VIRY.CZ

Dobrý deň prajem,
často mi zamŕza explorer.exe, často po štarte, vždy ho musím vypnúť cez CTRL+ALT+Delete a následne ho nanovo spustiť. A po čase mi opäť zamrzne, môžete mi s tým prosím pomôcť?
Iné problémy nemám PC je stabilný a rýchly. Ďakujem.


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2017
Ran by DESKTOP-EHIJS3J (03-07-2017 19:53:04)
Running from D:\Games\Movie
Windows 10 Pro Version 1607 (X64) (2016-12-24 15:28:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3888990516-425681314-393304876-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3888990516-425681314-393304876-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3888990516-425681314-393304876-1000 - Limited - Disabled) => C:\Users\defaultuser0
DESKTOP-EHIJS3J (S-1-5-21-3888990516-425681314-393304876-1001 - Administrator - Enabled) => C:\Users\DESKTOP-EHIJS3J
Guest (S-1-5-21-3888990516-425681314-393304876-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2016 (HKLM-x32\...\{5E5999D7-85DD-4B82-B48B-5F60BDFAC502}) (Version: 19.0.5634 - Acronis) Hidden
Acronis True Image 2016 (HKLM-x32\...\{5E5999D7-85DD-4B82-B48B-5F60BDFAC502}Visible) (Version: 19.0.5634 - Acronis)
Aktualizácie NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
AnyLogic 7.1.2 University (HKLM-x32\...\AnyLogic 7 University) (Version: - AnyLogic North America)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.7.3 - CrystalIdea Software, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Becker Content Manager (HKLM-x32\...\Becker Content Manager) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
DiRT 4 (HKLM\...\ZGlydDQ_is1) (Version: 1 - )
Discord (HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DU Meter Cz 3.07.200 (HKLM-x32\...\DU Meter Cz 3.07.200) (Version: 3.07.200 - Stanley)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
FastShare.cz verzia 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hitman (HKLM-x32\...\Hitman_is1) (Version: - )
Chrome Remote Desktop Host (HKLM-x32\...\{BAF2702F-FB88-48E4-A305-588DB8FDD834}) (Version: 59.0.3071.47 - Google Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI DragonEye (HKLM\...\{7116875E-F251-4C33-AB3F-37DE05B15595}_is1) (Version: 0.0.2.5 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.07 - MSI)
MXGP3 The Official Motocross Videogame (HKLM-x32\...\MXGP3 The Official Motocross Videogame_is1) (Version: - )
NVIDIA 3D Vision radič ovládača 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Grafický ovládač 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.53 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Watch Dogs 2 (HKLM-x32\...\Watch Dogs 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 KMS Activator Ultimate 2016 v1.6 (HKLM\...\Windows 10 KMS Activator Ultimate 2016 v1.6_is1) (Version: v1.6 - )
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-24] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-24] (AVAST Software)
ContextMenuHandlers01: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers01: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers02: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers03: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-24] (AVAST Software)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation)
ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-24] (AVAST Software)
ContextMenuHandlers06: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F831DA9-4FFF-42EC-94FC-088D41749F3A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-24] (AVAST Software)
Task: {3019F8EA-C2F9-4D94-AC6D-DBC51BC75E8C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {335FF66C-78A4-4989-902D-E58513707197} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {3FD33EE0-B48A-4C89-B0C7-6F669F6F9BB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {49A27F67-61D7-4C4E-A1F5-4FC0006D4646} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {4C7289E2-1E22-4E36-82A9-7481A8E29AB6} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe [2016-12-24] ()
Task: {4D55E496-818A-40A1-884A-49B7734F5BA9} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {6FAD418F-3AB0-4B63-B8CC-847DF1BFCB43} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {76D9FF53-2484-41B3-B255-23D9F8CD8F06} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-01-19] (Micro-Star INT'L CO., LTD.)
Task: {810DF49F-6A50-44B8-B341-16E54D5D298A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {8A69A093-5E71-4C71-84C5-F4F21815267E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {AC62C840-EA20-4056-8293-DD7C5844BC3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {B8CBD0D7-6B5F-404D-8E29-CDC21EAE080A} - System32\Tasks\AutoPico Daily Restart => C:\Users\DESKTO~1\AppData\Local\Temp\RarSFX0\AutoPico.exe <==== ATTENTION
Task: {CD246705-1A1F-4EA2-B02B-C850BE58172E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {DB5EFEE3-9A71-40EA-8147-811CCB730007} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {E8FF3C66-206B-4E70-B15A-34A63ADF8333} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {EEFAE57C-C59F-48F0-B17E-193BBF6AB6A3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-14] (AVAST Software)
Task: {F2132233-39A8-410E-A6DF-D1D5465E8742} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {FE0E6844-C452-4AB6-B9B3-0C4659F95784} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {FED9F19E-4295-4681-A226-D2D73A43E56B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-12-24 16:56 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-24 19:49 - 2016-12-24 19:49 - 00614400 _____ () C:\WINDOWS\AutoKMS.exe
2017-03-04 12:14 - 2014-04-24 14:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-03-04 12:14 - 2015-05-08 14:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2017-02-17 22:24 - 2017-06-21 09:07 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-26 19:45 - 2016-06-14 16:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-06-27 20:07 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-27 20:07 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2015-09-23 03:58 - 2015-09-23 03:58 - 07568104 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-12-24 18:09 - 2016-12-24 18:14 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-24 18:09 - 2016-12-24 18:14 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-24 18:09 - 2016-12-24 18:14 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-24 18:09 - 2016-12-24 18:14 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-07-16 13:42 - 2016-12-24 16:54 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 13:43 - 2016-12-24 16:55 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-16 13:42 - 2016-12-24 16:55 - 00236488 _____ () c:\windows\system32\WerEtw.dll
2016-12-24 22:34 - 2016-12-24 22:34 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-03 13:39 - 2017-07-03 13:39 - 05683712 _____ () C:\Program Files\AVAST Software\Avast\defs\17070300\algo.dll
2016-12-24 22:34 - 2016-12-24 22:34 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-04 12:14 - 2017-07-03 19:48 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-03-04 12:14 - 2015-05-08 14:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-02-17 22:24 - 2017-06-21 09:07 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-26 19:45 - 2016-06-14 16:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2017-02-26 16:44 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-02-26 16:44 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-02-26 16:44 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2017-02-26 16:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-02-26 16:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-02-26 16:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-02-26 16:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-02-26 16:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-02-26 16:44 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-02-26 16:44 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-02-26 16:44 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-02-26 16:44 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-02-17 22:24 - 2017-06-21 09:06 - 66837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-02-26 16:45 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-13 20:24 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-02-26 16:44 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-04-29 10:29 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-04-29 10:29 - 2017-04-29 10:29 - 01082880 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-04-29 10:29 - 2017-04-29 10:29 - 03750400 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-04-29 10:29 - 2017-04-29 10:29 - 00914432 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-04-29 10:29 - 2017-04-29 10:29 - 01127424 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-04-29 10:29 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-04-29 10:29 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-06-20 11:28 - 2017-06-20 11:28 - 01997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-07-03 19:49 - 2017-07-03 19:49 - 00148992 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\B584.tmp.node
2017-04-29 10:29 - 2017-04-29 10:29 - 02658296 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-04-29 10:30 - 2017-04-29 10:30 - 02665976 _____ () \\?\C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-24 22:34 - 2016-12-24 22:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-23 03:57 - 2015-09-14 13:50 - 19710880 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2015-09-23 02:24 - 2015-09-23 02:24 - 00035792 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-09-23 02:27 - 2015-09-23 02:27 - 00056784 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2015-09-23 02:25 - 2015-09-23 02:25 - 00445904 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-09-23 02:24 - 2015-09-23 02:24 - 00115664 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-24 16:57 - 2016-12-25 00:08 - 00000861 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activation.acronis.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3888990516-425681314-393304876-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\StartupApproved\Run: => "WarThunderLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{33F08A2F-0B1E-4FDA-93E9-9FD9EDCBE93A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{0BE61CA8-169C-4E8B-8FEB-E1AE1B53066A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{10461808-3409-4B04-BDC7-A188E972D2E2}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{FDA6B889-A3A5-4619-BB3C-3A9B0E8172C2}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{60304910-6384-474C-BD64-6CD4F4250D27}C:\users\desktop-ehijs3j\appdata\local\temp\68b6.tmp\servkms.exe] => (Allow) C:\users\desktop-ehijs3j\appdata\local\temp\68b6.tmp\servkms.exe
FirewallRules: [UDP Query User{8CF1F885-6F8E-4CD6-A00A-214D6C7995AC}C:\users\desktop-ehijs3j\appdata\local\temp\68b6.tmp\servkms.exe] => (Allow) C:\users\desktop-ehijs3j\appdata\local\temp\68b6.tmp\servkms.exe
FirewallRules: [{BDBB6AB5-200C-4D2E-B8D3-9B8542E1146C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0E3C8DDB-30CE-474E-9B6D-FA5AA15855CC}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{708B9CBE-1127-4FD2-A587-DD02F7985D40}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0F5EB187-26D3-4BA2-93D3-5896975C8C21}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{41C71F03-4A2D-44AF-AA99-8ABED91588A4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8C31F13C-4673-42AE-8872-2DE78F311B13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E37750CC-DE4E-4C22-99BF-EE0E0B1F5877}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C24758BC-3DA2-40C6-8EF0-F067CEDC36AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FCCEF243-EA41-4039-B33C-6080934D947A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67D3C992-C823-41D5-A6BD-5E75A9A236B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{18D08552-7065-4811-814E-000264693247}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{9B6E5C68-2031-4531-AD8B-731A686DB5C0}D:\games\far cry primal\bin\fcprimal.exe] => (Allow) D:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [{6159E373-368B-4F7D-AF94-E22CF7034C25}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{82546B7E-81FD-4B0D-8606-11DF10345253}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F8F5F793-4254-44D8-B83D-53B324CDEE55}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{040EE38E-2B75-402D-94EE-C411FE9E614E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0075E0C8-2742-4D00-8655-9CE2E77596F4}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{60D5A017-02AD-47DB-ADEC-E3091AD335B4}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{AAF1FBF6-2A06-4D85-A903-6ADF88C71A76}C:\program files\anylogic 7 university\anylogic.exe] => (Allow) C:\program files\anylogic 7 university\anylogic.exe
FirewallRules: [UDP Query User{D977537E-97CE-47BB-8316-8990510E8AE7}C:\program files\anylogic 7 university\anylogic.exe] => (Allow) C:\program files\anylogic 7 university\anylogic.exe
FirewallRules: [{F66C9CB0-1CD0-4151-B3F6-78D121B684C3}] => (Allow) LPort=26789
FirewallRules: [TCP Query User{7D3F655D-B040-469A-AA0F-730507611D6B}D:\games\warthunder\win64\aces.exe] => (Allow) D:\games\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{D386DFE4-DE1B-41D4-9FFF-E6A74FE01EB4}D:\games\warthunder\win64\aces.exe] => (Allow) D:\games\warthunder\win64\aces.exe
FirewallRules: [{76460A11-63E4-4B37-BE96-C3A768A1C0E5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
FirewallRules: [{3BD06E50-8709-4B7C-A2C6-09D98C40D559}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-06-2017 14:30:45 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2017 07:49:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007000D
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/03/2017 07:49:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007000D
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2017 12:58:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (07/03/2017 12:58:25 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (07/03/2017 12:58:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/03/2017 09:39:28 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007000D
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/03/2017 09:39:22 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (07/03/2017 09:39:05 AM) (Source: Acronis Scheduler) (EventID: 1) (User: DESKTOP-8SU3M9S)
Description: Scheduler failed to run task with GUID 'A2BB4F95-348C-4590-958E-DF518374D6D4' because of error 2 (Failed to find the file (folder) or the key (value) in the registry.).

Error: (07/02/2017 10:26:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (07/02/2017 10:26:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


System errors:
=============
Error: (07/03/2017 07:48:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/03/2017 07:48:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/03/2017 07:48:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.

Error: (07/03/2017 04:06:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8SU3M9S)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2017-03-26 19:25:25.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-03-22 21:06:00.409
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-03-21 21:27:01.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-02-26 12:31:51.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-02-18 18:43:26.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2016-12-24 18:14:26.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 8088.6 MB
Available physical RAM: 4738.19 MB
Total Virtual: 16024.6 MB
Available Virtual: 12016.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.93 GB) (Free:90.51 GB) NTFS
Drive d: () (Fixed) (Total:902.21 GB) (Free:291.56 GB) NTFS
Drive e: (Záloha) (Fixed) (Total:29.3 GB) (Free:3.15 GB) NTFS
Drive k: (My Passport) (Fixed) (Total:1862.98 GB) (Free:804.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3CDEE9CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 19E3B71E)
Partition 1: (Not Active) - (Size=902.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29.3 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt ============================

Zdravím!
Ještě potřebuji vidět log FRST. Toto je pouze Additional.

Páči sa:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2017
Ran by DESKTOP-EHIJS3J (administrator) on DESKTOP-8SU3M9S (03-07-2017 19:52:25)
Running from D:\Games\Movie
Loaded Profiles: DESKTOP-EHIJS3J (Available Profiles: defaultuser0 & DESKTOP-EHIJS3J)
Platform: Windows 10 Pro Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\AutoKMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\syswow64\muachost.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\Windows\syswow64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Gaijin Entertainment) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Hammer & Chisel, Inc.) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\Discord.exe
() C:\Windows\KMSEmulator.exe
(Hammer & Chisel, Inc.) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hammer & Chisel, Inc.) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hagel Technologies) C:\Program Files (x86)\DU Meter\DUMeter.exe
(Hagel Technologies) C:\Program Files (x86)\DU Meter\DUMeter.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856 2015-09-23] (Acronis)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8841472 2016-06-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [1469440 2005-02-03] (Hagel Technologies)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-24] (AVAST Software)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-09-23] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7568104 2015-09-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [Gaijin.Net Agent] => C:\Users\DESKTOP-EHIJS3J\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-03-21] (Gaijin Entertainment)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [WarThunderLauncher] => D:\Games\WarThunder\launcher.exe
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [Discord] => C:\Users\DESKTOP-EHIJS3J\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [GoogleChromeAutoLaunch_2A178A0FE1AB7AC586ECC1E74C83538B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912 2017-06-23] (Google Inc.)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {31631145-00c7-11e7-8a62-001a7dda7111} - "J:\Lenovo_Suite.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {34d629cd-10a6-11e7-8a7f-001a7dda7111} - "J:\Setup.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {450d38eb-5296-11e7-8adb-001a7dda7111} - "J:\stp-se4.exe"
Startup: C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DU Meter.lnk [2016-12-24]
ShortcutTarget: DU Meter.lnk -> C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{3cdee9ca-0000-0000-0000-500600000000}\bootwiz\asrm.bin
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{20be8f13-02df-417c-8bbf-ff5b12a2e8fe}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{52d5fc45-291b-4a17-816c-77b10b007b34}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-3888990516-425681314-393304876-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-14] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-14] (Oracle Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-24]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Profile: C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default [2017-07-03]
CHR Extension: (Prezentácie Google) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-25]
CHR Extension: (Dokumenty Google) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-25]
CHR Extension: (Disk Google) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-25]
CHR Extension: (YouTube) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-25]
CHR Extension: (Java API Search) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfngjamcomlehblpblaacingmaojnm [2017-06-15]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2017-06-15]
CHR Extension: (Avast SafePrice) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-02]
CHR Extension: (Tabuľky Google) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-25]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-15]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-26]
CHR Extension: (AdBlock) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-27]
CHR Extension: (Avast Online Security) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-13]
CHR Extension: (eBay for Chrome) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2017-06-27]
CHR Extension: (Project Viewer 365-Free) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmpghmkgkalhonankenfklpmdgnilapp [2017-06-15]
CHR Extension: (Kontrola pošty Google) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-03-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-06-15]
CHR Extension: (Speedtest by Ookla) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2017-06-29]
CHR Extension: (Gmail) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\DESKTOP-EHIJS3J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-24] (AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-09] (Spoločnosť Google Inc.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [68024 2017-02-16] (Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] ()
S3 ASUSfilter; C:\WINDOWS\System32\drivers\ASUSfilter.sys [47944 2012-08-20] (MCCI Corporation)
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [25928 2012-08-20] (MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [150344 2012-08-20] (MCCI Corporation)
S3 ASUSxpsp; C:\WINDOWS\System32\drivers\ASUSxpsp.sys [26952 2012-08-20] (MCCI Corporation)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-12-24] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-12-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-12-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-12-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-24] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-12-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-12-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-12-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-24] (AVAST Software)
S3 cpuz140; C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [45888 2017-03-12] (CPUID) <==== ATTENTION
S3 cpuz143; C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2017-06-30] (CPUID) <==== ATTENTION
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-26] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-26] (Disc Soft Ltd)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [323040 2016-12-25] (Acronis International GmbH)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-06-21] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-10-28] (Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1057728 2016-12-25] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198088 2016-12-25] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [553912 2016-12-25] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-03 19:52 - 2017-07-03 19:52 - 00000000 ____D C:\FRST
2017-07-02 22:25 - 2017-07-02 22:25 - 00541628 _____ C:\WINDOWS\Minidump\070217-10734-01.dmp
2017-07-02 22:24 - 2017-07-02 22:24 - 00543060 _____ C:\WINDOWS\Minidump\070217-9796-01.dmp
2017-07-02 21:57 - 2017-07-02 21:57 - 00001292 _____ C:\Users\DESKTOP-EHIJS3J\Desktop\Continue BitLord Installation.lnk
2017-07-02 20:51 - 2017-07-03 19:49 - 00003162 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-06-29 19:54 - 2017-06-21 09:07 - 00179320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-29 19:54 - 2017-06-21 09:07 - 00146552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-27 22:27 - 2017-06-27 22:27 - 00002122 _____ C:\Users\DESKTOP-EHIJS3J\Desktop\Becker Content Manager.lnk
2017-06-27 22:27 - 2017-06-27 22:27 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Becker Content Manager
2017-06-27 22:27 - 2017-06-27 22:27 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\ContentManager
2017-06-27 22:27 - 2017-06-27 22:27 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\BeckerContentManager
2017-06-27 22:26 - 2017-06-27 22:26 - 00000000 ____D C:\Program Files (x86)\Becker Content Manager
2017-06-22 13:42 - 2017-06-22 13:42 - 00543316 _____ C:\WINDOWS\Minidump\062217-9781-01.dmp
2017-06-19 07:49 - 2017-06-19 07:49 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\TekkenGame
2017-06-17 09:23 - 2017-06-17 09:23 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-16 15:57 - 2017-06-16 15:57 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-16 15:57 - 2017-06-08 01:38 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-16 15:57 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-06-16 15:57 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-06-16 15:57 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-06-16 15:57 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-16 15:54 - 2017-06-08 03:45 - 40201664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 35390584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 35281344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 10551256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 03796928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438253.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 01606776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438253.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 01278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 01056888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00994240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00993360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00964216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00688784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-06-16 15:54 - 2017-06-08 03:45 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-06-16 15:54 - 2017-06-08 03:45 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-06-16 15:22 - 2017-06-16 15:22 - 00000417 _____ C:\Users\Public\Desktop\DiRT 4.lnk
2017-06-16 15:20 - 2017-06-16 15:20 - 01710680 _____ C:\Users\DESKTOP-EHIJS3J\Desktop\SetupVCD5500.exe
2017-06-16 15:20 - 2017-06-16 15:20 - 00001323 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2017-06-16 15:20 - 2017-06-16 15:20 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2017-06-15 15:39 - 2017-06-15 15:39 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2017-06-15 15:39 - 2017-06-15 15:39 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Google
2017-06-07 21:09 - 2017-06-19 07:49 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\UnrealEngine
2017-06-07 21:09 - 2017-06-07 21:09 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-06-07 21:09 - 2017-06-07 21:09 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\mxgp3
2017-06-07 20:38 - 2017-06-07 20:38 - 00000816 _____ C:\Users\DESKTOP-EHIJS3J\Desktop\MXGP3 The Official Motocross Videogame.lnk
2017-06-06 20:43 - 2017-06-06 20:43 - 09043240 _____ C:\Users\DESKTOP-EHIJS3J\Downloads\G5603_P01.rar
2017-06-06 20:37 - 2017-06-06 20:37 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 20:35 - 2017-06-06 20:35 - 00000000 ____D C:\Users\Marcel\Documents\The Witcher 3
2017-06-06 20:35 - 2017-06-06 20:35 - 00000000 ____D C:\Users\Marcel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-03 19:52 - 2016-12-24 17:31 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Skype
2017-07-03 19:49 - 2017-02-26 16:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-03 19:48 - 2016-12-25 02:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-03 16:07 - 2016-12-24 16:51 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-07-03 16:06 - 2016-12-24 17:29 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J
2017-07-03 12:58 - 2016-12-24 17:31 - 00005596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-03 09:45 - 2017-03-02 21:35 - 00004228 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{738AD8B4-2D5A-43AC-AA38-001DF8E58593}
2017-07-02 22:25 - 2017-03-05 21:51 - 561298411 _____ C:\WINDOWS\MEMORY.DMP
2017-07-02 22:25 - 2016-12-25 02:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-02 22:25 - 2016-12-24 22:42 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-01 00:15 - 2017-05-04 19:19 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\Desktop\Lesson 5
2017-06-30 15:15 - 2017-03-22 21:49 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\Documents\Súbory programu Outlook
2017-06-29 21:36 - 2017-02-20 18:22 - 00000000 ____D C:\Program Files (x86)\FastShare
2017-06-29 19:55 - 2017-05-26 09:38 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:55 - 2017-03-12 17:27 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-29 19:55 - 2017-03-12 17:26 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:55 - 2017-02-17 22:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-29 19:55 - 2016-12-30 17:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-29 19:55 - 2016-12-24 17:44 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:55 - 2016-12-24 16:56 - 00000000 ____D C:\WINDOWS\INF
2017-06-29 19:54 - 2016-12-24 17:44 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:54 - 2016-12-24 17:44 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:54 - 2016-12-24 17:44 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:54 - 2016-12-24 17:44 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-29 19:54 - 2016-12-24 17:44 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-21 09:07 - 2017-03-12 17:22 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-21 09:07 - 2017-02-17 22:24 - 01903224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-06-21 09:07 - 2017-02-17 22:24 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-06-21 09:07 - 2017-02-17 22:24 - 01489528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-06-21 09:07 - 2017-02-17 22:24 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-06-21 09:07 - 2017-02-17 22:24 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-06-21 09:07 - 2017-02-17 22:21 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-06-20 22:58 - 2017-03-12 17:25 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-17 21:49 - 2017-02-21 20:51 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\vlc
2017-06-16 16:01 - 2017-02-17 23:45 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\Documents\My Games
2017-06-16 15:56 - 2016-12-26 04:15 - 00000000 ____D C:\WINDOWS\LastGood
2017-06-15 15:39 - 2017-02-26 17:19 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-15 15:39 - 2017-02-26 17:19 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-13 20:25 - 2016-12-24 17:32 - 00003310 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-13 20:25 - 2016-12-24 17:30 - 00002397 _____ C:\Users\DESKTOP-EHIJS3J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-13 20:25 - 2016-12-24 17:30 - 00000000 ___RD C:\Users\DESKTOP-EHIJS3J\OneDrive
2017-06-11 17:32 - 2017-03-15 21:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-11 17:21 - 2017-02-17 22:24 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\NVIDIA Corporation
2017-06-08 03:45 - 2017-02-17 22:21 - 28624320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-06-08 03:45 - 2017-02-17 22:21 - 04115112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-06-08 03:45 - 2017-02-17 22:21 - 03625992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-06-08 03:45 - 2017-02-17 22:21 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-06-08 03:45 - 2017-02-17 22:21 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-06-08 03:45 - 2017-02-17 22:21 - 00045163 _____ C:\WINDOWS\system32\nvinfo.pb
2017-06-08 01:55 - 2017-02-17 22:22 - 06467008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-08 01:55 - 2017-02-17 22:22 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-07 22:51 - 2016-12-26 16:10 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-07 14:42 - 2017-02-17 22:22 - 08075477 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-06 20:36 - 2016-12-24 17:39 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-06 20:33 - 2016-12-24 17:29 - 00000000 ____D C:\Users\DESKTOP-EHIJS3J\AppData\Local\Packages
2017-06-06 20:33 - 2016-12-24 16:57 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-06 20:33 - 2016-12-24 16:57 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Files in the root of some directories =======

2016-12-26 17:16 - 2016-12-26 17:16 - 0007605 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Resmon.ResmonCfg
2016-12-25 02:23 - 2016-12-25 02:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\DESKTOP-EHIJS3J\Display Driver Uninstaller.exe


Some files in TEMP:
====================
2017-07-02 21:57 - 2017-07-02 21:57 - 1638344 _____ (Temibosafo ) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\ICReinstall_BitlordSetup_VmYAoa.exe
2017-03-14 11:00 - 2017-03-14 11:00 - 0739904 _____ (Oracle Corporation) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-03-25 09:29 - 2017-03-25 09:29 - 4445452 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\KMS.exe
2017-02-17 22:23 - 2017-03-17 00:56 - 0754352 _____ (NVIDIA Corporation) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\nvSCPAPI.dll
2017-02-17 22:23 - 2017-03-17 00:56 - 0867968 _____ (NVIDIA Corporation) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\nvSCPAPI64.dll
2016-12-26 03:51 - 2017-03-17 00:56 - 0352704 _____ (NVIDIA Corporation) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\nvStInst.exe
2017-03-24 20:30 - 2017-06-27 22:26 - 72172929 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\Setup.exe
2017-04-17 21:31 - 2017-04-17 21:33 - 57886168 _____ (Skype Technologies S.A.) C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\SkypeSetup.exe
2017-06-06 20:37 - 2016-10-26 18:59 - 0116929 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\Uninstall.exe
2017-06-17 09:20 - 2017-06-17 09:22 - 30950664 _____ () C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-29 21:46

==================== End of FRST.txt ============================

OK. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Páči sa:
# AdwCleaner v6.047 - *Logfile created 03/07/2017 *at 20:46:31
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-29.3 [*Server]
# *Operating System : Windows 10 Pro (X64)
# *Username : DESKTOP-EHIJS3J - DESKTOP-8SU3M9S
# *Running from : C:\Users\DESKTOP-EHIJS3J\Desktop\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [791 *Bytes] - [03/07/2017 20:46:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [1197 *Bytes] - [03/07/2017 20:46:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [938 *Bytes] ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Windows\KMSEmulator.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {31631145-00c7-11e7-8a62-001a7dda7111} - "J:\Lenovo_Suite.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {34d629cd-10a6-11e7-8a7f-001a7dda7111} - "J:\Setup.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {450d38eb-5296-11e7-8adb-001a7dda7111} - "J:\stp-se4.exe"
GroupPolicy: Restriction <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\DESKTOP-EHIJS3J\Display Driver Uninstaller.exe
C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp
ContextMenuHandlers01: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers06: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Páči sa:

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-07-2017
Ran by DESKTOP-EHIJS3J (03-07-2017 22:17:57) Run:1
Running from C:\Users\DESKTOP-EHIJS3J\Desktop
Loaded Profiles: DESKTOP-EHIJS3J (Available Profiles: defaultuser0 & DESKTOP-EHIJS3J)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Windows\KMSEmulator.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {31631145-00c7-11e7-8a62-001a7dda7111} - "J:\Lenovo_Suite.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {34d629cd-10a6-11e7-8a7f-001a7dda7111} - "J:\Setup.exe"
HKU\S-1-5-21-3888990516-425681314-393304876-1001\...\MountPoints2: {450d38eb-5296-11e7-8adb-001a7dda7111} - "J:\stp-se4.exe"
GroupPolicy: Restriction <==== ATTENTION
C:\ProgramData\DP45977C.lfl
C:\Users\DESKTOP-EHIJS3J\Display Driver Uninstaller.exe
C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp
ContextMenuHandlers01: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers06: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

EmptyTemp:
End
*****************

"C:\Windows\KMSEmulator.exe" => not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-3888990516-425681314-393304876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31631145-00c7-11e7-8a62-001a7dda7111} => key removed successfully
HKLM\Software\Classes\CLSID\{31631145-00c7-11e7-8a62-001a7dda7111} => key not found.
HKU\S-1-5-21-3888990516-425681314-393304876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34d629cd-10a6-11e7-8a7f-001a7dda7111} => key removed successfully
HKLM\Software\Classes\CLSID\{34d629cd-10a6-11e7-8a7f-001a7dda7111} => key not found.
HKU\S-1-5-21-3888990516-425681314-393304876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{450d38eb-5296-11e7-8adb-001a7dda7111} => key removed successfully
HKLM\Software\Classes\CLSID\{450d38eb-5296-11e7-8adb-001a7dda7111} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\DESKTOP-EHIJS3J\Display Driver Uninstaller.exe => moved successfully

"C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp" folder move:

Could not move "C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\VersionsPageShellExt => key removed successfully
HKLM\Software\Classes\CLSID\{9E42900A-85F9-4E67-9778-575FBBA0A81C} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\VersionsPageShellExt => key removed successfully
HKLM\Software\Classes\CLSID\{9E42900A-85F9-4E67-9778-575FBBA0A81C} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 1134528 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42591117 B
Java, Flash, Steam htmlcache => 48551810 B
Windows/system/drivers => 76638166 B
Edge => 92266 B
Chrome => 852394435 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 40408010 B
NetworkService => 11346 B
defaultuser0 => 0 B
DESKTOP-EHIJS3J => 3257782940 B

RecycleBin => 0 B
EmptyTemp: => 4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-07-2017 22:23:43)

"C:\Users\DESKTOP-EHIJS3J\AppData\Local\Temp" => Could not move

==== End of Fixlog 22:23:45 ====

OK. Nastala nějaká změna?