63-4DFB41B4DF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{A6B388A5-635B-4BC8-AB78-800E9696D338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
==================== Restore Points =========================
26-11-2020 14:54:26 Nainstalováno rozhraní DirectX
05-12-2020 15:31:57 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/09/2020 10:51:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1656,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:34:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9600,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:21:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1724,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 10:10:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8428,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:54:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5284,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:44:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7080,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 09:03:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/09/2020 08:49:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (12/08/2020 09:13:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/08/2020 09:13:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (12/06/2020 04:26:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueVector Internet Monitor byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2020 04:20:28 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/03/2020 05:31:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
Error: (12/03/2020 03:05:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (12/03/2020 03:05:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (12/02/2020 09:25:30 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba TrueVector Internet Monitor se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===================================
Date: 2020-12-09 08:06:32.210
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.197
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.192
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-09 08:06:32.163
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.089
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.083
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
Date: 2020-12-08 18:35:08.019
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll.34cd990908d339969d8d8237582b2fa7 that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F2 02/22/2011
Motherboard: Gigabyte Technology Co., Ltd. P67A-UD3-B3
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 55%
Total physical RAM: 8175.43 MB
Available physical RAM: 3607.81 MB
Total Virtual: 13807.43 MB
Available Virtual: 6791.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.72 GB) (Free:88.11 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{372597b8-0000-0000-0000-305074000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 372597B8)
Partition 1: (Not Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=464.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)
==================== End of Addition.txt =======================
Re: Nabouraný účet - email
ahoj,
v logoch nic mimoriadne nevidim - doporucujem prescanovat PC s MBAM
v logoch nic mimoriadne nevidim - doporucujem prescanovat PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Nabouraný účet - email
MBAM také nic nenašel. Heslo jsem samozřejmě změnil, tak asi nezbývá než čekat, zda se nestane něco znovu.
Re: Nabouraný účet - email
suhlasim
prip. hesla zmenit na zlozitejsie ...

FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/