nic si tam nenašel ?? pamět je na 14%

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.



(1) WDC WD10EZEX-08WN4A0
Temperature : 45 C (113 F) to je vysoká teplota..

(2) SAMSUNG HD251KJ
Temperature : 41 C (105 F)
00000F30864C Počet pokusů o softvérové opravení chyb při čtení programů z disku
0000002703D6 Ohlášeno neopravitelných chyb
000000000013 Časový limit příkazu
Časový limit - príkaz Command Timeout Počet operací, které byly přerušené kvůli časovému limitu pro pevný disk. Za normálních okolností by se tato hodnota měla rovnat nule. Jestliže je hodnota vyšší než nula, pravděpodobně jsou nějaké problémy s napájením, nebo je datový kabel zoxidovaný.
vyměň datový kabel SATA a dej ho do jiného konektoru SATA.
Pak udělej znovu CDI.


Chtělo by to víc chladit disky. Možná bys mohl zkusit ve vypnutém stavu odpojit ten druhý disk..

Nic závažného v combofixu nebylo.
Jak je na tom vytížení procesoru?

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019
Ran by GUARDS (administrator) on GUARDS-PC (09-02-2019 15:16:45)
Running from C:\Users\GUARDS\Desktop
Loaded Profiles: GUARDS (Available Profiles: GUARDS)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.43.254 8.8.8.8
Tcpip\..\Interfaces\{E7D1585A-1520-4712-B868-B567B8B552C8}: [DhcpNameServer] 10.0.43.254 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-4124863302-1611915917-862627420-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: u6cfgu7y.default
FF ProfilePath: C:\Users\GUARDS\AppData\Roaming\Mozilla\Firefox\Profiles\u6cfgu7y.default [2019-02-09]
FF NewTab: Mozilla\Firefox\Profiles\u6cfgu7y.default -> about:newtab
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [249344 2016-02-26] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2018-12-23] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 HnGSteamService; F:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [756520 2019-02-01] (Reto-Moto ApS -> Reto-Moto ApS) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [23981568 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [674816 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-02-03] (Adlice -> )
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-09 15:16 - 2019-02-09 15:17 - 000005147 _____ C:\Users\GUARDS\Desktop\FRST.txt
2019-02-09 15:16 - 2019-02-09 15:16 - 002434048 _____ (Farbar) C:\Users\GUARDS\Desktop\FRST64.exe
2019-02-09 15:16 - 2019-02-09 15:16 - 000000000 ____D C:\FRST
2019-02-09 15:07 - 2019-02-09 15:08 - 019341880 _____ (Piriform Software Ltd) C:\Users\GUARDS\Downloads\ccsetup552(1).exe
2019-02-09 15:05 - 2019-02-09 15:06 - 000001600 _____ C:\Users\GUARDS\Desktop\navod combo.txt
2019-02-08 23:21 - 2019-02-08 23:21 - 000000000 _____ C:\Users\GUARDS\Desktop\do pc-help.txt
2019-02-08 22:12 - 2019-02-08 22:15 - 000021174 _____ C:\Users\GUARDS\Desktop\pro jarose combofix.txt
2019-02-08 18:04 - 2019-02-08 18:04 - 000019781 _____ C:\Users\GUARDS\Desktop\pro jarose.txt
2019-02-08 17:55 - 2019-02-09 15:06 - 000000000 ____D C:\Windows\erdnt
2019-02-07 20:33 - 2019-02-05 04:06 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts.20190207-203332.backup
2019-02-07 15:49 - 2019-02-07 15:52 - 000000189 _____ C:\Users\GUARDS\Desktop\moudra a pravda.txt
2019-02-07 11:33 - 2019-02-07 11:34 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-07 09:01 - 2019-02-07 09:01 - 064420216 _____ (Malwarebytes ) C:\Users\GUARDS\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9140.exe
2019-02-07 08:51 - 2019-02-07 08:51 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2019-02-07 08:49 - 2019-02-07 08:49 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\GUARDS\Downloads\spybotsd-2.7.64.0.exe
2019-02-06 23:43 - 2019-02-06 23:43 - 000000000 ____D C:\Users\GUARDS\AppData\Local\AMD
2019-02-06 23:39 - 2019-02-06 23:39 - 000001516 _____ C:\Users\GUARDS\Documents\cc_20190206_233933.reg
2019-02-06 23:31 - 2019-02-06 23:38 - 000000000 ____D C:\Users\GUARDS\AppData\Local\CrashDumps
2019-02-06 23:28 - 2019-02-06 23:28 - 001582231 _____ C:\Users\GUARDS\Downloads\vcrc.zip
2019-02-06 23:28 - 2019-02-06 23:28 - 000000000 ____D C:\Users\GUARDS\Downloads\vcrc
2019-02-06 23:19 - 2019-02-06 23:19 - 000912530 _____ (TweakNow ) C:\Users\GUARDS\Desktop\ramidlLE.exe
2019-02-06 00:45 - 2019-02-06 00:45 - 000002941 _____ C:\Users\GUARDS\Desktop\po případě pro jaro.txt
2019-02-06 00:43 - 2019-02-06 00:44 - 000002941 _____ C:\DelFix.txt
2019-02-06 00:29 - 2019-02-06 00:29 - 028657768 _____ (Ashampoo GmbH & Co. KG ) C:\Users\GUARDS\Downloads\ashampoo_winoptimizer_16_16.00.20_sm(1).exe
2019-02-05 16:54 - 2019-02-05 16:54 - 000000000 ____D C:\Users\GUARDS\AppData\Local\Bohemia_Interactive
2019-02-05 15:00 - 2019-02-09 15:14 - 000000000 ____D C:\Program Files\CCleaner
2019-02-05 13:57 - 2019-02-09 05:28 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\TS3Client
2019-02-05 13:57 - 2019-02-05 13:57 - 000000000 ____D C:\ProgramData\Package Cache
2019-02-05 13:56 - 2019-02-05 13:56 - 000000803 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2019-02-05 13:56 - 2019-02-05 13:56 - 000000753 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2019-02-05 13:54 - 2019-02-05 13:54 - 078145312 _____ (TeamSpeak Systems GmbH) C:\Users\GUARDS\Downloads\TeamSpeak3-Client-win64-3.2.3(1).exe
2019-02-05 04:24 - 2019-02-05 04:25 - 000267368 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-05 04:22 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-02-04 01:09 - 2019-02-04 01:09 - 000642632 _____ (EFD Software ) C:\Users\GUARDS\Downloads\hdtune_255.exe
2019-02-03 21:57 - 2019-02-03 21:57 - 003942560 _____ (Crystal Dew World ) C:\Users\GUARDS\Downloads\CrystalDiskInfo8_0_0.exe
2019-02-03 21:57 - 2019-02-03 21:57 - 000058016 _____ C:\Users\GUARDS\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-03 21:55 - 2019-02-03 21:55 - 000000000 ____D C:\Users\GUARDS\Downloads\MemTest
2019-02-03 21:54 - 2019-02-03 21:54 - 000017025 _____ C:\Users\GUARDS\Downloads\MemTest.zip
2019-02-03 21:04 - 2019-02-03 21:04 - 000000000 ____D C:\Users\GUARDS\AppData\Local\Ashampoo
2019-02-03 21:03 - 2019-02-03 21:03 - 028657768 _____ (Ashampoo GmbH & Co. KG ) C:\Users\GUARDS\Downloads\ashampoo_winoptimizer_16_16.00.20_sm.exe
2019-02-03 21:03 - 2019-02-03 21:03 - 000000000 ____D C:\ProgramData\Ashampoo
2019-02-03 21:03 - 2019-02-03 21:03 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2019-02-03 20:53 - 2019-02-03 20:54 - 000000000 ____D C:\Users\GUARDS\Downloads\backups
2019-02-03 20:52 - 2019-02-03 20:54 - 000000386 _____ C:\Users\GUARDS\Desktop\co fixnout hitjktis.txt
2019-02-03 19:50 - 2019-02-03 19:50 - 005455480 _____ (ESET) C:\Users\GUARDS\Downloads\eset_smart_security_premium_live_installer.exe
2019-02-03 15:39 - 2019-02-03 15:39 - 000000172 _____ C:\Users\GUARDS\Documents\cc_20190203_153931.reg
2019-02-03 12:50 - 2019-02-03 12:50 - 000000000 ____D C:\ProgramData\RogueKiller
2019-02-02 16:40 - 2019-02-02 16:40 - 000001662 _____ C:\Users\GUARDS\Documents\cc_20190202_164047.reg
2019-02-02 06:17 - 2019-02-02 06:17 - 000002456 _____ C:\Users\GUARDS\Desktop\malware scan complete.txt
2019-02-02 06:15 - 2019-02-02 06:15 - 000002540 _____ C:\Users\GUARDS\Desktop\malware scan.txt
2019-02-02 00:54 - 2019-02-03 20:46 - 000017899 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-02-02 00:54 - 2019-02-03 19:32 - 000013086 _____ C:\Windows\ZAM.krnl.trace
2019-02-02 00:54 - 2019-02-02 00:54 - 000000000 ____D C:\Users\GUARDS\AppData\Local\Zemana
2019-02-02 00:52 - 2019-02-02 00:52 - 006624296 _____ (Zemana Ltd. ) C:\Users\GUARDS\Desktop\Zemana.AntiMalware.Setup.exe
2019-02-02 00:30 - 2019-02-02 00:30 - 000002293 _____ C:\Users\GUARDS\Desktop\AdwCleane.txt
2019-02-01 22:32 - 2019-02-01 22:47 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\HD Tune Pro
2019-02-01 22:32 - 2019-02-01 22:32 - 002246436 _____ (EFD Software ) C:\Users\GUARDS\Downloads\hdtunepro_570_trial.exe
2019-02-01 19:24 - 2019-02-03 12:51 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-02-01 18:33 - 2019-02-01 18:33 - 073103960 _____ (Malwarebytes ) C:\Users\GUARDS\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.527-1.0.9052.exe
2019-02-01 01:48 - 2018-12-15 01:06 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-01 01:48 - 2018-12-15 00:14 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-02-01 01:48 - 2018-12-14 09:09 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-01 01:48 - 2018-12-14 09:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-01 01:48 - 2018-12-14 09:01 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-01 01:48 - 2018-12-14 08:51 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-01 01:48 - 2018-12-14 08:49 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-01 01:48 - 2018-12-14 08:49 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-01 01:48 - 2018-12-14 08:49 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-01 01:48 - 2018-12-14 08:48 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-01 01:48 - 2018-12-14 08:48 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-01 01:48 - 2018-12-14 08:42 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-01 01:48 - 2018-12-14 08:41 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-01 01:48 - 2018-12-14 08:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-01 01:48 - 2018-12-14 08:38 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-01 01:48 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-01 01:48 - 2018-12-14 08:38 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-01 01:48 - 2018-12-14 08:38 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-01 01:48 - 2018-12-14 08:36 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-01 01:48 - 2018-12-14 08:33 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-01 01:48 - 2018-12-14 08:30 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-01 01:48 - 2018-12-14 08:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-01 01:48 - 2018-12-14 08:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-01 01:48 - 2018-12-14 08:23 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-01 01:48 - 2018-12-14 08:21 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-01 01:48 - 2018-12-14 08:20 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-01 01:48 - 2018-12-14 08:18 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-01 01:48 - 2018-12-14 08:17 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-01 01:48 - 2018-12-14 08:09 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-01 01:48 - 2018-12-14 08:06 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-01 01:48 - 2018-12-14 08:06 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-01 01:48 - 2018-12-14 08:05 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-01 01:48 - 2018-12-14 08:04 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-01 01:48 - 2018-12-14 08:02 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-01 01:48 - 2018-12-14 07:58 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-01 01:48 - 2018-12-14 07:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-01 01:48 - 2018-12-14 07:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-02-01 01:48 - 2018-12-14 07:45 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-01 01:48 - 2018-12-14 07:41 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-01 01:48 - 2018-12-14 07:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-02-01 01:48 - 2018-12-14 07:40 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-02-01 01:48 - 2018-12-14 07:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-02-01 01:48 - 2018-12-14 07:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-02-01 01:48 - 2018-12-14 07:38 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-01 01:48 - 2018-12-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-02-01 01:48 - 2018-12-14 07:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-02-01 01:48 - 2018-12-14 07:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-01 01:48 - 2018-12-14 07:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-02-01 01:48 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-01 01:48 - 2018-12-14 07:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-02-01 01:48 - 2018-12-14 07:32 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-02-01 01:48 - 2018-12-14 07:26 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-02-01 01:48 - 2018-12-14 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-02-01 01:48 - 2018-12-14 07:22 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-02-01 01:48 - 2018-12-14 07:22 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-02-01 01:48 - 2018-12-14 07:20 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-02-01 01:48 - 2018-12-14 07:19 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-02-01 01:48 - 2018-12-14 07:19 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-02-01 01:48 - 2018-12-14 07:18 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-01 01:48 - 2018-12-14 07:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-02-01 01:48 - 2018-12-14 07:14 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-01 01:48 - 2018-12-14 07:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-02-01 01:48 - 2018-12-14 07:11 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-02-01 01:48 - 2018-12-14 07:11 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-01 01:48 - 2018-12-14 07:10 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-02-01 01:48 - 2018-12-14 06:58 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-01 01:48 - 2018-12-14 06:54 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-01 01:48 - 2018-12-14 06:52 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-01 01:47 - 2016-05-12 16:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-02-01 01:47 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2019-02-01 01:47 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2019-02-01 01:47 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2019-02-01 01:47 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2019-02-01 01:47 - 2014-07-09 03:03 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2019-02-01 01:47 - 2014-07-09 02:31 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2019-02-01 01:47 - 2014-07-09 02:31 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2019-02-01 01:47 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2019-02-01 01:47 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2019-02-01 01:47 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2019-02-01 00:55 - 2019-02-01 00:55 - 004955366 _____ C:\Users\GUARDS\Downloads\(CZ) Acer Aspire VX 15.pdf
2019-01-31 23:32 - 2019-01-31 23:32 - 000000858 _____ C:\Users\GUARDS\Documents\cc_20190131_233240.reg
2019-01-31 23:31 - 2019-01-31 23:31 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-31 16:42 - 2019-01-31 16:43 - 000002127 _____ C:\Users\GUARDS\Desktop\Discord.lnk
2019-01-31 16:42 - 2019-01-31 16:43 - 000000000 ____D C:\Users\GUARDS\AppData\Local\SquirrelTemp
2019-01-31 16:42 - 2019-01-31 16:42 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-01-31 16:42 - 2019-01-31 16:42 - 000000000 ____D C:\Users\GUARDS\AppData\Local\Discord
2019-01-31 16:41 - 2019-01-31 16:41 - 061394264 _____ (Discord Inc.) C:\Users\GUARDS\Downloads\DiscordSetup.exe
2019-01-30 19:28 - 2019-02-09 00:36 - 000000000 ____D C:\Users\GUARDS\AppData\Local\DayZ
2019-01-30 19:28 - 2019-01-30 19:29 - 000000000 ____D C:\Users\GUARDS\Documents\DayZ
2019-01-30 13:53 - 2019-01-30 13:53 - 009437921 _____ C:\Users\GUARDS\Downloads\inSSIDerOffice-4.4.4.1(1).msi
2019-01-30 13:52 - 2019-01-30 13:53 - 000000000 __SHD C:\ProgramData\DIBsection
2019-01-30 13:52 - 2019-01-30 13:53 - 000000000 ____D C:\Users\GUARDS\AppData\Local\MetaGeek,_LLC
2019-01-30 13:50 - 2019-01-30 13:50 - 009437921 _____ C:\Users\GUARDS\Downloads\inSSIDerOffice-4.4.4.1.msi
2019-01-30 13:50 - 2019-01-30 13:50 - 005861376 _____ C:\Users\GUARDS\Downloads\inSSIDer4-installer.msi
2019-01-30 00:21 - 2019-01-30 00:21 - 000000000 ____D C:\Users\GUARDS\Documents\DayZ Projects
2019-01-29 21:41 - 2019-01-29 21:41 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\Ubisoft
2019-01-29 21:41 - 2019-01-29 21:41 - 000000000 ____D C:\ProgramData\Ubisoft
2019-01-29 18:04 - 2019-01-29 18:04 - 000000019 _____ C:\Users\GUARDS\Desktop\server na Dayz IP.txt
2019-01-28 20:32 - 2019-01-28 20:32 - 000000000 ____D C:\Users\GUARDS\AppData\Local\BattlEye
2019-01-27 16:54 - 2019-01-27 16:54 - 000000000 ____D C:\Windows\system32\appmgmt
2019-01-27 11:26 - 2019-01-27 11:26 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_1589764882512.dll
2019-01-26 11:52 - 2019-01-26 11:52 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_9769448368075.dll
2019-01-26 11:18 - 2019-01-26 11:18 - 000000000 ____D C:\ProgramData\Sophos
2019-01-26 11:14 - 2019-01-26 11:16 - 206758184 _____ (Sophos Limited) C:\Users\GUARDS\Downloads\Sophos Virus Removal Tool.exe
2019-01-25 18:28 - 2019-01-25 18:28 - 000000000 ____D C:\Users\GUARDS\AppData\Local\CEF
2019-01-24 15:35 - 2019-01-24 15:35 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_32775335140211.dll
2019-01-24 14:58 - 2019-01-24 14:58 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\EasyAntiCheat
2019-01-24 02:47 - 2019-01-24 02:47 - 001700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2019-01-24 02:47 - 2019-01-24 02:47 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2019-01-24 02:47 - 2019-01-24 02:47 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2019-01-24 02:42 - 2019-01-24 02:42 - 000144190 _____ C:\Users\GUARDS\Documents\cc_20190124_024205.reg
2019-01-24 02:38 - 2019-01-24 02:38 - 019341880 _____ (Piriform Software Ltd) C:\Users\GUARDS\Downloads\ccsetup552.exe
2019-01-23 19:59 - 2019-01-23 19:59 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_1415549623120.dll
2019-01-23 17:59 - 2019-01-23 17:59 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_1052527110668.dll
2019-01-23 15:02 - 2019-01-23 15:02 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_49485705008720.dll
2019-01-22 23:19 - 2019-01-22 23:19 - 006467032 _____ (Wargaming.net (c) 2009-2018 ) C:\Users\GUARDS\Downloads\world_of_warships_install_eu_brg5dbvnuuw5.exe
2019-01-22 23:19 - 2019-01-22 23:19 - 000000000 ____D C:\ProgramData\Wargaming.net
2019-01-19 00:03 - 2019-01-19 00:07 - 000000084 _____ C:\Users\GUARDS\Desktop\program na náhrávání.txt
2019-01-18 03:17 - 2019-01-18 03:17 - 000000000 _____ C:\Windows\ativpsrm.bin
2019-01-18 03:15 - 2019-01-18 03:15 - 000004224 _____ C:\Windows\System32\Tasks\AMD Updater
2019-01-18 03:11 - 2019-01-18 03:11 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-01-18 03:10 - 2019-02-06 23:41 - 000000000 ____D C:\Program Files\AMD
2019-01-18 02:51 - 2019-01-18 02:53 - 000000000 ____D C:\Users\GUARDS\Desktop\ovladače a uinsta
2019-01-18 00:46 - 2019-01-18 00:46 - 001227591 _____ C:\Users\GUARDS\Desktop\[Guru3D.com]-DDU.zip
2019-01-14 17:57 - 2019-01-14 17:59 - 317172104 _____ (AMD Inc.) C:\Users\GUARDS\Downloads\whql-win8.1-win7-catalyst-15.7.1-oct30.exe
2019-01-13 16:39 - 2019-01-22 21:27 - 000000000 ____D C:\Users\GUARDS\AppData\LocalLow\Heroes and Generals
2019-01-13 16:39 - 2019-01-13 16:39 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\Macromedia
2019-01-13 16:39 - 2019-01-13 16:39 - 000000000 ____D C:\Users\GUARDS\AppData\Roaming\HeroesAndGeneralsDesktop
2019-01-12 01:07 - 2019-01-12 13:34 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-01-12 01:07 - 2019-01-12 01:11 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-01-12 01:07 - 2019-01-12 01:11 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-01-12 01:07 - 2019-01-12 01:07 - 000000000 ____D C:\Program Files\Realtek
2019-01-12 00:57 - 2019-01-12 00:58 - 124038686 _____ C:\Users\GUARDS\Desktop\mb_driver_audio_realtek_azalia.exe
2019-01-12 00:43 - 2019-01-12 00:43 - 000000000 ____D C:\Users\GUARDS\AppData\Local\ElevatedDiagnostics
2019-01-11 20:11 - 2019-01-11 20:11 - 115921560 _____ ( ) C:\Users\GUARDS\Downloads\directx.exe
2019-01-11 19:22 - 2019-01-11 19:22 - 002000479 _____ C:\Users\GUARDS\Desktop\DayZReport_Log_20190111T182200_GUARDS.zip
2019-01-11 19:21 - 2019-02-05 16:57 - 000000000 ____D C:\Users\GUARDS\AppData\Local\DayZ Launcher
2019-01-11 19:09 - 2019-01-11 19:10 - 306673592 _____ (NVIDIA Corporation) C:\Users\GUARDS\Downloads\342.01-desktop-win8-win7-winvista-64bit-international.exe
2019-01-11 16:05 - 2019-01-11 16:05 - 000515728 _____ (AMD Inc.) C:\Users\GUARDS\Downloads\amd_catalyst_12.2_cap1.exe
2019-01-11 16:04 - 2019-01-11 16:04 - 000000000 ____H C:\Users\GUARDS\Documents\Default.rdp
2019-01-11 13:09 - 2019-01-12 01:06 - 000000000 ____D C:\Users\GUARDS\Desktop\aktualizace
2019-01-11 13:09 - 2019-01-11 13:09 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-11 13:09 - 2019-01-11 13:09 - 000000000 ____D C:\Intel
2019-01-11 13:08 - 2019-01-11 14:29 - 000000000 ____D C:\Users\GUARDS\Downloads\INFUpdate
2019-01-11 12:53 - 2019-02-03 21:04 - 000000000 ____D C:\AMD
2019-01-10 15:19 - 2019-01-10 15:19 - 114076760 _____ (NVIDIA Corporation) C:\Users\GUARDS\Downloads\GeForce_Experience_v3.16.0.140.exe
2019-01-10 15:05 - 2019-01-10 15:06 - 395336888 _____ (NVIDIA Corporation) C:\Users\GUARDS\Downloads\381.65-desktop-win8-win7-64bit-international-whql.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-09 15:15 - 2018-12-28 17:47 - 000000000 ____D C:\Users\GUARDS\AppData\LocalLow\Mozilla
2019-02-09 15:14 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-09 15:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-09 15:09 - 2008-01-01 02:07 - 000000000 ____D C:\Windows\Panther
2019-02-09 14:34 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-09 14:34 - 2009-07-14 05:45 - 000022736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-08 22:08 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2019-02-07 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-02-07 11:54 - 2011-04-12 09:34 - 000668308 _____ C:\Windows\system32\perfh005.dat
2019-02-07 11:54 - 2011-04-12 09:34 - 000140968 _____ C:\Windows\system32\perfc005.dat
2019-02-07 11:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-02-07 11:34 - 2018-12-28 17:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-06 23:18 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2019-02-06 15:48 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-02-06 14:24 - 2009-07-14 06:08 - 000032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-03 19:20 - 2018-12-28 15:43 - 000000000 ____D C:\Users\GUARDS
2019-02-01 14:41 - 2018-12-28 15:45 - 000000000 ____D C:\Users\GUARDS\AppData\Local\VirtualStore
2019-02-01 01:55 - 2018-12-28 18:04 - 001557208 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-02-01 01:55 - 2009-07-14 06:13 - 001557208 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-01 01:52 - 2018-12-28 18:13 - 000000000 ____D C:\Windows\system32\MRT
2019-02-01 01:51 - 2018-12-28 18:13 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-30 00:22 - 2018-12-28 19:34 - 000000000 ____D C:\Users\GUARDS\AppData\Local\Ubisoft Game Launcher
2019-01-24 02:39 - 2018-12-29 14:42 - 000000000 ____D C:\Windows\Minidump
2019-01-18 03:03 - 2018-12-28 18:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-18 01:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-01-11 19:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2019-01-11 18:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-01-11 14:29 - 2018-12-29 17:44 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-01-11 14:29 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared

==================== Files in the root of some directories =======

2019-01-01 14:22 - 2019-01-01 14:22 - 000007605 _____ () C:\Users\GUARDS\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-05 14:34

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019
Ran by GUARDS (09-02-2019 15:17:57)
Running from C:\Users\GUARDS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-12-28 14:43:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4124863302-1611915917-862627420-500 - Administrator - Disabled)
GUARDS (S-1-5-21-4124863302-1611915917-862627420-1000 - Administrator - Enabled) => C:\Users\GUARDS
Guest (S-1-5-21-4124863302-1611915917-862627420-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.0.1064 - Bandisoft.com)
Discord (HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\Discord) (Version: 0.0.304 - Discord Inc.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12146481-1BE0-4B3B-AF9D-680A7577751C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {5E6B5161-B27E-4EEB-8A1A-1CA58C0395D9} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\GUARDS:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123simsen.com -> www.123simsen.com

There are 7940 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-08 22:08 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GUARDS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.43.254 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B8A6DCF4-6403-4C97-9749-93DAB0E85194}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1C6B6A0D-56E2-4842-97BB-BA1946AA055D}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8A8FCB15-D10A-433D-A7BD-594BD524013F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{78D8456D-796D-4053-BC2C-39ABB7D4F2C1}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{7456E794-92A3-400F-B302-21537EEED2D2}F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{C51A8C97-96CB-46CD-B2CF-40D2CD0E7AD2}F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{FC44F79A-7B2E-472A-9DB5-EE6FCC330A23}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{8E8E2E12-26DD-49CE-B615-E001005D021D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{F9030293-A39B-468B-B07B-27BE4B4C636E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{12DB504F-3ADD-42A5-A506-EFD516180785}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B000CC10-2F3C-482A-8214-D424CDCD6B3B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{65EFDAD3-767B-473B-ACA1-3AF4A2766649}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{AF320708-9D5A-4651-AAAA-CCA4D930C3DB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C702E0DD-70BE-42D3-AF7E-CE1B5B96B029}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{8F5EF3EA-3F12-4B55-9AB4-4C62489AEABA}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\VR Paradise\VRParadise.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Epic Games, Inc.)
FirewallRules: [{E258B997-A0B2-40E0-A438-367D90EAB29B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\VR Paradise\VRParadise.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Epic Games, Inc.)
FirewallRules: [{C01E0CF2-3B7D-4208-A7AF-942315DE0EEE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2332FB97-DDF4-43BB-AF29-931C19A8EDDF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

09-02-2019 15:06:57 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/09/2019 03:16:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2019 03:09:54 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-4124863302-1611915917-862627420-1000}/>.

Error: (02/09/2019 02:28:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2019 03:10:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (02/08/2019 09:00:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/08/2019 06:07:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/08/2019 01:25:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (02/08/2019 12:40:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/08/2019 08:57:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/08/2019 08:56:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (02/08/2019 08:56:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (02/08/2019 08:55:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/08/2019 08:52:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (02/08/2019 08:52:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (02/08/2019 06:01:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/08/2019 06:01:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.


Windows Defender:
===================================
Date: 2019-01-31 03:57:50.790
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15600.4
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-01-11 12:40:22.177
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15500.2
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2018-12-29 14:00:19.006
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15500.2
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2018-12-29 13:59:19.008
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15500.2
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2018-12-28 20:18:05.612
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15500.2
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-02-08 20:56:52.291
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:56:52.229
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:56:52.167
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:56:52.120
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:52:30.585
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:52:30.523
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:52:30.476
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-08 20:52:30.414
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 31%
Total physical RAM: 7422.49 MB
Available physical RAM: 5104.04 MB
Total Virtual: 14843.13 MB
Available Virtual: 12380.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:190.91 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:244.14 GB) (Free:197.39 GB) NTFS
Drive f: () (Fixed) (Total:687.27 GB) (Free:174.09 GB) NTFS

\\?\Volume{057694d9-b806-11dc-95a9-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1991C8C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 5D77E156)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

ten samsung pomoci nejakého programu- tam bylo napsané, že to může být cablem...

využití procesoru je na 0% když nic není zaplé

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

pokud je CPU na 0% a ram na 13-17% , pak je to úplně normální , PC stále na něčem pracuje , já mám kolem 20%..

Fix result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019
Ran by GUARDS (09-02-2019 22:25:36) Run:1
Running from C:\Users\GUARDS\Desktop
Loaded Profiles: GUARDS (Available Profiles: GUARDS)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-4124863302-1611915917-862627420-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\u6cfgu7y.default -> about:newtab
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {12146481-1BE0-4B3B-AF9D-680A7577751C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4124863302-1611915917-862627420-1000\...\123simsen.com -> www.123simsen.com

There are 7940 more sites.

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"Firefox newtab" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{12146481-1BE0-4B3B-AF9D-680A7577751C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12146481-1BE0-4B3B-AF9D-680A7577751C}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\007guard.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\010402.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\032439.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-2005-search.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1000gratisproben.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001namen.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100888290cs.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\10sek.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-26.net => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-27.net => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123fporn.info => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123haustiereundmehr.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123moviedownload.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123simsen.com => removed successfully
There are 7942 more sites. => Error: No automatic fix found for this entry.
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\007guard.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\010402.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\032439.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-2005-search.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1000gratisproben.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001namen.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100888290cs.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\10sek.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-26.net => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-27.net => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123fporn.info => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123haustiereundmehr.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123moviedownload.com => removed successfully
HKU\S-1-5-21-4124863302-1611915917-862627420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123simsen.com => removed successfully
There are 7940 more sites. => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2442961 B
Java, Flash, Steam htmlcache => 359015772 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 74505602 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33186 B
LocalService => 0 B
NetworkService => 33125 B
GUARDS => 67794 B

RecycleBin => 0 B
EmptyTemp: => 415.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:26:39 ====

ano vím, jenže kolikrát jako by to něco žralo, po combo to jelo mnohem líp

Při jaké operaci , hře? Sledoval si přitom i vytížení CPU?

Tak ještě OTL.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

můžeš zkusit i on-line scaner..
Stáhněte a spusťte bezplatný online skener z aplikace Free Virus Scan Online antivirové vyhledávání z ESET | ESET
https://www.eset.com/us/home/online-scanner/


Stáhněte soubor esetsmartinstaller_enu.exe
http://download.eset.com/special/eos/es ... er_enu.exe

a uložte jej na plochu
Poklepejte na ikonu
Zatrhněte políčko YES, I accept the Terms of Use (ANO, souhlasím se Smluvními podmínkami)
Klepněte na tlačítko Start
Přijměte všechna bezpečnostní varování z prohlížeče
Klepněte na tlačítko Advanced settings (Upřesnit nastavení)
Zkontrolujte následující položky
Enable detection of potentially unwanted applications (Povolit detekci potenciálně nežádoucích aplikací
Remove found threats (Odstraňte nalezené hrozby)
Scan archives (Skenování archivů)
Scan for potentially unsafe applications ( Prohledávání potenciálně nebezpečných aplikací)
Enable Anti-Stealth technology (Aktivovat technologii Anti-Stealth)

Klepněte na tlačítko Start
ESET pak stáhne aktualizace a spustí skenování počítače
Pokud se neprojeví žádná hrozba, klepněte na tlačítko Uninstall application on close (Odinstalovat aplikaci na zavření) a stiskněte tlačítko Finish (Dokončit)
Pokud jsou nalezeny hrozby, klepněte na položku List of found threats (Seznam nalezených hrozeb)
Klepněte na tlačítko Export do textového souboru
Uložte soubor na plochu jako soubor ESET.txt
Klikněte na tlačítko Back (Zpět)
Přečtěte si seznam položek a pokud existují nějaké položky, které chcete zastavit a zkopírujte / vložte zprávu ve formátu ESET.txt ve své odpovědi,
Pokud si nepřejete uchovávat žádné položky, zaškrtněte políčko Uninstall application on close (Odinstalovat aplikaci na zavřít) a Delete quarantined files (odstranit soubory v karanténě)
Klepněte na tlačítko Finish (Dokončit)
Zavřete okno ESET Online Scanner
Zkopírujte a vložte obsah souboru ESET.txt do své odpovědi

OTL logfile created on: 10.2.2019 13:16:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\GUARDS\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,25 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 87,31% Memory free
14,50 Gb Paging File | 13,61 Gb Available in Paging File | 93,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 190,84 Gb Free Space | 81,98% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 70,09 Mb Free Space | 70,10% Space Free | Partition Type: NTFS
Drive E: | 244,14 Gb Total Space | 197,39 Gb Free Space | 80,85% Space Free | Partition Type: NTFS
Drive F: | 687,27 Gb Total Space | 166,54 Gb Free Space | 24,23% Space Free | Partition Type: NTFS

Computer Name: GUARDS-PC | User Name: GUARDS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\GUARDS\Desktop\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (HnGSteamService) -- F:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe (Reto-Moto ApS)
SRV - (EasyAntiCheat) -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (TrueSight) -- C:\Windows\SysNative\drivers\truesight.sys ()
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,IE11UpgradePageShownTime = 95 3C 0A AF CC 9E D4 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 A3 A0 AB CC 9E D4 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = FA 63 76 D0 86 BA D4 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.region: "CZ"
FF - user.js - File not found


64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 65.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 65.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS

[2018.12.28 17:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GUARDS\AppData\Roaming\Mozilla\Extensions
[2018.12.28 17:47:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GUARDS\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018.12.28 17:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GUARDS\AppData\Roaming\Mozilla\Firefox\Profiles\u6cfgu7y.default\extensions
[2019.02.07 23:29:43 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\GUARDS\AppData\Roaming\Mozilla\Firefox\Profiles\u6cfgu7y.default\features\{841b5797-3973-49e0-86de-e68aa0fb6e43}\fxmonitor@mozilla.org.xpi

O1 HOSTS File: ([2019.02.08 22:08:30 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.43.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7D1585A-1520-4712-B868-B567B8B552C8}: DhcpNameServer = 10.0.43.254 8.8.8.8
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2019.02.10 12:12:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\GUARDS\Desktop\OTL.exe
[2019.02.09 15:16:38 | 000,000,000 | ---D | C] -- C:\FRST
[2019.02.09 15:16:18 | 002,434,048 | ---- | C] (Farbar) -- C:\Users\GUARDS\Desktop\FRST64.exe
[2019.02.09 15:09:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2019.02.08 20:57:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2019.02.08 17:55:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2019.02.07 11:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2019.02.06 23:43:30 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\AMD
[2019.02.06 23:31:59 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\CrashDumps
[2019.02.06 23:19:57 | 000,912,530 | ---- | C] (TweakNow ) -- C:\Users\GUARDS\Desktop\ramidlLE.exe
[2019.02.05 16:54:42 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\Bohemia_Interactive
[2019.02.05 15:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2019.02.05 13:57:12 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\TS3Client
[2019.02.05 13:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2019.02.05 04:22:56 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\Temp
[2019.02.03 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\Ashampoo
[2019.02.03 21:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2019.02.03 21:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2019.02.03 12:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2019.02.02 00:54:15 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\Zemana
[2019.02.02 00:52:51 | 006,624,296 | ---- | C] (Zemana Ltd. ) -- C:\Users\GUARDS\Desktop\Zemana.AntiMalware.Setup.exe
[2019.02.01 22:32:59 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\HD Tune Pro
[2019.02.01 01:48:12 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2019.02.01 01:48:12 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2019.02.01 01:48:12 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2019.02.01 01:48:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2019.02.01 01:48:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2019.02.01 01:48:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2019.02.01 01:48:12 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2019.02.01 01:48:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2019.02.01 01:48:11 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2019.02.01 01:48:11 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2019.02.01 01:48:11 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2019.02.01 01:48:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2019.02.01 01:48:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2019.02.01 01:48:10 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2019.02.01 01:48:10 | 000,663,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2019.02.01 01:48:10 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2019.02.01 01:48:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2019.02.01 01:48:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2019.02.01 01:48:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2019.02.01 01:48:09 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2019.02.01 01:48:09 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2019.02.01 01:48:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2019.02.01 01:48:09 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2019.02.01 01:48:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2019.02.01 01:48:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2019.02.01 01:48:08 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2019.02.01 01:48:08 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2019.02.01 01:48:08 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2019.02.01 01:48:08 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2019.02.01 01:48:08 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2019.02.01 01:48:07 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2019.02.01 01:48:07 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2019.02.01 01:48:07 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2019.02.01 01:48:07 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2019.02.01 01:48:07 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2019.02.01 01:48:06 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2019.02.01 01:48:06 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2019.02.01 01:48:06 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2019.02.01 01:48:06 | 000,790,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2019.02.01 01:48:06 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2019.02.01 01:48:06 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2019.02.01 01:48:05 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2019.02.01 01:48:05 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2019.02.01 01:48:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2019.02.01 01:48:04 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2019.02.01 01:47:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2019.02.01 01:47:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2019.02.01 01:47:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2019.02.01 01:47:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2019.02.01 01:47:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2019.01.31 16:42:56 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
[2019.01.31 16:42:39 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\Discord
[2019.01.31 16:42:31 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\SquirrelTemp
[2019.01.30 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\Documents\DayZ
[2019.01.30 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\DayZ
[2019.01.30 13:52:23 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\MetaGeek,_LLC
[2019.01.30 13:52:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\DIBsection
[2019.01.30 00:21:43 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\Documents\DayZ Projects
[2019.01.29 21:41:27 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\Ubisoft
[2019.01.29 21:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2019.01.28 20:32:47 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\BattlEye
[2019.01.27 16:54:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2019.01.27 11:26:21 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1589764882512.dll
[2019.01.26 11:52:30 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_9769448368075.dll
[2019.01.26 11:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2019.01.25 18:28:21 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\CEF
[2019.01.24 15:35:57 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_32775335140211.dll
[2019.01.24 14:58:55 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\EasyAntiCheat
[2019.01.24 02:47:43 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2019.01.24 02:47:43 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2019.01.23 19:59:20 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1415549623120.dll
[2019.01.23 17:59:02 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1052527110668.dll
[2019.01.23 15:02:47 | 000,019,696 | ---- | C] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_49485705008720.dll
[2019.01.22 23:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Wargaming.net
[2019.01.18 03:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2019.01.18 03:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2019.01.18 02:51:43 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\Desktop\ovladače a uinsta
[2019.01.13 16:39:47 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\Macromedia
[2019.01.13 16:39:44 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Roaming\HeroesAndGeneralsDesktop
[2019.01.12 01:07:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2019.01.12 01:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2019.01.12 01:07:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2019.01.12 01:07:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2019.01.12 01:07:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2019.01.12 00:43:02 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\ElevatedDiagnostics
[2019.01.11 19:21:02 | 000,000,000 | ---D | C] -- C:\Users\GUARDS\AppData\Local\DayZ Launcher

========== Files - Modified Within 30 Days ==========

[2019.02.10 12:14:02 | 000,022,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2019.02.10 12:14:02 | 000,022,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2019.02.10 12:12:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GUARDS\Desktop\OTL.exe
[2019.02.10 11:58:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2019.02.10 11:58:36 | 1542,316,031 | -HS- | M] () -- C:\hiberfil.sys
[2019.02.09 15:16:21 | 002,434,048 | ---- | M] (Farbar) -- C:\Users\GUARDS\Desktop\FRST64.exe
[2019.02.08 22:08:30 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2019.02.07 11:54:24 | 000,668,308 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2019.02.07 11:54:24 | 000,140,968 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2019.02.07 11:54:23 | 000,653,696 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2019.02.07 11:54:23 | 000,121,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2019.02.06 23:39:39 | 000,001,516 | ---- | M] () -- C:\Users\GUARDS\Documents\cc_20190206_233933.reg
[2019.02.06 23:19:59 | 000,912,530 | ---- | M] (TweakNow ) -- C:\Users\GUARDS\Desktop\ramidlLE.exe
[2019.02.05 13:56:26 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2019.02.05 04:25:08 | 000,267,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2019.02.05 04:06:37 | 000,000,841 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20190207-203332.backup
[2019.02.03 21:54:43 | 000,109,612 | ---- | M] () -- C:\Users\GUARDS\Desktop\potřebné programy.png
[2019.02.03 20:46:51 | 000,017,899 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2019.02.03 19:32:44 | 000,013,086 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2019.02.03 15:39:34 | 000,000,172 | ---- | M] () -- C:\Users\GUARDS\Documents\cc_20190203_153931.reg
[2019.02.03 12:51:25 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\truesight.sys
[2019.02.02 20:06:09 | 000,609,693 | ---- | M] () -- C:\Users\GUARDS\Desktop\nahlášení na serveru runing.png
[2019.02.02 16:40:50 | 000,001,662 | ---- | M] () -- C:\Users\GUARDS\Documents\cc_20190202_164047.reg
[2019.02.02 00:52:53 | 006,624,296 | ---- | M] (Zemana Ltd. ) -- C:\Users\GUARDS\Desktop\Zemana.AntiMalware.Setup.exe
[2019.02.01 01:55:26 | 001,557,208 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2019.02.01 01:55:11 | 001,557,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2019.01.31 23:32:45 | 000,000,858 | ---- | M] () -- C:\Users\GUARDS\Documents\cc_20190131_233240.reg
[2019.01.31 16:43:01 | 000,002,127 | ---- | M] () -- C:\Users\GUARDS\Desktop\Discord.lnk
[2019.01.31 01:33:45 | 000,012,598 | ---- | M] () -- C:\Users\GUARDS\Desktop\26400pitbull.gif
[2019.01.30 13:28:58 | 000,054,687 | ---- | M] () -- C:\Users\GUARDS\Desktop\měření.png
[2019.01.30 00:56:39 | 000,025,117 | ---- | M] () -- C:\Users\GUARDS\Desktop\na zaplacení do 30.1.png
[2019.01.27 11:26:21 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1589764882512.dll
[2019.01.26 11:52:30 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_9769448368075.dll
[2019.01.26 11:47:24 | 000,037,746 | ---- | M] () -- C:\Users\GUARDS\Desktop\pro jaro.png
[2019.01.26 01:46:09 | 000,509,783 | ---- | M] () -- C:\Users\GUARDS\Desktop\rust skins2.png
[2019.01.26 01:45:44 | 000,544,774 | ---- | M] () -- C:\Users\GUARDS\Desktop\rust skins.png
[2019.01.24 15:35:57 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_32775335140211.dll
[2019.01.24 02:47:43 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2019.01.24 02:47:43 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2019.01.24 02:42:09 | 000,144,190 | ---- | M] () -- C:\Users\GUARDS\Documents\cc_20190124_024205.reg
[2019.01.23 19:59:20 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1415549623120.dll
[2019.01.23 17:59:02 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_1052527110668.dll
[2019.01.23 15:02:47 | 000,019,696 | ---- | M] (EasyAntiCheat Oy) -- C:\Windows\SysNative\eac_usermode_49485705008720.dll
[2019.01.23 01:22:49 | 000,274,847 | ---- | M] () -- C:\Users\GUARDS\Desktop\zmrdi2.png
[2019.01.23 01:16:45 | 000,274,741 | ---- | M] () -- C:\Users\GUARDS\Desktop\zmrdi.png
[2019.01.21 10:39:59 | 000,010,845 | ---- | M] () -- C:\Users\GUARDS\Desktop\konektory.jpg
[2019.01.18 03:17:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2019.01.18 00:46:27 | 001,227,591 | ---- | M] () -- C:\Users\GUARDS\Desktop\[Guru3D.com]-DDU.zip
[2019.01.14 10:32:32 | 000,052,265 | ---- | M] () -- C:\Users\GUARDS\Desktop\nahlásit na polici.png
[2019.01.12 00:58:04 | 124,038,686 | ---- | M] () -- C:\Users\GUARDS\Desktop\mb_driver_audio_realtek_azalia.exe
[2019.01.11 19:22:13 | 002,000,479 | ---- | M] () -- C:\Users\GUARDS\Desktop\DayZReport_Log_20190111T182200_GUARDS.zip
[2019.01.11 16:04:33 | 000,000,000 | -H-- | M] () -- C:\Users\GUARDS\Documents\Default.rdp

========== Files Created - No Company Name ==========

[2019.02.06 23:39:37 | 000,001,516 | ---- | C] () -- C:\Users\GUARDS\Documents\cc_20190206_233933.reg
[2019.02.05 13:56:26 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2019.02.05 13:56:26 | 000,000,753 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
[2019.02.05 04:24:36 | 000,267,368 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2019.02.05 04:22:57 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2019.02.03 21:54:43 | 000,109,612 | ---- | C] () -- C:\Users\GUARDS\Desktop\potřebné programy.png
[2019.02.03 15:39:33 | 000,000,172 | ---- | C] () -- C:\Users\GUARDS\Documents\cc_20190203_153931.reg
[2019.02.02 20:06:09 | 000,609,693 | ---- | C] () -- C:\Users\GUARDS\Desktop\nahlášení na serveru runing.png
[2019.02.02 16:40:49 | 000,001,662 | ---- | C] () -- C:\Users\GUARDS\Documents\cc_20190202_164047.reg
[2019.02.02 00:54:28 | 000,017,899 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2019.02.02 00:54:28 | 000,013,086 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2019.02.01 19:24:19 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\truesight.sys
[2019.01.31 23:32:43 | 000,000,858 | ---- | C] () -- C:\Users\GUARDS\Documents\cc_20190131_233240.reg
[2019.01.31 16:42:56 | 000,002,127 | ---- | C] () -- C:\Users\GUARDS\Desktop\Discord.lnk
[2019.01.31 01:33:44 | 000,012,598 | ---- | C] () -- C:\Users\GUARDS\Desktop\26400pitbull.gif
[2019.01.30 13:28:58 | 000,054,687 | ---- | C] () -- C:\Users\GUARDS\Desktop\měření.png
[2019.01.30 00:56:39 | 000,025,117 | ---- | C] () -- C:\Users\GUARDS\Desktop\na zaplacení do 30.1.png
[2019.01.26 11:47:23 | 000,037,746 | ---- | C] () -- C:\Users\GUARDS\Desktop\pro jaro.png
[2019.01.26 01:46:09 | 000,509,783 | ---- | C] () -- C:\Users\GUARDS\Desktop\rust skins2.png
[2019.01.26 01:45:43 | 000,544,774 | ---- | C] () -- C:\Users\GUARDS\Desktop\rust skins.png
[2019.01.24 02:42:07 | 000,144,190 | ---- | C] () -- C:\Users\GUARDS\Documents\cc_20190124_024205.reg
[2019.01.23 01:22:49 | 000,274,847 | ---- | C] () -- C:\Users\GUARDS\Desktop\zmrdi2.png
[2019.01.23 01:16:45 | 000,274,741 | ---- | C] () -- C:\Users\GUARDS\Desktop\zmrdi.png
[2019.01.21 10:39:59 | 000,010,845 | ---- | C] () -- C:\Users\GUARDS\Desktop\konektory.jpg
[2019.01.18 03:17:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2019.01.18 00:46:23 | 001,227,591 | ---- | C] () -- C:\Users\GUARDS\Desktop\[Guru3D.com]-DDU.zip
[2019.01.14 10:32:32 | 000,052,265 | ---- | C] () -- C:\Users\GUARDS\Desktop\nahlásit na polici.png
[2019.01.12 00:57:42 | 124,038,686 | ---- | C] () -- C:\Users\GUARDS\Desktop\mb_driver_audio_realtek_azalia.exe
[2019.01.11 19:22:32 | 002,000,479 | ---- | C] () -- C:\Users\GUARDS\Desktop\DayZReport_Log_20190111T182200_GUARDS.zip
[2019.01.11 16:04:33 | 000,000,000 | -H-- | C] () -- C:\Users\GUARDS\Documents\Default.rdp
[2019.01.01 14:22:27 | 000,007,605 | ---- | C] () -- C:\Users\GUARDS\AppData\Local\Resmon.ResmonCfg
[2018.12.28 18:04:18 | 001,557,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2018.12.28 16:57:11 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018.08.13 16:54:39 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018.08.13 16:40:58 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2019.01.02 13:35:17 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\BANDISOFT
[2019.01.24 14:58:55 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\EasyAntiCheat
[2019.02.01 22:47:53 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\HD Tune Pro
[2019.01.13 16:39:48 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\HeroesAndGeneralsDesktop
[2019.02.10 03:51:25 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\TS3Client
[2019.01.29 21:41:27 | 000,000,000 | ---D | M] -- C:\Users\GUARDS\AppData\Roaming\Ubisoft

========== Purity Check ==========



< End of report >

Extras.Txt nevyjel?