VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Bordel v PC

https://forum.viry.cz:443/viewtopic.php?t=154642

Stránka 1 z 1

Bordel v PC

Napsal: 14 srp 2018 19:11
od Windi
Zdar, prosím o pomoc při prohlédnutí PC.
Úspěšně jsem si tam včera natahal nějaký bordel z nějakého qpdownload. Snažil jsem se všeho zbavit, ale kdo ví co jsem vynechal.


Logfile of random's system information tool 1.10 (written by random/random)
Run by Merm at 2018-08-14 20:02:29
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (30%) free of 228 GB
Total RAM: 16337 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:32, on 14.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe
C:\Program Files\trend micro\Merm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8331 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
taskeng.exe {D81C6533-7CE4-4E1A-BF97-4BF767D12734}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35R1FNZ205YC;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Merm\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Merm\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7feed4924d0,0x7feed4924e0,0x7feed4924f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4452 --on-initialized-event-handle=356 --parent-handle=368 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=3A16BA640B81AAFE893FA7B668B6CF74 --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=E5B293879BF8A7A75D2FED5EDC9D02D0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E5B293879BF8A7A75D2FED5EDC9D02D0 --renderer-client-id=3 --mojo-platform-channel-handle=2412 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=A7D30B62CAFE43E602A121B2E4C10D55 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A7D30B62CAFE43E602A121B2E4C10D55 --renderer-client-id=4 --mojo-platform-channel-handle=2788 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=71078D5E24460960D22E7FDDD6696A52 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=71078D5E24460960D22E7FDDD6696A52 --renderer-client-id=19 --mojo-platform-channel-handle=5928 /prefetch:1
taskeng.exe {A70EE08D-1ADE-459F-9442-B7EFBA840BC6}
"D:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe" /scheduler
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=844EE0115CE7AD8BD7AC82828B5918D2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=844EE0115CE7AD8BD7AC82828B5918D2 --renderer-client-id=25 --mojo-platform-channel-handle=4960 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=E68254E215FADC2B04CB19F2242ED0A1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E68254E215FADC2B04CB19F2242ED0A1 --renderer-client-id=26 --mojo-platform-channel-handle=5920 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=2B51FA4869CCA05B7F1B1E7AD88B45C4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2B51FA4869CCA05B7F1B1E7AD88B45C4 --renderer-client-id=27 --mojo-platform-channel-handle=5956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=46210E26AF8F16A2A6C78DFD4188802A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=46210E26AF8F16A2A6C78DFD4188802A --renderer-client-id=32 --mojo-platform-channel-handle=4808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=B12ED6263E2542BB925D5534D6ED3EA7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=B12ED6263E2542BB925D5534D6ED3EA7 --renderer-client-id=40 --mojo-platform-channel-handle=6384 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=51A57CFBDE876C68E0907B5B2A4B92D1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=51A57CFBDE876C68E0907B5B2A4B92D1 --renderer-client-id=41 --mojo-platform-channel-handle=5392 /prefetch:1
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=C1C40C759AB8B432A407D23327DD3FB4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C1C40C759AB8B432A407D23327DD3FB4 --renderer-client-id=46 --mojo-platform-channel-handle=6488 /prefetch:1
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=4BA412F56FAD03911DE33144DC61B440 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4BA412F56FAD03911DE33144DC61B440 --renderer-client-id=52 --mojo-platform-channel-handle=4236 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=A605BB4A39B94537D71E99F9C13AC45D --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A605BB4A39B94537D71E99F9C13AC45D --renderer-client-id=55 --mojo-platform-channel-handle=7024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=BEC2D184251AA618F462DEF43228C45B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=BEC2D184251AA618F462DEF43228C45B --renderer-client-id=57 --mojo-platform-channel-handle=7676 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,5363911888365002787,10156658285333684387,131072 --service-pipe-token=4A2B64377833BF2E94F6F9456F93AEF5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4A2B64377833BF2E94F6F9456F93AEF5 --renderer-client-id=58 --mojo-platform-channel-handle=7844 /prefetch:1
"C:\Windows\system32\wuauclt.exe"
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Merm\AppData\Roaming\Mozilla\Firefox\Profiles\pxsg0thh.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.171.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-08 582088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-17 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-08 245192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-17 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-07-18 9268672]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-08-22 1923192]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-17 242904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
D:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 4836032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

C:\Users\Merm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CNC3.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CNC3EP1.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\generals.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RA3.exe]
"Debugger="C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-14 20:02:29 ----D---- C:\rsit
2018-08-14 20:02:29 ----D---- C:\Program Files\trend micro
2018-08-13 21:49:33 ----D---- C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
2018-08-13 21:47:50 ----D---- C:\ProgramData\McAfee
2018-07-22 20:47:41 ----D---- C:\Users\Merm\AppData\Roaming\Downloaded Installations
2018-07-21 20:48:06 ----D---- C:\ProgramData\Paessler
2018-07-21 20:47:28 ----D---- C:\Program Files\WinPcap
2018-07-21 20:43:25 ----D---- C:\Program Files (x86)\PRTG Network Monitor
2018-07-21 20:43:00 ----D---- C:\ProgramData\TEMP
2018-07-21 20:43:00 ----D---- C:\ProgramData\Licenses
2018-07-18 23:05:34 ----D---- C:\Windows\system32\unknown
2018-07-18 23:05:34 ----D---- C:\Windows\system32\drivers\NVIDIA Corporation
2018-07-18 23:05:14 ----A---- C:\Windows\system32\nvdispgenco6439811.dll
2018-07-18 23:05:14 ----A---- C:\Windows\system32\nvdispco6439811.dll
2018-07-18 23:05:08 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-07-18 23:05:07 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2018-07-18 23:05:06 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-07-18 23:05:06 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-07-18 23:05:06 ----A---- C:\Windows\system32\nvopencl.dll
2018-07-18 23:05:05 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2018-07-18 23:05:05 ----A---- C:\Windows\system32\nvoglv64.dll
2018-07-18 23:05:04 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2018-07-18 23:05:04 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2018-07-18 23:05:04 ----A---- C:\Windows\system32\nvoglshim64.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\nvinitx.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\NvIFR64.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\NvFBC64.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-07-18 23:05:03 ----A---- C:\Windows\system32\nvd3dumx.dll
2018-07-18 23:05:02 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-07-18 23:05:02 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2018-07-18 23:05:02 ----A---- C:\Windows\system32\nvcuvid.dll
2018-07-18 23:05:02 ----A---- C:\Windows\system32\nvcuda.dll
2018-07-18 23:05:01 ----A---- C:\Windows\system32\nvcompiler.dll
2018-07-18 23:05:00 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-07-18 23:04:05 ----A---- C:\Windows\system32\RtNicProp64.dll
2018-07-18 23:04:05 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2018-07-18 23:03:51 ----A---- C:\Windows\system32\nvhdap64.dll
2018-07-18 23:03:51 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2018-07-18 23:03:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2018-07-18 23:03:09 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2018-07-18 23:03:09 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2018-07-18 23:03:09 ----A---- C:\Windows\SYSWOW64\SEHDHF32.dll
2018-07-18 23:03:09 ----A---- C:\Windows\SYSWOW64\SECOMN32.dll
2018-07-18 23:03:09 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\YamahaAE2.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\YamahaAE.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tossaeapo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\toseaeapo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tosasfapo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tosade.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tepeqapo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tadefxapo264.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\tadefxapo.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRSWOW64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRSTSX64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRSTSH64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRSHP64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRRPTR64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRCOM64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRCOM.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SRAPO64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\sltech64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\slprp64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\slcnt64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\sl3apo64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SFSS_APO.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SFNHK64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SFCOM64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SFAPO64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SEHDRA64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SEHDHF64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SECOMN64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\SEAPO64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtPgEx64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtkCfg64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtkApi64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RTEEP64A.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RTEEL64A.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RTEEG64A.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RTEED64A.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RtDataProc64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RTCOM64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RP3DHT64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RP3DAA64.dll
2018-07-18 23:03:09 ----A---- C:\Windows\system32\RltkAPO64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\RCoInstII64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\R4EEP64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\R4EEL64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\R4EEG64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\R4EED64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\R4EEA64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMUI.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMLimiter.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMHVS.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMEQ.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMClariFi.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HMAPO.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPP64AF3.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPP64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPO64AF3.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPO64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPD64AF3.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPD64A.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPA64F3.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DDPA64.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DAX3APOv251.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\DAX3APOProp.dll
2018-07-18 23:03:08 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 23:03:07 ----A---- C:\Windows\system32\audioLibVc.dll
2018-07-18 23:03:07 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 23:03:03 ----A---- C:\Windows\system32\RCoRes64.dat
2018-07-18 23:03:03 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2018-07-18 23:02:50 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2018-07-18 23:02:37 ----A---- C:\Windows\system32\drivers\iaStorF.sys
2018-07-18 23:02:37 ----A---- C:\Windows\system32\drivers\iaStorA.sys
2018-07-18 23:01:54 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2018-07-17 19:54:47 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-08-14 20:02:29 ----RD---- C:\Program Files
2018-08-14 19:58:09 ----D---- C:\Windows\Temp
2018-08-14 19:57:52 ----D---- C:\Windows\system32\config
2018-08-14 19:57:42 ----RD---- C:\Program Files (x86)
2018-08-14 19:57:42 ----D---- C:\ProgramData\NVIDIA
2018-08-14 19:57:42 ----D---- C:\Program Files (x86)\Common Files
2018-08-13 21:50:56 ----D---- C:\Windows\system32\Tasks
2018-08-13 21:47:50 ----HD---- C:\ProgramData
2018-08-13 21:41:41 ----SHD---- C:\Windows\Installer
2018-08-13 20:20:05 ----D---- C:\Windows\System32
2018-08-13 20:20:05 ----D---- C:\Windows\inf
2018-08-13 20:20:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-11 05:47:48 ----HD---- C:\Windows\system32\GroupPolicy
2018-08-11 05:47:48 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2018-08-11 05:39:23 ----D---- C:\Program Files\Mozilla Firefox
2018-08-11 05:39:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-08 11:03:06 ----SHD---- C:\System Volume Information
2018-08-08 08:06:41 ----D---- C:\Program Files (x86)\Battle.net
2018-08-01 21:23:16 ----D---- C:\Users\Merm\AppData\Roaming\TS3Client
2018-07-27 00:39:32 ----SD---- C:\Users\Merm\AppData\Roaming\Microsoft
2018-07-25 20:08:30 ----D---- C:\ProgramData\IObit
2018-07-24 06:24:58 ----D---- C:\Windows\system32\wdi
2018-07-23 22:00:31 ----D---- C:\Windows\system32\drivers
2018-07-21 20:47:27 ----D---- C:\Windows\SysWOW64
2018-07-18 23:41:14 ----D---- C:\Windows
2018-07-18 23:40:07 ----D---- C:\Windows\system32\catroot
2018-07-18 23:05:42 ----D---- C:\ProgramData\NVIDIA Corporation
2018-07-18 23:05:34 ----D---- C:\Program Files\NVIDIA Corporation
2018-07-18 23:05:34 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-07-18 23:05:24 ----D---- C:\Windows\system32\DriverStore
2018-07-18 23:05:08 ----A---- C:\Windows\system32\nvwgf2umx.dll
2018-07-18 23:05:07 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2018-07-18 23:05:07 ----A---- C:\Windows\system32\nvumdshimx.dll
2018-07-18 23:05:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2018-07-18 23:05:00 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2018-07-18 23:05:00 ----A---- C:\Windows\system32\nvapi64.dll
2018-07-18 23:04:05 ----A---- C:\Windows\system32\RTNUninst64.dll
2018-07-18 23:03:51 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2018-07-18 23:03:34 ----D---- C:\Windows\system32\catroot2
2018-07-18 23:03:29 ----D---- C:\Windows\system32\DAX3
2018-07-18 23:03:29 ----D---- C:\Windows\system32\DAX2
2018-07-18 23:03:24 ----D---- C:\Windows\SYSWOW64\RTCOM
2018-07-18 22:46:30 ----D---- C:\Users\Merm\AppData\Roaming\IObit
2018-07-18 22:46:22 ----D---- C:\ProgramData\ProductData
2018-07-15 14:38:07 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-17 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-17 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-17 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-17 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-17 381584]
R0 IaNVMeF;IaNVMeF; C:\Windows\system32\drivers\IaNVMeF.sys [2017-05-23 35808]
R0 IaRNVMeF;IaRNVMeF; C:\Windows\system32\drivers\IaRNVMeF.sys [2016-01-22 36888]
R0 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\Windows\system32\DRIVERS\iaStorA.sys [2018-07-18 905736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2018-07-18 41480]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2017-05-12 23552]
R0 nvmeF;nvmeF; C:\Windows\system32\drivers\nvmeF.sys [2015-12-16 30776]
R0 ocztrimfilter;SSD Device Filter; C:\Windows\system32\drivers\ocztrimfilter.sys [2016-06-10 29064]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-17 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-17 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-17 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-17 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-17 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2017-07-06 516096]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-09-06 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-17 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-17 211160]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2014-08-19 36600]
R3 asmtxhci;ASMedia XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2017-09-06 451320]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-09-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-09-27 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2018-07-18 6173640]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2017-05-12 401408]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2017-05-12 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2018-07-18 201296]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-07-18 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-07-18 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-08-22 57976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-07-18 1059776]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2015-12-21 47736]
S3 amdhub3;AMD USB 3.0 Hub; C:\Windows\system32\drivers\amdhub3.sys [2017-02-16 160936]
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys [2016-01-14 108768]
S3 amdhub31;AMD USB3.1 Hub Service; C:\Windows\system32\drivers\amdhub31.sys [2016-02-26 141528]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys [2016-01-14 229088]
S3 amdxhc31;AMD XHCI Service; C:\Windows\system32\drivers\amdxhc31.sys [2016-02-26 440536]
S3 amdxhci;AMD USB3 Host Controller Driver; C:\Windows\system32\drivers\amdxhci.sys [2017-02-16 346792]
S3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2015-06-18 149240]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-17 46976]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-09-06 32840]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2014-02-12 65408]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver; C:\Windows\System32\Drivers\EtronSTOR.sys [2014-02-12 39296]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2014-02-12 94208]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\drivers\FLxHCIc.sys [2017-06-13 274408]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\drivers\FLxHCIh.sys [2017-06-13 87984]
S3 IaNVMe;IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [2017-05-23 125408]
S3 IaRNVMe;IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [2016-01-22 592408]
S3 MSICDSetup;MSICDSetup; \??\D:\Whatever\Drivers\Drivers\CDriver64.sys [2009-08-12 28984]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\Whatever\Drivers\Drivers\NTIOLib_X64.sys [2011-06-29 11888]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2012-08-27 107912]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2012-08-27 226696]
S3 nvme;nvme; C:\Windows\system32\drivers\nvme.sys [2015-12-16 83784]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-08-22 30328]
S3 ocznvme;ocznvme; C:\Windows\system32\drivers\ocznvme.sys [2016-06-10 99592]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2017-07-06 12520]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2017-07-06 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-07-06 19456]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\drivers\rusb3hub.sys [2012-08-27 114568]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\drivers\rusb3xhc.sys [2012-08-27 230280]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 stornvme;stornvme; C:\Windows\system32\drivers\stornvme.sys [2017-07-06 50408]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2017-07-06 29696]
S3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2016-05-12 145904]
S3 tilfilter;TI xHCI Lower Filter Driver Service; C:\Windows\system32\drivers\TIxHCIlfilter.sys [2015-02-11 17672]
S3 tiufilter;TI xHCI Upper Filter Driver Service; C:\Windows\system32\drivers\TIxHCIufilter.sys [2015-02-11 23304]
S3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2016-05-12 422392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2017-07-06 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2017-07-06 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2017-07-06 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2017-07-06 199400]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\drivers\ViaHub3.sys [2015-08-20 221696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-17 322464]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2017-07-06 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2017-07-06 27136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-01 764544]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-08-22 450168]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-17 7780400]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2017-07-06 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2291904]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-10 194512]
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-22 513144]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-22 513144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2017-07-06 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-08-02 1683744]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-07-06 27136]
S3 TunngleService;TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [2017-06-30 873968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2017-07-06 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-07-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Re: Bordel v PC

Napsal: 14 srp 2018 19:44
od Conder
Ahoj :)

:arrow: Odporucam nepouzivat a odinstalovat vsetky programy od IObit (Driver Booster, Advanced SystemCare, atd) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Bordel v PC

Napsal: 14 srp 2018 20:05
od Windi
Provedeno šéfe

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-14-2018
# Duration: 00:00:01
# OS: Windows 7 Professional
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Merm\Documents\Downloaded Installers

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D70D9C7-359A-4556-8F08-8AC253A62739}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://www.mystartsearch.com/?type=hppp ... 6Q7DL6ETLX
Deleted http://www.mystartsearch.com/?type=hppp ... 6Q7DL6ETLX
Deleted http://www.mystartsearch.com/?type=hppp ... 6Q7DL6ETLX
Deleted http://www.mystartsearch.com/?type=hppp ... 6Q7DL6ETLX

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2385 octets] - [14/08/2018 21:02:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Bordel v PC

Napsal: 14 srp 2018 20:09
od Conder
:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Re: Bordel v PC

Napsal: 14 srp 2018 20:18
od Windi
FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Merm (administrator) on MERM-PC (14-08-2018 21:16:28)
Running from C:\Users\Merm\Desktop
Loaded Profiles: Merm (Available Profiles: Merm)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Merm\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268672 2018-07-18] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\...\MountPoints2: {3ff902b2-a334-11e7-9703-d8cb8ac644e2} - E:\setup.exe
IFEO\CNC3.exe: [Debugger]
IFEO\CNC3EP1.exe: [Debugger]
IFEO\generals.exe: [Debugger]
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
Startup: C:\Users\Merm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk [2018-08-14]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.33.2 81.19.34.2
Tcpip\..\Interfaces\{F5B61D7E-C2C7-44A1-AD80-94815D731C57}: [DhcpNameServer] 81.19.33.2 81.19.34.2

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-17] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-17] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pxsg0thh.default
FF ProfilePath: C:\Users\Merm\AppData\Roaming\Mozilla\Firefox\Profiles\pxsg0thh.default [2018-08-14]
FF Extension: (Avast SafePrice) - C:\Users\Merm\AppData\Roaming\Mozilla\Firefox\Profiles\pxsg0thh.default\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (Avast Online Security) - C:\Users\Merm\AppData\Roaming\Mozilla\Firefox\Profiles\pxsg0thh.default\Extensions\wrc@avast.com.xpi [2018-05-26]
FF Extension: (Adblock Plus) - C:\Users\Merm\AppData\Roaming\Mozilla\Firefox\Profiles\pxsg0thh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-17]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... oogle.com/"
CHR Profile: C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default [2018-08-14]
CHR Extension: (Adblock Plus) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-09]
CHR Extension: (AdBlock) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (Avast Online Security) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Merm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-17] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-17] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S3 TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-07-06] (Microsoft Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (Advanced Micro Devices, Inc.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-07-23] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-17] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-27] (Disc Soft Ltd)
S3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-06] (REALiX(tm))
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [41480 2018-07-18] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [201296 2018-07-18] (Intel Corporation)
S3 MSICDSetup; D:\Whatever\Drivers\Drivers\CDriver64.sys [28984 2009-08-12] (Your Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
S3 NTIOLib_1_0_C; D:\Whatever\Drivers\Drivers\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics Co., Ltd)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [67432 2018-07-18] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-14 21:16 - 2018-08-14 21:16 - 000017042 _____ C:\Users\Merm\Desktop\FRST.txt
2018-08-14 21:16 - 2018-08-14 21:16 - 000000000 ____D C:\FRST
2018-08-14 21:12 - 2018-08-14 21:12 - 000112640 _____ (forum.viry.cz) C:\Users\Merm\Desktop\FRSTLauncher.exe
2018-08-14 21:02 - 2018-08-14 21:03 - 000000000 ____D C:\AdwCleaner
2018-08-14 21:01 - 2018-08-14 21:01 - 007417040 _____ (Malwarebytes) C:\Users\Merm\Desktop\adwcleaner_7.2.2.exe
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\rsit
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\Program Files\trend micro
2018-08-14 20:01 - 2018-08-14 20:01 - 002412544 _____ (Farbar) C:\Users\Merm\Desktop\FRST64.exe
2018-08-13 21:49 - 2018-08-13 21:49 - 000000000 ____D C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
2018-08-13 21:47 - 2018-08-14 19:57 - 000000000 ____D C:\ProgramData\McAfee
2018-08-12 20:28 - 2018-08-13 21:52 - 000000000 ____D C:\Users\Merm\Desktop\Pro Evičku
2018-08-12 20:27 - 2018-08-12 20:27 - 000000000 ____D C:\Users\Merm\AppData\Local\fs-uae
2018-08-12 19:58 - 2018-08-12 19:58 - 000000000 ____D C:\Users\Merm\AppData\Local\DOSBox
2018-08-11 06:07 - 2018-08-11 06:08 - 002139728 _____ C:\Users\Merm\Downloads\Windows Loader by DAZ v2.2.2 + WAT Fix(1).zip
2018-08-11 05:47 - 2018-08-11 06:40 - 000000412 __RSH C:\ProgramData\ntuser.pol
2018-07-22 21:03 - 2018-07-22 21:12 - 000000470 _____ C:\Users\Merm\Desktop\2050 227.mws
2018-07-22 21:03 - 2018-07-22 21:12 - 000000000 ____D C:\Users\Merm\Desktop\2050 227
2018-07-22 21:01 - 2018-07-22 21:01 - 000000009 _____ C:\Users\Merm\Desktop\227 2050.mpl
2018-07-22 20:49 - 2018-07-22 20:49 - 000000000 ____D C:\Users\Merm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiPing
2018-07-22 20:49 - 2018-07-22 20:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiPing
2018-07-22 20:47 - 2018-07-22 20:47 - 000000000 ____D C:\Users\Merm\AppData\Roaming\Downloaded Installations
2018-07-21 20:48 - 2018-07-21 20:48 - 000001024 _____ C:\.rnd
2018-07-21 20:48 - 2018-07-21 20:48 - 000000000 ____D C:\ProgramData\Paessler
2018-07-21 20:47 - 2018-07-21 20:47 - 000000000 ____D C:\Program Files\WinPcap
2018-07-21 20:43 - 2018-07-22 11:15 - 000000000 ____D C:\Program Files (x86)\PRTG Network Monitor
2018-07-21 20:43 - 2018-07-21 20:43 - 000000000 ____D C:\ProgramData\TEMP
2018-07-18 23:05 - 2018-07-18 23:05 - 040346536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 040090152 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 035250624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 032360304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 031276296 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 025990104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 019081176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 017782576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 016999360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-18 23:05 - 2018-07-18 23:05 - 015192816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 013727800 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 011272944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 003964328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 003497024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 002014144 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439811.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001562208 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001468272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439811.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001419200 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001216448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001157216 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 001092008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000904720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000627240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000544296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000517544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000462648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000420008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000165136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000142824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-07-18 23:05 - 2018-07-18 23:05 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-07-18 23:05 - 2018-07-18 23:05 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-07-18 23:05 - 2018-07-18 23:05 - 000000000 ____D C:\Windows\system32\unknown
2018-07-18 23:05 - 2018-07-18 23:05 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-07-18 23:04 - 2018-07-18 23:04 - 001059776 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-07-18 23:04 - 2018-07-18 23:04 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 072520672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2018-07-18 23:03 - 2018-07-18 23:03 - 013687502 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2018-07-18 23:03 - 2018-07-18 23:03 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 006173640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2018-07-18 23:03 - 2018-07-18 23:03 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2018-07-18 23:03 - 2018-07-18 23:03 - 003632464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003417968 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003306776 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003214672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003198528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 002939728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001971328 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001598352 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001448736 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001382192 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001353280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001328360 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001266352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001178240 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001133560 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 001027608 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000999008 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000852104 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000715608 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000541072 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000452696 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000381368 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000378352 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000366080 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000332968 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000266512 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000261160 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000230664 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-07-18 23:03 - 2018-07-18 23:03 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000218232 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000158664 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000122280 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000105272 _____ C:\Windows\system32\audioLibVc.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000075496 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-07-18 23:03 - 2018-07-18 23:03 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2018-07-18 23:02 - 2018-07-18 23:02 - 000905736 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2018-07-18 23:02 - 2018-07-18 23:02 - 000067432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-07-18 23:02 - 2018-07-18 23:02 - 000041480 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2018-07-18 23:01 - 2018-07-18 23:01 - 000201296 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2018-07-17 19:54 - 2018-07-17 19:54 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-14 21:15 - 2017-09-04 18:08 - 000000000 ____D C:\Users\Merm\AppData\LocalLow\Mozilla
2018-08-14 21:10 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2018-08-14 21:10 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2018-08-14 21:10 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-14 21:10 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-14 21:05 - 2018-04-06 03:36 - 000000000 ____D C:\Users\Merm\AppData\Local\AVAST Software
2018-08-14 21:04 - 2017-09-04 17:54 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-14 21:04 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-14 20:55 - 2017-09-04 19:27 - 000000000 ____D C:\Users\Merm\AppData\Local\Battle.net
2018-08-14 20:24 - 2018-04-12 02:22 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-08-14 20:12 - 2009-07-14 06:45 - 000033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-14 20:12 - 2009-07-14 06:45 - 000033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-14 20:03 - 2017-09-13 14:28 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Merm)
2018-08-12 20:07 - 2018-05-14 10:58 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-08-12 20:07 - 2018-04-12 02:27 - 000002940 _____ C:\Windows\System32\Tasks\{1806E023-2CC0-451E-A684-301D123E0705}
2018-08-12 20:07 - 2017-10-08 15:11 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-08-12 20:07 - 2017-09-04 17:49 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-12 20:07 - 2017-09-04 17:49 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-12 19:59 - 2017-09-06 01:03 - 000000000 ____D C:\Users\Merm\AppData\Local\CrashDumps
2018-08-11 05:47 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-08-11 05:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-08-11 05:39 - 2017-09-04 18:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-11 05:39 - 2017-09-04 18:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-10 19:33 - 2017-09-04 17:49 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 19:33 - 2017-09-04 17:49 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-02 08:06 - 2009-07-14 07:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-01 21:23 - 2017-09-04 19:49 - 000000000 ____D C:\Users\Merm\AppData\Roaming\TS3Client
2018-07-25 20:08 - 2017-09-06 13:25 - 000000000 ____D C:\ProgramData\IObit
2018-07-25 05:33 - 2018-04-06 03:37 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-07-25 05:33 - 2018-04-06 03:37 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-07-23 22:00 - 2017-09-04 18:13 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-18 23:06 - 2017-09-06 13:25 - 000001170 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-07-18 23:05 - 2017-11-09 05:33 - 023298224 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-07-18 23:05 - 2017-11-09 05:33 - 020323576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-07-18 23:05 - 2017-11-09 05:33 - 000505928 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-07-18 23:05 - 2017-11-09 05:32 - 015691144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-07-18 23:05 - 2017-11-09 05:32 - 004613600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-07-18 23:05 - 2017-11-09 05:32 - 004081440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-07-18 23:05 - 2017-09-04 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-18 23:05 - 2017-09-04 17:54 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-07-18 23:05 - 2017-09-04 17:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-18 23:05 - 2017-09-04 17:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-18 23:05 - 2017-09-04 17:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-18 23:04 - 2017-09-04 17:37 - 000118784 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2018-07-18 23:03 - 2017-11-09 06:01 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-07-18 23:03 - 2017-09-06 13:41 - 000000000 ____D C:\Windows\system32\DAX3
2018-07-18 23:03 - 2017-09-04 17:42 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-18 23:03 - 2017-09-04 17:42 - 000000000 ____D C:\Windows\system32\DAX2
2018-07-18 22:46 - 2017-09-06 13:27 - 000000000 ____D C:\ProgramData\ProductData
2018-07-18 22:46 - 2017-09-06 13:24 - 000000000 ____D C:\Users\Merm\AppData\Roaming\IObit
2018-07-17 19:54 - 2018-01-05 12:25 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-07-17 19:54 - 2017-11-14 19:35 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-07-17 19:54 - 2017-09-04 18:13 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-07-17 19:54 - 2017-09-04 18:12 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-07-17 19:54 - 2017-09-04 18:12 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-07-17 19:54 - 2017-09-04 18:12 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-07-17 19:54 - 2017-09-04 18:12 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-07-17 19:54 - 2017-09-04 18:12 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-07-17 19:54 - 2017-09-04 18:12 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-07-15 14:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======


Some files in TEMP:
====================
2017-11-17 09:18 - 2017-11-17 09:18 - 032922280 _____ (ArenaNet) C:\Users\Merm\AppData\Local\Temp\Gw2.exe
2018-05-08 21:43 - 2018-05-08 21:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-1010413858995765275.dll
2018-05-14 21:20 - 2018-05-14 21:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-1154549314514618286.dll
2018-05-14 20:59 - 2018-05-14 20:59 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-1259236505744015311.dll
2018-05-14 18:20 - 2018-05-14 18:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-1358881397049611187.dll
2018-05-14 21:21 - 2018-05-14 21:21 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-1536735778143263842.dll
2018-05-15 18:03 - 2018-05-15 18:03 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2426263256041759029.dll
2018-05-15 18:08 - 2018-05-15 18:08 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-255117942211454471.dll
2018-05-08 21:44 - 2018-05-08 21:44 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2636375222341690667.dll
2018-05-08 21:24 - 2018-05-08 21:24 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2709587303331189494.dll
2018-05-08 22:18 - 2018-05-08 22:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2719083996053686440.dll
2018-05-08 21:43 - 2018-05-08 21:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2806293159405911631.dll
2018-05-11 20:14 - 2018-05-11 20:14 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-2886331900028602234.dll
2018-05-15 18:04 - 2018-05-15 18:04 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-3014473539208731138.dll
2018-05-08 21:29 - 2018-05-08 21:29 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-3276822427436224992.dll
2018-05-14 21:03 - 2018-05-14 21:03 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4062900975833629440.dll
2018-05-10 18:49 - 2018-05-10 18:49 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-408153656019588170.dll
2018-05-15 19:08 - 2018-05-15 19:08 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4242451051887337289.dll
2018-05-11 20:15 - 2018-05-11 20:15 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4285905521138904607.dll
2018-05-08 22:18 - 2018-05-08 22:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4349492184721879503.dll
2018-05-10 18:49 - 2018-05-10 18:49 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4353597392211965797.dll
2018-05-18 19:09 - 2018-05-18 19:09 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4452523077630920028.dll
2018-05-15 19:25 - 2018-05-15 19:25 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4486548905620806741.dll
2018-05-08 22:27 - 2018-05-08 22:27 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-4831988306936289642.dll
2018-05-11 20:14 - 2018-05-11 20:14 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-5343995633319140236.dll
2018-05-15 19:08 - 2018-05-15 19:08 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-5731208821938229799.dll
2018-05-18 19:10 - 2018-05-18 19:10 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-5981092356337915945.dll
2018-05-08 22:20 - 2018-05-08 22:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-6167241470284965029.dll
2018-05-11 23:17 - 2018-05-11 23:17 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-6206765906579401729.dll
2018-05-15 18:03 - 2018-05-15 18:03 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-6510959734981595232.dll
2018-05-15 19:25 - 2018-05-15 19:25 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-6671471732549464737.dll
2018-05-08 22:18 - 2018-05-08 22:18 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-6736179751950499578.dll
2018-05-14 21:20 - 2018-05-14 21:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-7490570724543424433.dll
2018-05-10 17:56 - 2018-05-10 17:56 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-7516107550650225810.dll
2018-05-18 19:21 - 2018-05-18 19:21 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-7523623843682258702.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-7835455190256953549.dll
2018-05-14 18:20 - 2018-05-14 18:20 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-822435768636249452.dll
2018-05-08 22:18 - 2018-05-08 22:18 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8328492851971052956.dll
2018-05-10 17:55 - 2018-05-10 17:55 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8432692511811691162.dll
2018-05-08 21:29 - 2018-05-08 21:29 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8518629205124111686.dll
2018-05-14 18:30 - 2018-05-14 18:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8641727949040579797.dll
2018-05-15 18:08 - 2018-05-15 18:08 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8677787807858223391.dll
2018-05-08 22:20 - 2018-05-08 22:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-8766963517578448627.dll
2018-05-10 17:55 - 2018-05-10 17:55 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-9130340250464122263.dll
2018-05-08 22:32 - 2018-05-08 22:32 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-9134846494070635210.dll
2018-05-08 22:26 - 2018-05-08 22:26 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-9214539923676509363.dll
2018-05-14 21:09 - 2018-05-14 21:09 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Merm\AppData\Local\Temp\jansi-64-958423851215493311.dll
2010-01-11 10:54 - 2010-01-11 10:54 - 000149352 ____R (Microsoft Corporation) C:\Users\Merm\AppData\Local\Temp\ose00000.exe
2017-10-08 13:00 - 2017-10-08 13:00 - 001066336 _____ (Microsoft Corporation) C:\Users\Merm\AppData\Local\Temp\PidGenX.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-08 10:56

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:223.02 GB) (Free:64.44 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:698.87 GB) NTFS
\\?\Volume{0ea20eea-00ec-4df4-ba5f-c47041e2dd82}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

Available physical RAM: 12970.23 MB
Total physical RAM: 16336.94 MB
Percentage of memory in use: 20%

==================== MBR and Partition Table ==================

Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B7FE9059)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Merm\Desktop" je 164 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"D:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Bordel v PC

Napsal: 14 srp 2018 20:18
od Windi
Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Merm (14-08-2018 21:16:45)
Running from C:\Users\Merm\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-09-04 15:30:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3068495315-2313553650-1538864807-500 - Administrator - Disabled)
Guest (S-1-5-21-3068495315-2313553650-1538864807-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3068495315-2313553650-1538864807-1002 - Limited - Enabled)
Merm (S-1-5-21-3068495315-2313553650-1538864807-1000 - Administrator - Enabled) => C:\Users\Merm

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.100 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
Crusader Kings 2, версия 1.8.1.1 (HKLM-x32\...\{A75C2636-A74D-43DB-90DD-FAF498301199}_is1) (Version: 1.8.1.1 - Crusader Kings 2)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version: 1.25.0 - )
Europa.Universalis.IV.v1.22.0.Incl.Third.Rome.DLC.Repack verze 1.22.0 (HKLM-x32\...\{C3C65A35-CB28-4220-AEF7-946BD52D991D}}_is1) (Version: 1.22.0 - Ali213.net)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Grand Theft Auto IV version 1.0.7.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version: 1.0.7.0 - Mr DJ)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 1050 J410 series Nápověda (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.1 - PandoraTV)
MegaTrainer Ultimate version 1.4.8.1 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.4.8.1 - MegaDev)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
MultiPing (HKLM-x32\...\MultiPing) (Version: 1.0 - Nessoft, LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.2 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
Ovládací panel NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.0.1.18336 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{93fd0fda-44be-4ef3-9edd-7fad9f187032}) (Version: 3.0.1.18336 - Grinding Gear Games)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stellaris Apocalypse (HKLM-x32\...\Stellaris Apocalypse_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.9 - Tunngle.net GmbH)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XCom Long War EW Mod version 1.0 (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: 1.0 - JohnnyLump)
Základní software zařízení HP Deskjet 1050 J410 series (HKLM\...\{A3E36A5A-8306-42AD-8A0A-EB252823D987}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-17] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files\Notepad++\NppShell_06.dll [2017-11-27] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-17] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-17] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-17] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01918ACD-5C4B-40D8-8AD5-934C02B0085E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {307E6337-F02B-4EBA-B20B-66CC933DC916} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-22] (NVIDIA Corporation)
Task: {398C9F73-532B-466D-A056-CD71943F2D63} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {5E49E31F-7A3A-4F88-9662-737A699F80DC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-22] (NVIDIA Corporation)
Task: {668282F1-0B80-41F2-B623-D396D1D0A74E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-17] (AVAST Software)
Task: {6E70698D-04D1-4CDE-8475-950BDE3498F3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {738B77A8-36F9-4A0D-A29F-828B7672F5A8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {80EA8397-069D-428C-9C09-8309B279CCCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04] (Google Inc.)
Task: {8A2422BA-3DE0-46A4-9617-60C7FCFE7A67} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-13] (AVAST Software)
Task: {8D8AE40E-869C-482B-888B-9E087DEF3113} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {92504615-3DFF-4A3D-B7B3-3B68A9E5E68B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {A91287E2-C137-4DBF-A5A5-FED63279F279} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-22] (NVIDIA Corporation)
Task: {B55D7E29-241D-4304-A2EC-4251038A861B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-04] (Google Inc.)
Task: {D246A2E0-9E88-461E-B005-D74AF06FE038} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {D7433C2D-818A-4DF6-8CB2-C4C49C3580CE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-10-08] ()
Task: {DC9C774F-06AD-4F1B-A0CD-ED789AAA0C66} - System32\Tasks\Driver Booster SkipUAC (Merm) => D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {DF8CCD21-80B3-4E34-A42E-3E0BBD6A4116} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E1001D79-7160-4AD8-8641-4A447312F8A2} - System32\Tasks\{1806E023-2CC0-451E-A684-301D123E0705} => D:\Downloads\Warcraft-III-Setup (3).exe
Task: {E994338D-3921-4B10-9590-B2DBB4CFE538} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {FE611793-56EB-4819-95E2-CEB8A36577C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-11-27 02:36 - 2017-11-27 02:36 - 000230064 _____ () D:\Program Files\Notepad++\NppShell_06.dll
2018-08-10 19:33 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 19:33 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-14 19:57 - 2018-08-14 19:57 - 005654160 _____ () C:\Program Files\AVAST Software\Avast\defs\18081400\algo.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-13 15:15 - 2018-03-13 15:15 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-17 19:54 - 2018-07-17 19:54 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-08-07 01:09 - 2015-08-07 01:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Merm\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 81.19.33.2 - 81.19.34.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{D6105D14-9860-47AD-9E1E-3F1903AA0A11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DA803C99-1DF8-4AB5-8B3C-7A0FB3260FDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5E4F8E2B-95E1-46AC-B86C-372AF9BE032D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{20702155-EED7-43A7-B784-39FF702C1E6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{85B60742-1FAF-4805-9176-4D7196B64365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{308173A1-ACC6-41E0-AA9F-6263A2374CCA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91339751-9CB3-4EA9-97C9-2A7007483F31}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9EE63296-F746-490C-B858-8D0E8D96D174}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D4B7FC8C-6719-45C0-83AC-85F935D0CFCC}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe
FirewallRules: [{6D50C9C2-0DD1-473A-A192-88CDD020BD10}] => (Allow) C:\Users\Merm\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E74DB15D-9F64-4D72-9AD3-33E9AB1261CF}] => (Allow) C:\Users\Merm\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D76B79D5-04A9-4BDB-B3FF-5027031DABE8}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D56EEAD-7C4F-4F49-9F15-43D682D097DD}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1B854293-5437-47B8-A01A-6EA180BF6E19}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3F9ADC15-4132-4CF2-AFB4-DF1E2EAAD36E}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{66F9812D-67F3-40A8-A94C-D6C6FD58E254}D:\games\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{319A6876-9FB6-4C7A-9647-8646218C246C}D:\games\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
FirewallRules: [{AECF8427-4362-46E4-BB99-4FE9039700B8}] => (Allow) D:\Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{7B39764F-03DC-4783-9789-FB04EF93F816}] => (Allow) D:\Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{9501EB46-EC15-4A55-BFAE-831CE35BE0A2}D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{4964412F-BAB1-4E48-BE01-BCBDA0ECE369}D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{B10FB39E-21BA-4E8D-8A2F-7DF82AA4E1ED}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{502D04BF-6F1A-4CB4-B8BA-C7D7DCBD77F8}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe
FirewallRules: [{270276FE-9DBE-4889-B3BE-9559DCC39E04}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{6932EE32-071D-4D9C-B327-90EB4D9CCB63}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{2A43DF8D-3B91-4651-9080-69E58C66413D}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{2D8B3481-A5F1-4DD0-B010-431E760816AD}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{C855F517-D751-4344-9FF1-1122F72C4491}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{D242BEA5-0E7C-42BA-B87A-0BA98F8588C9}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [TCP Query User{576A581B-3922-4F09-9B0E-5C787AD94D35}D:\games\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A71B696-7ABB-4D80-BFB8-1193FDF4DB3D}D:\games\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base57062\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3E77134A-DCBE-4883-AEB7-DCB2DB7A0A83}D:\games\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4DF185E5-99EF-4349-90CA-AE4D87C6F861}D:\games\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base57286\heroesofthestorm_x64.exe
FirewallRules: [{28A3A868-5C26-4487-8042-141ECB50A83F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{B277A54C-7282-4791-8496-83A332F61365}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [TCP Query User{69F1AC14-2242-4463-B101-6E816E7B16A1}D:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [UDP Query User{FB6A74BE-7FEC-48E8-8B72-997937FB6911}D:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [{0DEDFD80-6F4E-42A4-A2FC-20D93386E756}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Natural Selection 2\NS2.exe
FirewallRules: [{C7878C0C-894C-4AD9-9B7C-75F64B881E9E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Natural Selection 2\NS2.exe
FirewallRules: [{CF6A8C6C-786A-4E44-866B-26BC0F402381}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{4CD5BEAA-870F-4AFA-85F4-C14DEC43A544}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{71BAC5BA-81A8-41FD-A4FE-4301F47F37CA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{259A2841-3AD2-4827-A553-65FB2A1EAA35}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [TCP Query User{D1F97B1C-327F-41C8-8833-C090E94656FE}D:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{2E472F56-8247-4644-BF55-1E79670C3BE1}D:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [TCP Query User{08DE0B7D-16F7-4E1B-9444-AD3606FC9458}D:\games\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A25A07B5-7191-4FA6-B9D7-4EA6A416EDBF}D:\games\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base58623\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A20CC180-C081-415F-9CBB-945FD36A74F6}D:\program files (x86)\steam\steamapps\common\sven co-op\svencoop.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sven co-op\svencoop.exe
FirewallRules: [UDP Query User{6746B8A4-91E3-4117-B1AB-E7916BFA6371}D:\program files (x86)\steam\steamapps\common\sven co-op\svencoop.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sven co-op\svencoop.exe
FirewallRules: [{3A4EB8F2-FC31-4274-823C-2EE68D77E45F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{B561F1A7-FCF2-4C0A-A8D2-F9F0907ECAAE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{DDF857CB-D978-4326-B314-E91D06C912A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [{BA39509E-417A-4E61-8355-4DF7ECB66BC7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe
FirewallRules: [TCP Query User{946E629C-5E01-4AB8-BC60-000AB75D793F}D:\games\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{35DCA50D-0633-4C45-8C69-0CDC5680F287}D:\games\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F64C3D68-B531-49B7-82D7-27505F2311AE}D:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{6718D089-EB78-43C3-96A9-1372DE28E656}D:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{75A45795-B06C-4C78-8575-7CCD2725D35E}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{A74F668F-F480-440B-AA9E-2711FE54280C}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{C1C7393E-4319-4AE7-8FDD-C7150130063A}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{28C05954-726D-4FBF-8014-5549E8C46E20}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{1DD94006-3E83-47A4-B600-BC938E8FA5F1}D:\games\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A881A4F3-E351-4963-9702-452FEE3C0BDB}D:\games\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59239\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CE3DAE8A-E61C-4604-9B88-ABD372974E07}D:\games\heroes of the storm\versions\base59657\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59657\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5B2D1AE7-BD47-451E-9192-F5B4658B8935}D:\games\heroes of the storm\versions\base59657\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59657\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{587FB730-C4A2-42D8-863F-2F69B99C4656}D:\games\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [UDP Query User{340E3B2C-83D2-49A9-851B-04CD10DBD3D5}D:\games\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [TCP Query User{CEF95A0B-3BDC-43ED-AAA0-18891015D1B8}D:\program files (x86)\steam\steamapps\common\natural selection 2\x64\ns2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\natural selection 2\x64\ns2.exe
FirewallRules: [UDP Query User{1EFBF151-4F9E-441E-A75A-5FC24059B3EA}D:\program files (x86)\steam\steamapps\common\natural selection 2\x64\ns2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\natural selection 2\x64\ns2.exe
FirewallRules: [TCP Query User{E8131330-93F0-480A-8C70-1545482862D9}D:\games\heroes of the storm\versions\base59799\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59799\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{81AED6A3-BCD6-4C62-8B8A-1A121992627C}D:\games\heroes of the storm\versions\base59799\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59799\heroesofthestorm_x64.exe
FirewallRules: [{60FDE553-C348-4A84-AAE1-471985D60977}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{1DCBDB76-F71E-43BC-9054-F68DAE9C88A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thea The Awakening\Thea.exe
FirewallRules: [{92CED1FC-020B-4429-B911-C9CDE5D169A5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe
FirewallRules: [{46A31FC2-BB10-4768-9C36-7096A41365EF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe
FirewallRules: [TCP Query User{B2D51641-EC89-4BE7-BB7D-DF9A64147759}D:\games\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{046FB7E7-C03F-4C95-90A3-69249F7E1270}D:\games\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base59988\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{54321714-D94A-4F55-9BF7-81732DFD596F}D:\games\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{251F994C-3118-4275-A202-1E9C2138725B}D:\games\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60522\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4BEE0CBF-3547-4AE1-B650-AB0DE6AD938C}D:\games\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F5C8AF8F-379D-4AB5-9321-AF00F78BBD3E}D:\games\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60632\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{BF59FE1A-F9CB-409B-A2F4-EABE677EB116}D:\games\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AA05AB07-254F-4D3C-B92F-0453886C9FC3}D:\games\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base60821\heroesofthestorm_x64.exe
FirewallRules: [{B5DD8BF5-9D84-4869-ABC3-31B11F00DC72}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{ECA06538-4F82-4CED-AE6E-55DF3D35F6A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{F4DB6A23-7748-4309-8B48-D12F30DAE3C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A1470CFE-BD4B-452B-B82E-C0C529FEBC40}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{7E34EB1D-F958-4D77-A877-95E65026E717}D:\games\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ACC513BA-87F8-4066-9A1C-305F49E100E4}D:\games\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61129\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3FDA4362-112C-4A3C-9688-40AD20D0C504}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2BFE2F30-268F-49A6-8D23-A13EBBAD156E}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{642DB5C8-9392-4599-B8E7-4188A0ECAEA3}D:\games\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{862B561E-5104-439B-A6F4-76F22B8290AC}D:\games\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61361\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D672577E-8ACB-4873-9088-39A671A0786C}D:\games\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B5359EC1-D875-4C32-8E81-8F3A7E3099EE}D:\games\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61552\heroesofthestorm_x64.exe
FirewallRules: [{E56D672C-DB45-4782-AD9A-D1536CFDA7A5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{A49B8DC7-4528-4D3D-B538-D5049DFD6949}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{F78F74EB-E5A5-4744-9383-AFBC6223F950}D:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{7A1C6891-0E22-44FA-B6AF-8719561BE9BB}D:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{C6D86F23-5B6D-475F-896C-5279269C114F}D:\games\heroes of the storm\versions\base61952\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61952\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{175ACAB2-E066-47E6-8287-8D53489895AE}D:\games\heroes of the storm\versions\base61952\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base61952\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{50E0A064-1B5B-4609-BA08-6D685735EA71}D:\games\heroes of the storm\versions\base62119\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62119\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{272E3B03-255E-44AC-A564-2D2E322D2B63}D:\games\heroes of the storm\versions\base62119\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62119\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{8F07C000-822B-41CA-AC51-45516CA2B6F1}D:\games\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5C1EC5CD-403F-4C1F-A2FA-08A810A26C70}D:\games\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62212\heroesofthestorm_x64.exe
FirewallRules: [{BC4D5F56-7541-4949-9FF8-2D75BF6016A3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [{FF11E12A-5CBD-4EDD-8F8D-D660DF746415}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [TCP Query User{6EF4FB7F-62CA-4234-99B8-F3ED40250C0C}D:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) D:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game
FirewallRules: [UDP Query User{0FAC6400-5F92-4029-B0C6-F2A2C817DBA3}D:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) D:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game
FirewallRules: [TCP Query User{80731C82-00FF-4DA2-AC59-C088ADEA0BD5}D:\games\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{85B40A12-9479-4198-ADC0-A805B910F74F}D:\games\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base62424\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3BDEB5D4-F5A8-42C5-876D-88F40B741A6B}D:\whatever\cd\warcraft\warcraft\war3.exe] => (Allow) D:\whatever\cd\warcraft\warcraft\war3.exe
FirewallRules: [UDP Query User{5CDBA326-CA04-47EE-9C14-0D64E1109202}D:\whatever\cd\warcraft\warcraft\war3.exe] => (Allow) D:\whatever\cd\warcraft\warcraft\war3.exe
FirewallRules: [TCP Query User{7DBF7761-70EF-4EB7-958D-EE6597E9DB73}D:\whatever\cd\warcraft\warcraft\warcraft iii.exe] => (Allow) D:\whatever\cd\warcraft\warcraft\warcraft iii.exe
FirewallRules: [UDP Query User{1B07977A-070F-4819-8461-209EB08F8662}D:\whatever\cd\warcraft\warcraft\warcraft iii.exe] => (Allow) D:\whatever\cd\warcraft\warcraft\warcraft iii.exe
FirewallRules: [{30FA7A7E-558F-4700-90A0-73F7A56D9159}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [{15257F56-2781-439E-AC21-689F60BC8854}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thea The Awakening\MP\TheaMP.exe
FirewallRules: [TCP Query User{66902743-35E4-40A9-A1B1-38823333119C}D:\games\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7681D07C-74F6-4E2D-8CCC-F9D2CBF40F0D}D:\games\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base63635\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{88182815-3DAF-4269-8FA7-123860A93429}D:\games\warcraft iii\warcraft iii.exe] => (Allow) D:\games\warcraft iii\warcraft iii.exe
FirewallRules: [UDP Query User{36958857-4529-4926-B45A-EECAF2391FC9}D:\games\warcraft iii\warcraft iii.exe] => (Allow) D:\games\warcraft iii\warcraft iii.exe
FirewallRules: [{E18F46C4-CDC9-4F65-A872-A8A9D96FF443}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{266022B5-B606-42B8-9F27-D22BE60C88E8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{E40C1F5F-7D78-497D-9646-8E16FB37B2F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{C46D0F27-63E0-43CE-B6EF-27EEB2845471}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A5ECB548-33E5-493F-A1D6-C08250FF9841}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe
FirewallRules: [{3A2561AB-44A5-4726-95E0-204621507902}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe
FirewallRules: [TCP Query User{474D8195-8A28-4F6C-8D8B-0BB415109A7B}C:\program files (x86)\common files\oracle\java\javapath_target_31836543\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_31836543\java.exe
FirewallRules: [UDP Query User{546A282D-B815-4491-BE07-0DC891F4BB2D}C:\program files (x86)\common files\oracle\java\javapath_target_31836543\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_31836543\java.exe
FirewallRules: [TCP Query User{21ACAA9B-0C3F-4877-8F9B-3446243D6175}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{E85CC8B4-8E65-441A-80B2-3DE2E492B26C}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D7EBC8DA-55F4-4DA4-848C-DBB80CAD4CF4}] => (Allow) LPort=25565
FirewallRules: [{DB73CA35-DDC0-4264-830E-C74BA0471133}] => (Allow) LPort=25565
FirewallRules: [{66739122-9100-4864-817D-5A662A2C62CC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{7B378B52-C55D-4B18-95DF-70C1BBFD5F00}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{4EA0D9FE-FB2B-479A-B973-EEF778072B6F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{81789CA9-170A-4900-AA28-5CCC2D636BC9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{74355DB9-3F5C-4245-8556-D6198F65A6B0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FB62C05F-DD07-4872-9DFC-23C47B2D4017}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{07F5CBAB-5F37-43AC-9C43-B1157D42DF6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{6E5FBC37-5A5E-4245-967A-D8A5CC1F4F48}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{4929167B-65B5-4A7E-BDB4-B361A36C9C3D}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{1BBC7469-C983-42CF-A310-2FBF394DB4B7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{D606B10E-1B63-498D-A73D-563BDF505212}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B32743F0-A4AC-4C5F-B155-05AA1AE63200}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{0FD1C913-F5B4-4727-A408-1B28D74B2EA3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2D3AAD01-E63F-4CE0-8003-8F6028E24508}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{13077706-A8DC-4184-BF73-CF2EE0B6AE6E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{8C648D62-AEA2-4465-A371-73030D073876}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{029091A3-5DEA-4321-8AEF-B709E3861F09}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [TCP Query User{8C5D110E-DBA3-44E8-B3F2-3C6F48F041FF}D:\program files (x86)\steam\steamapps\common\wolcen\win_x64\wolcen.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\wolcen\win_x64\wolcen.exe
FirewallRules: [UDP Query User{95C4142C-3940-4EFC-A0A7-9F681660A7CB}D:\program files (x86)\steam\steamapps\common\wolcen\win_x64\wolcen.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\wolcen\win_x64\wolcen.exe
FirewallRules: [TCP Query User{316D43C9-9478-42D6-B3F1-D09E5FC22806}D:\games\heroes of the storm\versions\base65846\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base65846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D47C865E-0A3E-484D-8824-05131865F424}D:\games\heroes of the storm\versions\base65846\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base65846\heroesofthestorm_x64.exe
FirewallRules: [{83BC747A-EE22-4507-A54B-CE2A41D69021}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{382D1FBB-E830-4636-B999-2F573BEBE971}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{CB18BE35-3445-4A84-8CC7-589DF140AB7A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{FAC3BD82-2E35-4D12-B361-C8834AEC0D08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{BD12C662-D615-444C-AF8F-DC1A682BD25F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{D9177F28-0F92-4E5A-83E1-66AFA7924A6C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [TCP Query User{678E07EC-A358-4CD8-8671-B5A35C13703E}D:\games\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3F3D9FA8-4E93-4AFF-90D1-52E7F9F15A2B}D:\games\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0F93D101-1B85-43F5-BA96-B10BC293825E}D:\games\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{727D838E-A22A-4525-9563-483151BBD0DE}D:\games\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [{89BEAFA1-74DC-49F9-8CF0-561EF7E985F7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F5FD41B8-C534-480E-8C0B-DF507508744C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{3A145C2C-8D09-492C-816D-A64B97505C85}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2020D703-978A-4A95-81DF-7B4F7BFFA559}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe
FirewallRules: [TCP Query User{E812864B-EB24-481E-A006-8DCE191820CE}C:\quick games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\quick games\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{F99DD956-CD51-4504-BB6D-8C955642FBAE}C:\quick games\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\quick games\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [{DBF010B6-17D1-48FA-9530-BF4AEC0EF594}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{0033E51F-32EF-4C4A-8432-6670AA9B4DA8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{648964FA-8941-4C4C-A189-97EC023D37F0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{E6139E14-6E0C-4A0D-9605-776B019FD2EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{6ECB9205-D8FC-4687-99D8-710C4B0BB9C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{B65087DF-0240-431E-AFD8-D3425A34D86F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

18-07-2018 23:01:05 Driver Booster : Intel(R) 100 Series/C230 Chipset Family SATA AHCI Controller
08-08-2018 11:03:00 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: ASMedia USB Root Hub
Description: ASMedia USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2018 09:04:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/14/2018 08:41:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/14/2018 08:08:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/14/2018 07:57:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/13/2018 09:41:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/13/2018 08:41:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/13/2018 08:24:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/13/2018 08:14:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (08/14/2018 09:04:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (08/14/2018 09:03:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/14/2018 09:03:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2018 09:03:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (08/14/2018 09:03:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/14/2018 09:03:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2018 07:57:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (08/13/2018 10:06:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16336.94 MB
Available physical RAM: 12970.23 MB
Total Virtual: 32672.04 MB
Available Virtual: 28633.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.02 GB) (Free:64.44 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:698.87 GB) NTFS

\\?\Volume{0ea20eea-00ec-4df4-ba5f-c47041e2dd82}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B7FE9059)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Bordel v PC

Napsal: 14 srp 2018 21:03
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\Program Files (x86)\Revora
File: C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
File: D:\Program Files (x86)\Tunngle\TnglCtrl.exe 
CMD: echo %PATH%

HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\...\MountPoints2: {3ff902b2-a334-11e7-9703-d8cb8ac644e2} - E:\setup.exe
IFEO\CNC3.exe: [Debugger] 
IFEO\CNC3EP1.exe: [Debugger] 
IFEO\generals.exe: [Debugger] 
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
GroupPolicy: Restriction ? <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps://www.google.com/"
2018-08-14 21:12 - 2018-08-14 21:12 - 000112640 _____ (forum.viry.cz) C:\Users\Merm\Desktop\FRSTLauncher.exe
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\rsit
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 21:47 - 2018-08-14 19:57 - 000000000 ____D C:\ProgramData\McAfee
2018-08-14 20:03 - 2017-09-13 14:28 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Merm)
2018-07-25 20:08 - 2017-09-06 13:25 - 000000000 ____D C:\ProgramData\IObit
2018-07-18 23:06 - 2017-09-06 13:25 - 000001170 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-07-18 22:46 - 2017-09-06 13:24 - 000000000 ____D C:\Users\Merm\AppData\Roaming\IObit

Task: {D7433C2D-818A-4DF6-8CB2-C4C49C3580CE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-10-08] ()
Task: {DC9C774F-06AD-4F1B-A0CD-ED789AAA0C66} - System32\Tasks\Driver Booster SkipUAC (Merm) => D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {E1001D79-7160-4AD8-8641-4A447312F8A2} - System32\Tasks\{1806E023-2CC0-451E-A684-301D123E0705} => D:\Downloads\Warcraft-III-Setup (3).exe
FirewallRules: [{270276FE-9DBE-4889-B3BE-9559DCC39E04}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{6932EE32-071D-4D9C-B327-90EB4D9CCB63}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{2A43DF8D-3B91-4651-9080-69E58C66413D}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{2D8B3481-A5F1-4DD0-B010-431E760816AD}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{C855F517-D751-4344-9FF1-1122F72C4491}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{D242BEA5-0E7C-42BA-B87A-0BA98F8588C9}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe

C:\Windows\AutoKMS\AutoKMS.exe
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Merm\AppData\Roaming\IObit
C:\Users\Merm\AppData\LocalLow\IObit
C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Bordel v PC

Napsal: 14 srp 2018 21:17
od Windi
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Merm (14-08-2018 22:09:49) Run:1
Running from C:\Users\Merm\Desktop
Loaded Profiles: Merm (Available Profiles: Merm)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\Program Files (x86)\Revora
File: C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
File: D:\Program Files (x86)\Tunngle\TnglCtrl.exe
CMD: echo %PATH%

HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\...\MountPoints2: {3ff902b2-a334-11e7-9703-d8cb8ac644e2} - E:\setup.exe
IFEO\CNC3.exe: [Debugger]
IFEO\CNC3EP1.exe: [Debugger]
IFEO\generals.exe: [Debugger]
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
GroupPolicy: Restriction ? <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... oogle.com/"
2018-08-14 21:12 - 2018-08-14 21:12 - 000112640 _____ (forum.viry.cz) C:\Users\Merm\Desktop\FRSTLauncher.exe
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\rsit
2018-08-14 20:02 - 2018-08-14 20:02 - 000000000 ____D C:\Program Files\trend micro
2018-08-13 21:47 - 2018-08-14 19:57 - 000000000 ____D C:\ProgramData\McAfee
2018-08-14 20:03 - 2017-09-13 14:28 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Merm)
2018-07-25 20:08 - 2017-09-06 13:25 - 000000000 ____D C:\ProgramData\IObit
2018-07-18 23:06 - 2017-09-06 13:25 - 000001170 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-07-18 22:46 - 2017-09-06 13:24 - 000000000 ____D C:\Users\Merm\AppData\Roaming\IObit

Task: {D7433C2D-818A-4DF6-8CB2-C4C49C3580CE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-10-08] ()
Task: {DC9C774F-06AD-4F1B-A0CD-ED789AAA0C66} - System32\Tasks\Driver Booster SkipUAC (Merm) => D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {E1001D79-7160-4AD8-8641-4A447312F8A2} - System32\Tasks\{1806E023-2CC0-451E-A684-301D123E0705} => D:\Downloads\Warcraft-III-Setup (3).exe
FirewallRules: [{270276FE-9DBE-4889-B3BE-9559DCC39E04}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{6932EE32-071D-4D9C-B327-90EB4D9CCB63}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{2A43DF8D-3B91-4651-9080-69E58C66413D}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{2D8B3481-A5F1-4DD0-B010-431E760816AD}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{C855F517-D751-4344-9FF1-1122F72C4491}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{D242BEA5-0E7C-42BA-B87A-0BA98F8588C9}] => (Allow) D:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe

C:\Windows\AutoKMS\AutoKMS.exe
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Merm\AppData\Roaming\IObit
C:\Users\Merm\AppData\LocalLow\IObit
C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= Folder: C:\Program Files (x86)\Revora ========================

2018-02-16 19:25 - 2018-02-16 19:25 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Revora\CNCOnline
2014-12-29 20:06 - 2014-12-29 20:06 - 000016896 ____A [1BD5176B69ED63B53799205E68BF3045] (Revora) C:\Program Files (x86)\Revora\CNCOnline\cnconline.dll
2014-12-29 20:06 - 2014-12-29 20:06 - 000972800 ____A [CC6F1C5A22FBB82B008BCD3CE8714211] (Revora) C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
2009-03-07 14:02 - 2009-03-07 14:02 - 000098304 ____A [86A7B1535194628A2B5859AED61EF0F8] () C:\Program Files (x86)\Revora\CNCOnline\EasyHook32.dll
2014-12-29 20:06 - 2014-12-29 20:06 - 000008192 ____A [ACA97D44C992EAF3C2FA2ED6C4CC713A] (Revora) C:\Program Files (x86)\Revora\CNCOnline\EReg.exe
2014-12-29 20:06 - 2014-12-29 20:06 - 000014336 ____A [A3930404F315F483AFE94B01EF1C8607] (Revora) C:\Program Files (x86)\Revora\CNCOnline\ifeo.exe
2014-04-20 19:25 - 2014-04-20 19:25 - 000535008 ____A [3E29914113EC4B968BA5EB1F6D194A0A] (Microsoft Corporation) C:\Program Files (x86)\Revora\CNCOnline\msvcp110.dll
2014-04-20 19:25 - 2014-04-20 19:25 - 000875472 ____A [4BA25D2CBE1587A841DCFB8C8C4A6EA6] (Microsoft Corporation) C:\Program Files (x86)\Revora\CNCOnline\msvcr110.dll
2013-09-12 17:12 - 2013-09-12 17:12 - 000943616 ____A [E796C2EC3D27460629759CD618EA0A48] (winsparkle.org) C:\Program Files (x86)\Revora\CNCOnline\WinSparkle.dll

====== End of Folder: ======


========================= File: C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe ========================

C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
File not signed
MD5: CC6F1C5A22FBB82B008BCD3CE8714211
Creation and modification date: 2014-12-29 20:06 - 2014-12-29 20:06
Size: 000972800
Attributes: ----A
Company Name: Revora
Internal Name: cnconline
Original Name: cnconline.exe
Product: C&C:Online
Description: C&C:Online Launcher
File Version: 2.0.7
Product Version: 2.0.7
Copyright: Copyright (C) 2014 Philippe Baumann
VirusTotal: https://www.virustotal.com/file/8d15f2c ... 523918712/

====== End of File: ======


========================= File: D:\Program Files (x86)\Tunngle\TnglCtrl.exe ========================

D:\Program Files (x86)\Tunngle\TnglCtrl.exe
File not signed
MD5: BA48236FFCFF9E9905D76EC041C336A0
Creation and modification date: 2017-03-14 18:45 - 2017-06-30 14:07
Size: 000873968
Attributes: ----A
Company Name: Tunngle.net GmbH
Internal Name: TunngleService
Original Name: TnglCtrl.exe
Product: Tunngle Network Service
Description: Tunngle Service
File Version: 5.8.9.0
Product Version: Release
Copyright: Copyright © Tunngle.net GmbH. All rights reserved.
VirusTotal: https://www.virustotal.com/file/d8ab8b6 ... 533654076/

====== End of File: ======


========= echo %PATH% =========

C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common

========= End of CMD: =========

"HKU\S-1-5-21-3068495315-2313553650-1538864807-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ff902b2-a334-11e7-9703-d8cb8ac644e2}" => removed successfully
HKLM\Software\Classes\CLSID\{3ff902b2-a334-11e7-9703-d8cb8ac644e2} => not found
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CNC3.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CNC3EP1.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\generals.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RA3.exe" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"Chrome StartupUrls" => removed successfully
C:\Users\Merm\Desktop\FRSTLauncher.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Merm) => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Users\Public\Desktop\Driver Booster 4.lnk => moved successfully
C:\Users\Merm\AppData\Roaming\IObit => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D7433C2D-818A-4DF6-8CB2-C4C49C3580CE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7433C2D-818A-4DF6-8CB2-C4C49C3580CE}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC9C774F-06AD-4F1B-A0CD-ED789AAA0C66}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC9C774F-06AD-4F1B-A0CD-ED789AAA0C66}" => removed successfully
"C:\Windows\System32\Tasks\Driver Booster SkipUAC (Merm)" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Merm)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1001D79-7160-4AD8-8641-4A447312F8A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1001D79-7160-4AD8-8641-4A447312F8A2}" => removed successfully
C:\Windows\System32\Tasks\{1806E023-2CC0-451E-A684-301D123E0705} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1806E023-2CC0-451E-A684-301D123E0705}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{270276FE-9DBE-4889-B3BE-9559DCC39E04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6932EE32-071D-4D9C-B327-90EB4D9CCB63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A43DF8D-3B91-4651-9080-69E58C66413D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D8B3481-A5F1-4DD0-B010-431E760816AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C855F517-D751-4344-9FF1-1122F72C4491}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D242BEA5-0E7C-42BA-B87A-0BA98F8588C9}" => removed successfully
C:\Windows\AutoKMS\AutoKMS.exe => moved successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
C:\ProgramData\ProductData => moved successfully
"C:\Users\Merm\AppData\Roaming\IObit" => not found
C:\Users\Merm\AppData\LocalLow\IObit => moved successfully

=========== "C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Merm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78675010 B
Java, Flash, Steam htmlcache => 350680635 B
Windows/system/drivers => 167756220 B
Edge => 0 B
Chrome => 818662238 B
Firefox => 49178507 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
Merm => 1413582657 B

RecycleBin => 3796698736 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:10:38 ====

Re: Bordel v PC

Napsal: 15 srp 2018 00:13
od Conder
:arrow: Poznas tieto subory?
C:\Users\Merm\Desktop\2050 227.mws
C:\Users\Merm\Desktop\2050 227
C:\Users\Merm\Desktop\227 2050.mp

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
Folder: C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Pockaj na dokoncenie
  • Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Re: Bordel v PC

Napsal: 15 srp 2018 18:18
od Windi
Conder píše::arrow: Poznas tieto subory?
C:\Users\Merm\Desktop\2050 227.mws
C:\Users\Merm\Desktop\2050 227
C:\Users\Merm\Desktop\227 2050.mp

Ano, to jsou soubory, které jsem vyrobil multipingem.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Merm (15-08-2018 19:18:13) Run:2
Running from C:\Users\Merm\Desktop
Loaded Profiles: Merm (Available Profiles: Merm)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Folder: C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
End
*****************


========================= Folder: C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4 ========================

2018-08-13 21:49 - 2018-08-13 21:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache
2018-08-13 21:49 - 2018-08-13 21:49 - 000008192 ____A [CF89D16BB9107C631DAABF0C0EE58EFB] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache\data_0
2018-08-13 21:49 - 2018-08-13 21:49 - 000270336 ____A [D0D388F3865D0523E451D6BA0BE34CC4] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache\data_1
2018-08-13 21:49 - 2018-08-13 21:49 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache\data_2
2018-08-13 21:49 - 2018-08-13 21:49 - 000008192 ____A [41876349CB12D6DB992F1309F22DF3F0] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache\data_3
2018-08-13 21:49 - 2018-08-13 21:49 - 000262512 ____A [6B9D299557CD813E287061751FF5444B] () C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4\GPUCache\index

====== End of Folder: ======


==== End of Fixlog 19:18:13 ====

Re: Bordel v PC

Napsal: 15 srp 2018 20:30
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Bordel v PC

Napsal: 15 srp 2018 21:22
od Windi
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Merm (15-08-2018 22:20:39) Run:3
Running from C:\Users\Merm\Desktop
Loaded Profiles: Merm (Available Profiles: Merm)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\Merm\AppData\Roaming\facebook-nativefier-1252c4 => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18729443 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 11156584 B
Edge => 0 B
Chrome => 388436629 B
Firefox => 44755701 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Merm => 13845754 B

RecycleBin => 0 B
EmptyTemp: => 462.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:20:56 ====

Re: Bordel v PC

Napsal: 15 srp 2018 21:49
od Conder
:arrow: Vyzera to uz OK. Su este nejake problemy s PC?

:arrow: Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

Re: Bordel v PC

Napsal: 16 srp 2018 05:58
od Windi
Vypadá to okay. :thumbsup:
Moc děkuji za pomoc. Skvělá práce :guitar:

Re: Bordel v PC

Napsal: 16 srp 2018 16:00
od Conder
Nie je zaco, rad som pomohol :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz