stále se instalující driver

Zpráva

Hynek88 · #1 Příspěvek od **Hynek88** » 15 čer 2020 16:59

Dobrý den,

chtěl jsem opravit nefungující mechaniku (nečte disky) updatem driveru a ten se stále, po zapnutí pc, instaluje,

(podezření na vir)

díky za rady!

#2 Příspěvek od **Rudy** » 15 čer 2020 17:51

Zdravím!
Nějak nechápu. U CD/DVD mechanik je brán driver ze systému. Nevím, proč jste updatoval a odkud.

Hynek88 · #3 Příspěvek od **Hynek88** » 15 čer 2020 18:13

chtěl sem asi po 5ti letech vypálit filmy na dvd a mechanika mně nic nečetla, tak sem zkusil toto

https://www.firmwarehq.com/Samsung/SH-222BB/files.html

a teďka mi to furt při každým zapnutí pc instaluje... tak bych to chtěl někde vypnout, popř. asi sem si nezaviroval pc...

#4 Příspěvek od **Rudy** » 15 čer 2020 18:59

Tohle na virus nevypadá, ten obvykle nereguje na ovladače. Spíše potřebuji vědět (ze správce zařízení), zda se driver korektně nainstaluje. Pokud by tomu tak nebylo je to normální stav. Pro jistotu dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Hynek88 · #5 Příspěvek od **Hynek88** » 17 čer 2020 16:11

tak v zařízeních ovladač pracuje správně, po restartu se už nic nehledá, neinstaluje (dal sem pro jistotu obnovu)

leč mechanika mně stejně nebere žádnej disk, je pryč?

logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by ROCOR (administrator) on ROCOR-PC (17-06-2020 17:06:20)
Running from C:\Users\ROCOR\Desktop
Loaded Profiles: ROCOR
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\runservice.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler64.exe
(CMedia) [File not signed] C:\Program Files\ASUS Xonar Essence ST Audio\Customapp\AsusAudioCenter.exe
(Fujitsu) [File not signed] C:\Program Files (x86)\Fujitsu Mouse\Driverap4.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Learsy) [File not signed] C:\Program Files (x86)\MuralPix\MpAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(SOKNO S.R.L. -> Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\Syswow64\cmicnfgp.dll [8761344 2010-09-16] (C-Media Corporation) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [MuralPixAgent] => C:\Program Files (x86)\MuralPix\MpAgent.exe [102400 2006-12-30] (Learsy) [File not signed]
HKLM-x32\...\Run: [Fujitsu Mouse] => C:\Program Files (x86)\Fujitsu Mouse\DriverSt.exe [184393 2012-08-21] () [File not signed]
HKU\S-1-5-21-866583909-2925738967-381583198-1000\...\Run: [Steam] => D:\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-866583909-2925738967-381583198-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MuralPix.scr [106496 2006-12-30] (Learsy) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\83.1.10.90\Installer\chrmstp.exe [2020-06-15] (Brave Software, Inc.) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09C353F6-01D4-41C9-B3B6-F7A1A069A282} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {0A380E3D-AD01-42D3-B72C-07E470C40B2E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [739624 2018-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {0FABE276-B12D-428D-B1F8-4A1415262EA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd -> Piriform Ltd)
Task: {2904E714-31BF-4B88-AA18-BCA0372A0C40} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B1E36BE-D40A-45D1-8562-CA242D0E27B5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2BE51671-E7FC-4E77-8596-BCE3FD80AC6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2D595300-19D5-4CB1-86BA-E069644D27D7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EE432CA-897E-4C27-A552-874EE475A1B9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2FADC581-E79B-42E9-B79E-51CFC3D28BFE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D465517-34C9-4BD6-932A-0461DD6C7D6C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D89A8B1-7D28-422A-AF12-D2BBEAD20C7F} - System32\Tasks\{ABE3759C-C482-43D3-9640-6968B5CBEE31} => C:\Users\ROCOR\Desktop\RSITx64.exe
Task: {511BF242-FD8F-4018-80C5-3772F40E1041} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A71348C-3354-4645-BFC8-FA32232C0853} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {84E8493E-D464-4664-8FCA-0713C8C60586} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {8D91904F-2C9B-4B49-85FC-7A62D0B502C2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EF9D0AC-9834-4B60-8895-903B9D36704B} - System32\Tasks\AsrXTU => C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
Task: {B1B3188F-01E9-4D74-A6A5-03EB806FA9B8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C20356DD-ED25-4FF2-BD59-400164377777} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAD967C3-43B3-42F9-9D8C-FE47FEDD878D} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
Task: {DEA7FA0C-757A-4D6E-A1AE-59A591B1013F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 172.21.1.1 172.21.1.2
Tcpip\..\Interfaces\{5D68AF5B-E0C1-4DEB-9DFF-C6D54AEF83C0}: [DhcpNameServer] 192.168.5.1 172.21.1.1 172.21.1.2

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-866583909-2925738967-381583198-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: 25fgo6rt.default-1534754876091
FF ProfilePath: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release [2020-06-17]
FF DownloadDir: D:\MOVIES
FF Homepage: Mozilla\Firefox\Profiles\jpkynbbs.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jpkynbbs.default-release -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\jpkynbbs.default-release -> type", 0
FF Extension: (Český slovník pro kontrolu pravopisu (bez diakritiky)) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\cs2@dictionaries.addons.mozilla.org [2019-07-15] [Legacy]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\cs@dictionaries.addons.mozilla.org [2019-07-15] [Legacy]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\elemhidehelper@adblockplus.org.xpi [2016-11-14] [Legacy]
FF Extension: (ImageBlock) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\imageblock@hemantvats.com.xpi [2016-04-04] [Legacy]
FF Extension: (NASA Night Launch) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\nasanightlaunch@example.com.xpi [2016-11-14] [Legacy]
FF Extension: (Flagfox) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2) [2019-07-15] [Legacy] [not signed]
FF Extension: (Flagfox) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(3) [2019-07-15] [Legacy] [not signed]
FF Extension: (Flagfox) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-11-22] [Legacy]
FF Extension: (Session Manager) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2018-08-20] [Legacy]
FF Extension: (Flash Game Maximizer) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [2016-04-28] [Legacy]
FF Extension: (BitComet Video Downloader) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(2) [2019-07-15] [Legacy] [not signed]
FF Extension: (BitComet Video Downloader) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(3) [2019-07-15] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2019-07-15] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(3) [2019-07-15] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-11-14] [Legacy]
FF Extension: (No Name) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi [not found]
FF Extension: (No Name) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [not found]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\doplky-pro-firefox.xml [2014-05-02]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\ednacz.xml [2019-04-22]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\imdb.xml [2019-03-13]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\internet-movie-firearms-database---guns-in-movies-tv-and-vid.xml [2018-09-18]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\opensubtitles.xml [2015-10-06]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\sfd.xml [2019-04-16]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\uloto.xml [2015-10-22]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\jpkynbbs.default-release\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-08-20]
FF ProfilePath: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091 [2020-06-17]
FF Homepage: Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091 -> hxxp://www.panzernet.net/panzernet/start.php
FF NetworkProxy: Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091 -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\adblockultimate@adblockultimate.net.xpi [2020-06-05]
FF Extension: (Bookmarks Organizer) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\bookmarksorganizer@agenedia.com.xpi [2020-06-05]
FF Extension: (OneTab) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\extension@one-tab.com.xpi [2020-06-05]
FF Extension: (Flagfox) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2) [2019-07-23] [Legacy] [not signed]
FF Extension: (Flagfox) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(3) [2019-07-23] [Legacy] [not signed]
FF Extension: (animated In the beginning by candelora) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{252b9dd5-f423-44d9-b8b5-20a49a74b9de}.xpi [2020-06-04]
FF Extension: (Theme) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{9fef8179-fd2e-48c0-8b47-da05f560c63a}.xpi [2020-06-03]
FF Extension: (Matte Black (Red)) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2020-06-02]
FF Extension: (BitComet Video Downloader) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(2) [2019-07-23] [Legacy] [not signed]
FF Extension: (BitComet Video Downloader) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}(3) [2019-07-23] [Legacy] [not signed]
FF Extension: (No Name) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash [2019-07-23] [not signed]
FF Extension: (Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2019-07-23] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(3) [2019-07-23] [Legacy] [not signed]
FF Extension: (No Name) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-02]
FF Extension: (Galaxy Theme) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{e4e50c71-b860-4c0b-9af6-bfd7cc85c537}.xpi [2020-06-03]
FF Extension: (Space 07) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{ebea7b99-db28-4884-afdf-49c7261d46a2}.xpi [2020-06-03]
FF Extension: (animated cat walking on roofs by candelora) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{f19ce2b0-4a67-49d0-8c09-797d294b8834}.xpi [2020-06-03]
FF Extension: (Pixel Art City) - C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\Extensions\{fd9490e3-7529-47cf-85ff-618a7beb4cf0}.xpi [2020-06-12]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\doplky-pro-firefox.xml [2014-05-02]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\imdb.xml [2020-03-11]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\internet-movie-firearms-database---guns-in-movies-tv-and-vid.xml [2018-09-18]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\opensubtitles.xml [2020-05-14]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\torrents-search.xml [2019-11-13]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\uloto.xml [2015-10-22]
FF SearchPlugin: C:\Users\ROCOR\AppData\Roaming\Mozilla\Firefox\Profiles\25fgo6rt.default-1534754876091\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google) [File not signed]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-07-15] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 LicCtrlService; C:\Windows\runservice.exe [16384 2014-10-08] () [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA Corporation -> NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [782320 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-01] (Electronic Arts, Inc. -> Electronic Arts)
S3 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-01-22] (Even Balance, Inc. -> )
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (ASMedia Technology Inc. -> Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASROCK Incorporation -> ASRock Inc.)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1266688 2010-09-16] (C-Media Electronics Incorporation -> C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-02-13] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [59392 2012-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [84608 2012-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-12-19] (FNet Co., Ltd. -> FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-12-19] (FNet Co., Ltd. -> FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MZ_USBAUDIO; C:\Windows\System32\drivers\mz_usbaudio.sys [144896 2013-05-14] (DandM Holdings Inc. -> D&M Holdings Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 is3srv; SySWOW64\drivers\is3srv64.sys [X]
S0 szkg5; SySWOW64\drivers\szkg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-17 17:06 - 2020-06-17 17:06 - 000026367 _____ C:\Users\ROCOR\Desktop\FRST.txt
2020-06-17 17:06 - 2020-06-17 17:06 - 000000000 ____D C:\FRST
2020-06-17 17:05 - 2020-06-17 17:05 - 002289152 _____ (Farbar) C:\Users\ROCOR\Desktop\FRST64.exe
2020-06-11 07:38 - 2020-06-11 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobi File Reader
2020-06-11 07:38 - 2020-06-11 07:38 - 000000000 ____D C:\Program Files (x86)\Mobi File Reader
2020-06-04 07:46 - 2020-06-17 16:56 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-17 17:05 - 2018-08-20 09:37 - 000000000 ____D C:\Users\ROCOR\AppData\LocalLow\Mozilla
2020-06-17 17:05 - 2011-04-12 10:34 - 000648690 _____ C:\Windows\system32\perfh005.dat
2020-06-17 17:05 - 2011-04-12 10:34 - 000133548 _____ C:\Windows\system32\perfc005.dat
2020-06-17 17:05 - 2009-07-14 07:13 - 001527778 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-17 17:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-17 17:04 - 2009-07-14 06:45 - 000021616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-17 17:04 - 2009-07-14 06:45 - 000021616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-17 17:01 - 2019-02-10 14:33 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-17 16:59 - 2014-12-29 19:22 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-06-17 16:59 - 2014-10-08 13:37 - 000001369 ___SH C:\Windows\SysWOW64\mmf.sys
2020-06-17 16:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-17 16:58 - 2019-01-21 13:05 - 000003022 _____ C:\Windows\system32\Tasks\MSIAfterburner
2020-06-17 16:52 - 2014-05-22 16:21 - 000000000 ____D C:\Users\ROCOR\AppData\Roaming\uTorrent
2020-06-17 04:07 - 2014-05-22 07:13 - 000000000 ____D C:\Users\ROCOR\AppData\Roaming\foobar2000
2020-06-17 03:13 - 2014-08-09 07:35 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{DFE319C7-2C57-4D09-B67B-1589BD45581B}
2020-06-15 23:06 - 2019-07-15 21:00 - 000002341 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-06-15 18:18 - 2014-05-22 14:03 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2020-06-15 17:52 - 2014-05-22 06:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-15 17:43 - 2016-11-26 15:19 - 000000000 ___RD C:\Users\ROCOR\Desktop\LulanT
2020-06-15 17:42 - 2014-05-21 10:09 - 000000000 ____D C:\Users\ROCOR
2020-06-15 17:41 - 2019-12-15 21:14 - 000000000 ____D C:\MOVIES
2020-06-15 17:41 - 2014-12-20 13:04 - 000000000 ____D C:\Users\ROCOR\AppData\Local\Mozilla
2020-06-15 17:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2020-06-15 17:36 - 2019-07-23 08:35 - 000000000 ____D C:\Users\ROCOR\AppData\Local\CrashDumps
2020-06-15 17:22 - 2014-12-30 11:06 - 000000000 ____D C:\Temp
2020-06-10 13:46 - 2018-03-14 07:46 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-10 13:46 - 2014-05-22 06:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-10 13:46 - 2014-05-22 06:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-10 13:46 - 2014-05-22 06:59 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-10 13:46 - 2014-05-22 06:59 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-07 06:23 - 2020-05-13 13:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-04 00:11 - 2017-01-05 16:14 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-02 13:18 - 2020-05-13 13:35 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2020-05-24 14:58 - 2015-03-21 15:54 - 000000000 ____D C:\Users\ROCOR\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2018-03-16 00:03 - 2018-03-16 00:03 - 000002299 _____ () C:\Users\ROCOR\AppData\Roaming\ASSDraw3.cfg
2020-03-07 18:06 - 2020-03-08 10:51 - 000000509 _____ () C:\Users\ROCOR\AppData\Roaming\SineMoraEX.dat
2014-05-22 07:02 - 2018-02-23 13:21 - 000000600 _____ () C:\Users\ROCOR\AppData\Roaming\winscp.rnd
2019-08-25 07:53 - 2020-04-05 22:49 - 000083968 _____ () C:\Users\ROCOR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-10 11:22 - 2014-08-10 11:22 - 000000058 _____ () C:\Users\ROCOR\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-05-23 21:30 - 2020-01-11 20:20 - 000007632 _____ () C:\Users\ROCOR\AppData\Local\Resmon.ResmonCfg
2014-05-24 18:48 - 2014-05-24 18:48 - 000000003 _____ () C:\Users\ROCOR\AppData\Local\user_data.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-06-16 00:49
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by ROCOR (17-06-2020 17:07:00)
Running from C:\Users\ROCOR\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-05-21 08:09:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-866583909-2925738967-381583198-500 - Administrator - Disabled)
Guest (S-1-5-21-866583909-2925738967-381583198-501 - Limited - Enabled)
ROCOR (S-1-5-21-866583909-2925738967-381583198-1000 - Administrator - Enabled) => C:\Users\ROCOR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - emc, uTorrent.CZ)
4K Video Downloader 4.4 (HKLM-x32\...\{AA5C80E7-8876-4026-A0D0-582D8EFBA2E1}) (Version: 4.4.7.2307 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version: - )
Alan Wake Čestina verze 1.0 (HKLM-x32\...\{68EE3B21-BC13-4B1A-AC92-69E479246650}_is1) (Version: 1.0 - michalss)
Altap Salamander 2.54 (HKLM-x32\...\Altap Salamander 2.54) (Version: 2.54 - ALTAP)
AoA Video Joiner (HKLM-x32\...\AoA Video Joiner_is1) (Version: - AoAMedia.Com)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: - )
ASUS Xonar Essence ST Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.15.161119 - )
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 83.1.10.90 - Autoři prohlížeče Brave)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 24149 - GOG.com)
Darkest Dungeon: Musketeer (HKLM-x32\...\1405492047_is1) (Version: 24149 - GOG.com)
Darkest Dungeon: The Color of Madness (HKLM-x32\...\1946270261_is1) (Version: 24149 - GOG.com)
Darkest Dungeon: The Crimson Court (HKLM-x32\...\1957260232_is1) (Version: 24149 - GOG.com)
Darkest Dungeon: The Shieldbreaker (HKLM-x32\...\1128594953_is1) (Version: 24149 - GOG.com)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Debugging Tools for Windows (x86) (HKLM-x32\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
Enemy Front PROPER (HKLM-x32\...\Enemy Front PROPER_is1) (Version: - )
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fallout 4 - Čeština (HKLM-x32\...\{8995E8E7-1793-402E-87B7-F1E106783F84}) (Version: 0.9.8 - prekladyher.eu)
foobar2000 v1.3.6 (HKLM-x32\...\foobar2000) (Version: 1.3.6 - Peter Pawlowski)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.3.5254 - Gretech Corporation)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Icon Converter Plus (HKLM-x32\...\Icon Converter Plus) (Version: 4.8 - www.program4pc.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
Kings Bounty - Warriors of the North verzia 1.3.1.6250 (HKLM-x32\...\Kings Bounty - Warriors of the North_is1) (Version: 1.3.1.6250 - CzTorrent.net)
L.A. Noire verzia 1.3.2617 (HKLM-x32\...\L.A. Noire_is1) (Version: 1.3.2617 - CzTorrent.net)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Lords of the Fallen (HKLM-x32\...\{F3DFAE55-83E3-4BD4-9311-B5AB0C16EFD9}_is1) (Version: - CI Games)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mobi File Reader (HKLM-x32\...\{FFA8548C-9BC2-427F-9F81-E64F620A30CB}_is1) (Version: - mobifilereader.com)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
MpcStar 6.5 (HKLM-x32\...\MpcStar) (Version: 6.5 - www.mpcstar.com)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MuralPix 1.07 (HKLM-x32\...\MuralPix) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 436.30 - NVIDIA Corporation) Hidden
Panzer General 3D: Assault (HKLM-x32\...\Panzer General 3D: Assault_is1) (Version: - GOG.com)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.8.2 - PowerUp Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
SHIFT 2 UNLEASHED™ (HKLM-x32\...\{E8C37E27-5205-4C8A-BECB-B00533045AAE}) (Version: 1.0.2.0 - Electronic Arts)
Sine Mora EX (HKLM-x32\...\2001892744_is1) (Version: 1.0. - GOG.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
'Steel Fury - Kharkov 1942' (HKLM-x32\...\STLFR_eng_is1) (Version: - Lighthouse Interactive)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
UFO Afterlight (HKLM-x32\...\{47AF4245-CD81-4353-BFC0-0A21A6EF483A}) (Version: 1.4 - )
UFO Aftershock (HKLM-x32\...\{639555DF-952A-4161-97F6-AB9807E421D7}) (Version: 1.0 - )
UninstallFujitsu Mouse (HKLM-x32\...\{A3BE2F96-2FC2-420D-980B-EC4B856F07FA}_is1) (Version: - Fujitsu Mouse)
USB Audio (HKLM\...\{B500C5BD-165A-4F93-ADAB-BA9E3C071B6C}) (Version: 2.0.1 - Marantz)
Valiant Hearts The Great War (HKLM-x32\...\{4C0EAD53-2DC4-48BC-A57A-A86BED789941}) (Version: 1.0.0 - Ubisoft) Hidden
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.17.11 - Black Tree Gaming Ltd.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-866583909-2925738967-381583198-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Wooky 3.0.1.6 (HKU\S-1-5-21-866583909-2925738967-381583198-1000\...\Wooky) (Version: 3.0.1.6 - Mobilbonus, s.r.o.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-866583909-2925738967-381583198-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\REVO\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4_S-1-5-21-866583909-2925738967-381583198-1000: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2009-05-27] (Peter Pawlowski) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [47616 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ROCOR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-04-23 17:13 - 2018-04-23 17:13 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000567808 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000072704 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2018-04-23 17:13 - 2018-04-23 17:13 - 000357888 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 000222720 _____ () [File not signed] C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-12-30 14:56 - 2011-04-19 15:56 - 000143360 ____N () [File not signed] C:\Program Files\ASUS Xonar Essence ST Audio\Customapp\VmixP8.dll
2019-07-23 07:57 - 2020-06-17 16:59 - 000192512 _____ () [File not signed] C:\Users\ROCOR\AppData\Local\Temp\sfamcc00001.dll
2020-05-14 06:39 - 2020-06-17 16:59 - 000158720 _____ () [File not signed] C:\Users\ROCOR\AppData\Local\Temp\sfareca00001.dll
2014-10-08 13:37 - 2014-10-08 13:37 - 000048640 _____ () [File not signed] C:\Windows\mmfs.dll
2014-12-30 14:56 - 2011-05-12 18:19 - 000348160 ____N (C-Media Electronics Inc.) [File not signed] C:\Program Files\ASUS Xonar Essence ST Audio\CustomApp\cmdevice.dll
2014-05-22 13:11 - 2012-02-27 03:59 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\exefile: <==== ATTENTION
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\.exe: exefile => <==== ATTENTION

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-07-23 07:44 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-866583909-2925738967-381583198-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ROCOR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.5.1 - 172.21.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^ROCOR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MpManag.lnk => C:\Windows\pss\MpManag.lnk.Startup
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BAFAC2A3-EE14-4561-9792-7B178D2AD7F6}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{60DD18EE-D544-4FAF-A5E6-9961DAE37DAB}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{58CB1CAC-E7E9-48A9-B9E7-816ECFBFCC85}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{741CE555-C0C9-4409-BD85-7ADE4600630E}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{49E21519-DD47-4AC2-BAA8-086049BCFACC}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{563A189B-8151-478C-9308-297A0DEA0E20}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{71626F65-22C9-451A-9D41-EED3F7926C78}] => (Allow) C:\Program Files (x86)\Electronic Arts\BFH\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [{CBC2E968-928E-4113-828D-F0EB91306294}] => (Allow) C:\Program Files (x86)\Electronic Arts\BFH\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [TCP Query User{92F5F603-1F64-4E1D-B3EF-D5B6D881C50C}D:\games\wolfenstein\new order\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\games\wolfenstein\new order\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [UDP Query User{9B23A9AA-42A9-492D-89F6-401CB95998A0}D:\games\wolfenstein\new order\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\games\wolfenstein\new order\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{AB279C36-36A7-45EA-A382-34116DA29DCB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{002932D4-1BCE-4746-8C75-A9F3D251AD68}] => (Allow) C:\Program Files (x86)\Electronic Arts\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{0ED334B3-B2B2-45D7-8A0D-96A157970CEA}] => (Allow) D:\Steam\SteamApps\common\Panzer Corps\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [{C6D97DBE-81FB-4DB5-BC42-E02D4930E129}] => (Allow) D:\Steam\SteamApps\common\Panzer Corps\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [TCP Query User{69ADFC3E-2F05-4AFD-9674-7FBE0FCABE13}C:\program files (x86)\enemy front proper\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\enemy front proper\bin32\enemyfront.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{F4FD1F4F-ADC4-4EF4-B8B6-45B31E0B1CC3}C:\program files (x86)\enemy front proper\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\enemy front proper\bin32\enemyfront.exe (CI Games S.A.) [File not signed]
FirewallRules: [{E7A9CFFB-3B92-415D-A67F-08BCE91666BE}] => (Allow) D:\Steam\SteamApps\common\Eisenwald\Eisenwald.exe () [File not signed]
FirewallRules: [{A9C15CE4-E493-445A-BAAC-8061258C786D}] => (Allow) D:\Steam\SteamApps\common\Eisenwald\Eisenwald.exe () [File not signed]
FirewallRules: [TCP Query User{85C57A2D-6D78-436D-A330-66073D1D4753}D:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{158DE561-D3A5-4BFF-A588-C0981B110102}D:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{BFCCF15C-D133-43A1-ACDE-32A2F8D4DE80}] => (Allow) D:\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{FEEE949C-438B-4F40-9BF4-24F14C6B5AB5}] => (Allow) D:\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{70B9018F-6887-4662-93EA-AF03FA72B2E9}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [{96446512-51A1-44B3-B01E-D087CB287345}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [{F04956A2-1C15-4E79-9E70-D60CFC57E43E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{6CE8AEC6-53AF-4119-AB8B-28D062BF4B2E}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{8C0DA4DE-F9B0-4DAB-8496-E9D3337B7A0D}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3824833C-F7CF-44C8-82A3-212CDC46BE1D}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{489E2F4C-1A6E-4969-BC06-CF0C28511FFF}] => (Allow) D:\Steam\SteamApps\common\Decisive Campaigns Barbarossa\autorun.exe (Slitherine Software UK Limited -> Matrix Publishing Ltd.)
FirewallRules: [{677006AC-3103-4901-AD07-21BC6AE2E9E3}] => (Allow) D:\Steam\SteamApps\common\Decisive Campaigns Barbarossa\autorun.exe (Slitherine Software UK Limited -> Matrix Publishing Ltd.)
FirewallRules: [{76B52A99-B065-46BB-92A5-C2809C67D392}] => (Allow) D:\Steam\SteamApps\common\PFAD - Floodings\PFAD - Floodings.exe () [File not signed]
FirewallRules: [{F3180F36-2972-4B1D-9C72-DCE21A450EED}] => (Allow) D:\Steam\SteamApps\common\PFAD - Floodings\PFAD - Floodings.exe () [File not signed]
FirewallRules: [{10BF1CE2-E785-4A0F-9939-33CC1BBC0EA8}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{686850C0-7F62-438B-8B6C-81056CCE39B8}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{86E74658-D20F-4441-903A-F3D1C25BF791}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{88B967CC-1915-4B49-91DC-3993D4B78F24}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{46AE5EE2-AF62-4647-A8D5-8B8157876131}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{84083715-EEB2-477D-9F2C-39454AFC846E}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{E1ED46DD-9CE6-4378-B825-56D5443CA1B2}] => (Block) D:\Steam\SteamApps\common\Fallout 4\Fallout4.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5FFD7D8F-941B-4257-A096-F8E6C34319C7}] => (Allow) D:\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{195F15A8-B754-4E7A-9D3F-52091548D30B}] => (Allow) D:\Steam\SteamApps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{C4F2ECFA-815E-4AE9-B6F4-0643C8BA84B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2181AB1D-6A27-4248-9697-5BBB6B157804}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6748BB2-34D8-4EC1-A775-C1D255245CEE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6D3166CF-BACB-439A-A0B5-D749E6837CC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7392A698-06BF-497D-8D28-C6BF47100E49}] => (Allow) D:\Steam\SteamApps\common\Xenonauts\Xenonauts.exe () [File not signed]
FirewallRules: [{7FEBBF48-0093-4A4A-8708-5DCDB4D2506B}] => (Allow) D:\Steam\SteamApps\common\Xenonauts\Xenonauts.exe () [File not signed]
FirewallRules: [{5F425CB7-5297-4873-A2CD-BDBD50441B67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D0CB5B3-6BB7-491D-949A-904C0492A2F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD0DCD16-35EF-4AE9-AF6E-C3C532AFE64E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FD041DFF-DC97-4D12-9726-B6748DA40AD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2CD0C43-A67A-4CDB-8BCD-916D81AAE654}] => (Allow) D:\Steam\SteamApps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{BD930FDF-15B2-4A33-93DC-F3C729121666}] => (Allow) D:\Steam\SteamApps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{F32C4605-C75B-4A12-BD8E-268E4498679D}D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{105EED96-6611-4DF5-9AA1-314EF10979D2}D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{89D0DE8A-C021-4B08-B5D5-6ED9176CC836}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{FDA86A7C-C033-4DC3-B55C-80D8B91732F4}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{412F2532-D12D-496E-8696-49A5102E03E9}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

21-05-2020 00:00:00 Naplánovaný kontrolní bod
28-05-2020 21:07:04 Naplánovaný kontrolní bod
05-06-2020 00:00:00 Naplánovaný kontrolní bod
12-06-2020 07:58:14 Naplánovaný kontrolní bod
15-06-2020 17:39:48 Operace obnovení

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič High Definition Audio
Description: Řadič High Definition Audio
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================

System errors:
=============
Error: (06/17/2020 04:59:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
is3srv
szkg5

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 07/01/2013
Motherboard: ASRock Z77 Extreme6
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 22%
Total physical RAM: 16268.09 MB
Available physical RAM: 12665.44 MB
Total Virtual: 24266.3 MB
Available Virtual: 20011.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:39.33 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:14.36 GB) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (VERBATIM HD) (Fixed) (Total:465.64 GB) (Free:19.77 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0BA592B7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5814E5E1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A345F4C7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 17 čer 2020 16:52

Zda je mechanika vadná, či nikoli takto na dálku neposoudím. Možná by stálo za to přehrát firmware a pak bychom viděli lépe, co se vlastně děje. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Hynek88 · #7 Příspěvek od **Hynek88** » 17 čer 2020 17:07

"přehrát firmware"? - jak se to dělá?

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-17-2020
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1413 octets] - [17/06/2020 18:02:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#8 Příspěvek od **Rudy** » 17 čer 2020 17:17

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Users\ROCOR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ROCOR\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\exefile: <==== ATTENTION
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\.exe: exefile => <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Hynek88 · #9 Příspěvek od **Hynek88** » 17 čer 2020 17:58

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by ROCOR (17-06-2020 18:55:35) Run:1
Running from C:\Users\ROCOR\Desktop
Loaded Profiles: ROCOR
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Users\ROCOR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ROCOR\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\exefile: <==== ATTENTION
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\.exe: exefile => <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\ROCOR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\ROCOR\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat => moved successfully
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\exefile => removed successfully
HKU\S-1-5-21-866583909-2925738967-381583198-1000\Software\Classes\.exe => removed successfully

=========== EmptyTemp: ==========

#10 Příspěvek od **Rudy** » 17 čer 2020 19:02

Smazáno. Pokud se žádná změna nekonala, zkuste přehrát firmware. Měl by být ke stažení z webu výrobce mechaniky.

Hynek88 · #11 Příspěvek od **Hynek88** » 17 čer 2020 19:11

to sem zkoušel z týhle adresy, i když nevím co přesně znamená termín "přehrát firmware" - je to totéž jako update ovladače? - pak mi právě po zapnutí/restartování,

správce, po vyhledávání, vypisoval hlášku "zařízení je připraveno" - jako kdyby ten ovladač po vypnutí někam zmizel...

https://www.firmwarehq.com/Samsung/SH-222BB/files.html

#12 Příspěvek od **Rudy** » 17 čer 2020 19:52

Firmware není ovladač, ale software nahrané do čipu samotné jednotky. Tím nechci říci, že to pomůže, jednotka opravdu může být KO. Ovladač to nespraví, ten má drtivá většina CD/DVD jednotek ze systému. Ještě ji můžete vyzkoušet v jiném PC.

Hynek88 · #13 Příspěvek od **Hynek88** » 17 čer 2020 20:28

jasný, takže ta adresa jak sem zmínil není platný firmware?

#14 Příspěvek od **Rudy** » 17 čer 2020 20:52

To by měl být firmware (nikoli ovladač). Zkoušel jste obě verze?

Hynek88 · #15 Příspěvek od **Hynek88** » 17 čer 2020 21:08

jen tu novější, do tej starší se pouštět už raděj nebudu...

VIRY.CZ

stále se instalující driver

stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver

Re: stále se instalující driver