Pomalý PC Vyřešeno

[Roy703]

PC sa mi stále pomaly zapína a jak sa zapne tak je disk vytažený na 100%


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:53:53, on 13.6.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Hanus\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Hanus\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Hanus\Desktop\Hry\GSplay.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7882 bytes

[Reklama]

[jaro3]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Roy703]

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/06/13 18:04:43

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- HL-DT-ST DVDRAM GHB0N
- WDC WD5000AAKX-22ERMA0
- Microsoft Storage Spaces Controller [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-22ERMA0
Firmware : 17.01H17
Serial Number : WD-WCC2EZW14565
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5235 hod.
Power On Count : 1105 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 141 140 _21 000000000F55 Čas na roztočenie platní
04 _99 _99 __0 000000000454 Počet spustení/zastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 200 200 __0 000000000000 Počet chybných vyhľadávaní
09 _93 _93 __0 000000001473 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _99 _99 __0 000000000451 Počet cyklov zapnutia zariadenia
C0 200 200 __0 00000000006C Počet vypnutí disku
C1 200 200 __0 0000000003E8 Počet cyklov načítania/vymazania
C2 108 _87 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4332 455A 5731 3435 3635
020: 0000 8000 0032 3137 2E30 3148 3137 5744 4320 5744
030: 3530 3030 4141 4B58 2D32 3245 524D 4130 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0000
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 002C
090: 002C 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: B4C9 F2F0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8D 8C 55 0F 00 00 00 00 00 04 32 00 63 63 54
020: 04 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5D 5D 73 14 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 51 04 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 00 00 00 00 00 00 C1 32 00 C8 C8 E8
080: 03 00 00 00 00 00 C2 22 00 6C 57 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 FC 21 01 7B
170: 03 00 01 00 02 58 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D

[Roy703]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by Hanus (administrator) on HANUS-PC (13-06-2016 18:06:33)
Running from C:\Users\Hanus\Desktop
Loaded Profiles: Hanus (Available Profiles: Hanus)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-17] (Spotify Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [GSplay.exe] => C:\Users\Hanus\Desktop\Hry\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-03] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45EBB24D-83FA-43A8-B741-2F2DCFC276C4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4DDE0E17-7512-4773-AE02-D9007D1B58DA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-17] (AVAST Software)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-12] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-07]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-13]
CHR Extension: (Dokumenty Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-13]
CHR Extension: (Disk Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-13]
CHR Extension: (YouTube) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-13]
CHR Extension: (Avast SafePrice) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-06-13]
CHR Extension: (Tabuľky Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-13]
CHR Extension: (Avast Online Security) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-13]
CHR Extension: (Gmail) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-03] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-18] ()
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-11] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-11] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-03] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-20] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [46016 2016-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-13 18:06 - 2016-06-13 18:07 - 00014466 _____ C:\Users\Hanus\Desktop\FRST.txt
2016-06-13 18:06 - 2016-06-13 18:06 - 00000000 ____D C:\FRST
2016-06-13 18:05 - 2016-06-13 18:05 - 02385408 _____ (Farbar) C:\Users\Hanus\Desktop\FRST64.exe
2016-06-13 13:45 - 2016-06-13 13:33 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-06-13 13:33 - 2016-06-13 13:44 - 00000000 ____D C:\zoek_backup
2016-06-13 13:32 - 2016-06-13 13:32 - 01309184 _____ C:\Users\Hanus\Desktop\zoek.exe
2016-06-12 19:43 - 2016-06-12 19:45 - 24172616 _____ C:\Users\Hanus\Desktop\RogueKillerX64.exe
2016-06-12 19:43 - 2016-06-12 19:43 - 00000879 _____ C:\Users\Hanus\Desktop\JRT.txt
2016-06-12 19:39 - 2016-06-12 19:40 - 01610816 _____ (Malwarebytes) C:\Users\Hanus\Desktop\JRT.exe
2016-06-12 12:04 - 2016-06-12 19:34 - 00000000 ____D C:\AdwCleaner
2016-06-12 12:04 - 2016-06-12 12:04 - 03677248 _____ C:\Users\Hanus\Desktop\AdwCleaner.exe
2016-06-12 11:57 - 2016-06-12 11:57 - 00448512 _____ (OldTimer Tools) C:\Users\Hanus\Desktop\TFC.exe
2016-06-12 11:56 - 2016-06-12 11:57 - 00448512 _____ (OldTimer Tools) C:\Users\Hanus\Downloads\Nepotvrdené 57263.crdownload
2016-06-11 17:49 - 2016-06-11 17:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hanus\Desktop\HijackThis.exe
2016-06-11 16:03 - 2016-06-11 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 3® - Dziki Gon [GOG.com]
2016-06-11 11:53 - 2016-06-11 11:53 - 00000000 ____D C:\Users\Hanus\Documents\My Cheat Tables
2016-06-11 11:49 - 2016-06-11 11:50 - 03722240 _____ C:\Users\Hanus\Desktop\fc4blackbarsfix.EXE
2016-06-10 17:55 - 2016-06-10 17:55 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-10 17:55 - 2016-06-03 05:19 - 00113208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-10 17:55 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-10 17:55 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-10 17:55 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-10 17:55 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-10 17:53 - 2016-06-03 09:38 - 39979576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 35115456 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 31603768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 25377848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 21802280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 21346712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 18143912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 17738592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 17290416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 16756888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 13460536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-10 17:53 - 2016-06-03 09:38 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 08733608 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 03512888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 03065280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00985144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00908736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00565392 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00476664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00394912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00178136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00153416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00131768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00126008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2016-06-10 17:53 - 2016-06-03 09:38 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2016-06-10 15:11 - 2016-06-10 16:29 - 1115249788 _____ C:\Users\Hanus\Downloads\Far_Cry_4_Patch_v1.4.0_Cracks_ALI213 (1).rar
2016-06-10 14:46 - 2016-06-10 14:46 - 00000123 _____ C:\Users\Public\Desktop\FarCry 4.url
2016-06-08 16:39 - 2016-06-08 16:39 - 00224502 _____ C:\Users\Hanus\Downloads\Bussaba Modern.zip
2016-06-08 14:24 - 2016-06-08 14:27 - 18761968 _____ C:\Users\Hanus\Downloads\Sims 4 Language Changer.zip
2016-06-08 14:22 - 2016-06-08 14:22 - 00001148 _____ C:\Users\Hanus\Desktop\The Sims 4.lnk
2016-06-08 14:22 - 2016-06-08 14:22 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\The Sims 4
2016-06-08 14:22 - 2016-06-08 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-06-08 13:43 - 2016-06-08 13:43 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-06-07 13:45 - 2016-06-07 13:45 - 00001942 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-06-07 13:45 - 2016-06-07 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-07 13:43 - 2016-06-07 13:43 - 00000000 ____D C:\Users\Hanus\AppData\LocalLow\uTorrent
2016-06-07 13:43 - 2016-05-03 18:17 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-06-06 14:09 - 2016-06-06 15:55 - 00000000 ____D C:\Users\Hanus\Downloads\[R.G. Mechanics] The Sims 4
2016-06-06 14:04 - 2016-06-06 14:04 - 00022183 _____ C:\Users\Hanus\Downloads\TheSims4DeluxeEditionv1.5.139.10202014PCRePackR.G.chanics---ThePirateBay.TO.torrent
2016-06-05 07:52 - 2016-06-05 08:01 - 00000000 ____D C:\Users\Hanus\AppData\Local\Origin
2016-06-05 07:51 - 2016-06-05 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-06-04 13:52 - 2016-06-08 15:14 - 00000000 ____D C:\Users\Hanus\Documents\Electronic Arts
2016-06-04 13:48 - 2016-06-04 13:48 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2016-06-04 13:48 - 2008-09-04 20:17 - 00447752 ____R (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2016-06-04 12:54 - 2016-06-08 15:15 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-06-03 12:16 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-03 12:16 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-03 12:16 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-03 12:16 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-03 12:16 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2016-06-03 12:16 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-06-03 12:16 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-03 12:16 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-06-03 12:16 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-06-03 12:16 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-03 12:16 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-06-03 12:16 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-03 12:16 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-03 12:16 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-03 12:16 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-03 12:16 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-06-03 12:16 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-03 12:16 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-03 12:16 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-03 12:16 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-06-03 12:16 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-06-03 12:16 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-03 12:16 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-03 12:16 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-03 12:16 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-03 12:16 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-03 12:16 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-03 12:16 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-06-03 12:16 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-03 12:16 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-03 12:16 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-03 12:16 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-03 12:16 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-03 12:16 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-03 12:16 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-03 12:16 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-03 12:16 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-03 12:16 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-03 12:16 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-03 12:16 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-03 12:16 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-03 12:16 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-03 11:51 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-03 11:51 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-03 11:51 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-03 11:51 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-03 11:51 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-03 11:51 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-03 11:51 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-03 11:51 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-03 11:51 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-03 11:51 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-03 11:51 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-03 11:51 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-03 11:51 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-03 11:51 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-06-03 11:51 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-03 11:51 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-03 11:51 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-03 11:51 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-03 11:51 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-03 11:51 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-03 11:51 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-03 11:51 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-03 11:51 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-06-03 11:51 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-03 11:51 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-03 11:51 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-03 11:51 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-03 11:51 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-03 11:51 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-03 11:50 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-03 11:49 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-03 11:49 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-06-03 11:49 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-03 11:49 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-06-03 11:49 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-03 11:49 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-06-03 11:49 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-03 11:49 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-06-03 11:49 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-06-03 11:49 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-06-03 11:49 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-06-03 11:49 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-06-03 11:49 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-03 11:49 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-03 11:49 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-03 11:49 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-03 11:49 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-06-03 11:49 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-03 11:49 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-06-03 11:48 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-03 11:48 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-03 11:48 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-01 15:55 - 2016-06-03 09:38 - 14346320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-01 15:55 - 2016-06-03 09:38 - 03383472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-01 15:55 - 2016-05-21 23:10 - 01581624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2016-06-01 15:55 - 2016-05-21 23:10 - 00141256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-06-01 15:55 - 2016-05-21 23:10 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-06-01 15:55 - 2016-05-20 09:01 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436822.dll
2016-06-01 15:55 - 2016-05-20 09:01 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436822.dll
2016-06-01 15:55 - 2016-05-20 09:01 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-06-01 15:55 - 2016-05-20 09:01 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-06-01 15:25 - 2016-06-01 15:50 - 366084144 _____ (NVIDIA Corporation) C:\Users\Hanus\Downloads\368.22-desktop-win8-win7-winvista-64bit-international-whql.exe
2016-05-31 18:01 - 2016-05-31 18:01 - 00000202 _____ C:\Users\Hanus\Desktop\Stronghold Crusader 2.url
2016-05-30 14:04 - 2016-05-30 14:04 - 00721201 _____ C:\Users\Hanus\Downloads\black_riders.zip
2016-05-29 20:33 - 2016-05-29 20:33 - 00661079 _____ C:\Users\Hanus\Downloads\The_Kharlan_Tournament.zip
2016-05-29 20:30 - 2016-05-29 20:30 - 00392120 _____ C:\Users\Hanus\Downloads\Ottomans Castle Siege.zip
2016-05-29 20:20 - 2016-05-29 20:20 - 04016140 _____ C:\Users\Hanus\Downloads\Conquest of Constantinople_0001.zip
2016-05-29 13:48 - 2016-05-29 13:48 - 00191517 _____ C:\Users\Hanus\Downloads\impmod_usa.zip
2016-05-29 12:10 - 2016-05-29 12:10 - 00001331 _____ C:\Users\Hanus\Desktop\AoE3 Imp Mod Patcher.lnk
2016-05-29 12:02 - 2016-05-29 12:09 - 60751261 _____ (Softeza Development) C:\Users\Hanus\Downloads\improvement_mod_v5.4.exe
2016-05-29 10:53 - 2016-05-29 10:54 - 07848177 _____ C:\Users\Hanus\Downloads\CC_mod_v4a.zip
2016-05-26 19:30 - 2016-05-26 19:30 - 00047114 _____ C:\Users\Hanus\Downloads\ddwrapper.zip
2016-05-26 14:28 - 2016-05-26 14:47 - 236824885 _____ (LORD_VALROY ) C:\Users\Hanus\Downloads\Setup G.M.B. mod by LORD_VALROY.exe
2016-05-25 20:19 - 2016-05-26 14:48 - 00000000 ____D C:\Users\Hanus\Documents\Stronghold Crusader
2016-05-25 14:42 - 2016-05-25 15:51 - 1006676353 _____ C:\Users\Hanus\Downloads\Stronghold_Crusader_HD_(2002)_EN+CZ_for_Windows_7.rar
2016-05-20 16:09 - 2016-05-10 06:07 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436519.dll
2016-05-20 16:09 - 2016-05-10 06:07 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436519.dll
2016-05-20 14:34 - 2016-05-20 14:34 - 00000000 ____D C:\Users\Hanus\AppData\Local\DayZCommander
2016-05-20 14:32 - 2016-05-20 14:33 - 02932736 _____ C:\Users\Hanus\Downloads\Dotjosh.DayZCommander.Installer.msi
2016-05-20 14:26 - 2016-05-20 14:26 - 00104548 _____ C:\Users\Hanus\Downloads\Contig.zip
2016-05-20 14:23 - 2016-05-20 14:23 - 06554576 _____ (Microsoft Corporation) C:\Users\Hanus\Downloads\vcredist_x86.exe
2016-05-20 14:23 - 2016-05-20 14:23 - 01453976 _____ (Microsoft Corporation) C:\Users\Hanus\Downloads\vcredist_arm.exe
2016-05-20 14:22 - 2016-05-20 14:23 - 07186992 _____ (Microsoft Corporation) C:\Users\Hanus\Downloads\vcredist_x64.exe
2016-05-18 16:46 - 2016-05-20 17:33 - 00000000 ____D C:\Users\Hanus\AppData\Local\ArmA 2 OA
2016-05-18 16:46 - 2016-05-18 16:46 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2016-05-17 20:12 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-05-17 20:12 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-17 20:12 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-05-16 17:11 - 2016-05-18 16:48 - 00000000 ____D C:\Users\Hanus\Documents\ArmA 2
2016-05-16 17:11 - 2016-05-18 16:45 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2016-05-16 17:11 - 2016-05-16 17:11 - 00000000 ____D C:\Users\Hanus\AppData\Local\ArmA 2
2016-05-16 17:11 - 2016-05-16 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-13 17:21 - 2016-05-13 12:21 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-13 17:05 - 2015-11-05 15:03 - 00008192 _____ C:\WINDOWS\system32\edb.chk
2016-06-13 15:08 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-13 13:48 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-13 13:48 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 13:36 - 2015-08-03 00:41 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F85D8D3-BFBD-487A-96B3-E6C2E0978322}
2016-06-13 13:27 - 2016-04-17 12:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-12 19:46 - 2015-09-09 14:21 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-06-12 12:50 - 2015-12-30 14:20 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\uTorrent
2016-06-12 12:09 - 2015-09-08 14:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-11 18:07 - 2015-08-03 00:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3812361727-838257335-1277264128-1001
2016-06-11 12:51 - 2015-12-17 16:17 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-06-11 09:20 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-10 17:56 - 2016-02-04 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-08 15:15 - 2014-06-17 15:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-07 21:00 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-07 13:56 - 2015-09-29 14:27 - 00000000 ___RD C:\Users\Hanus\Desktop\Hry
2016-06-07 13:45 - 2016-04-17 12:25 - 00003924 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1460888704
2016-06-07 13:45 - 2016-04-17 12:25 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-06 13:26 - 2016-02-03 17:21 - 00000000 ____D C:\ProgramData\Origin
2016-06-05 16:40 - 2015-08-03 00:35 - 00000000 ____D C:\Users\Hanus
2016-06-05 07:52 - 2016-02-03 17:30 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Origin
2016-06-05 07:51 - 2016-02-03 17:21 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-06-03 14:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-03 12:35 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-03 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-03 12:19 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-03 12:17 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-03 12:05 - 2013-08-22 16:44 - 00473848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-03 12:00 - 2015-08-03 15:18 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-06-03 12:00 - 2015-08-03 15:18 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-06-03 12:00 - 2015-08-03 15:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-03 12:00 - 2015-08-03 13:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-03 12:00 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-03 11:53 - 2015-08-03 13:04 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-03 11:49 - 2016-03-30 13:39 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-03 11:49 - 2016-03-30 13:39 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-03 11:49 - 2016-03-30 13:39 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-03 11:49 - 2016-03-30 13:39 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-03 11:49 - 2016-03-30 13:39 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-03 11:49 - 2016-03-30 13:39 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-06-03 11:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-03 09:38 - 2016-02-04 15:56 - 03825896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:38 - 2015-12-15 17:36 - 19180152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:38 - 2015-12-15 17:36 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2016-06-03 09:38 - 2015-12-15 17:36 - 00039124 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:26 - 2016-02-04 15:58 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:26 - 2016-02-04 15:58 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-03 05:26 - 2016-02-04 15:26 - 06362560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:26 - 2016-02-04 15:26 - 02453952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:26 - 2016-02-04 15:26 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:26 - 2016-02-04 15:26 - 01351104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:26 - 2016-02-04 15:26 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:26 - 2016-02-04 15:26 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-02 15:36 - 2016-03-21 16:45 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Age Of Empires 2 & The Conquerors Expansion - Full Game
2016-06-02 14:19 - 2016-02-04 15:26 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-01 15:59 - 2016-02-04 15:59 - 00001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-05-31 18:01 - 2015-08-02 20:29 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-29 20:35 - 2015-08-21 16:07 - 00000000 ____D C:\KMPlayer
2016-05-29 15:54 - 2015-08-03 00:58 - 00000000 ____D C:\Users\Hanus\AppData\Local\ElevatedDiagnostics
2016-05-28 15:46 - 2016-05-06 12:16 - 00000022 _____ C:\WINDOWS\GPU-Z.INI
2016-05-27 15:41 - 2015-09-05 18:21 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Spotify
2016-05-25 20:16 - 2015-12-17 15:32 - 00000000 ____D C:\GOG Games
2016-05-25 14:39 - 2014-03-06 08:43 - 00765714 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-24 16:29 - 2015-08-03 17:08 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\TS3Client
2016-05-20 15:26 - 2014-03-06 09:39 - 00000000 ____D C:\ProgramData\Nero
2016-05-20 15:22 - 2014-06-17 15:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-20 15:21 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-20 15:20 - 2015-09-09 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-05-17 20:13 - 2016-02-04 15:59 - 00000000 ____D C:\Users\Hanus\AppData\Local\NVIDIA
2016-05-14 14:55 - 2015-08-03 00:35 - 00000000 ____D C:\Users\Hanus\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-08-04 15:46 - 2016-04-30 18:58 - 0161399 _____ () C:\Program Files\changelog.txt
2013-11-13 14:36 - 2016-04-30 18:58 - 0375336 _____ () C:\Program Files\createfileassoc.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 0447256 _____ (TeamSpeak Systems GmbH) C:\Program Files\error_report.exe
2014-06-05 15:48 - 2016-04-30 18:58 - 2084352 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\libeay32.dll
2016-04-30 18:58 - 2016-04-30 18:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2016-04-30 18:58 - 2016-04-30 18:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files\msvcr120.dll
2014-05-19 13:15 - 2016-04-30 18:58 - 1704176 _____ (Overwolf) C:\Program Files\OverwolfTeamSpeakInstaller.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 0474904 _____ (TeamSpeak Systems GmbH) C:\Program Files\package_inst.exe
2014-08-04 10:29 - 2016-04-30 18:58 - 0000313 _____ () C:\Program Files\plugin_sdk.html
2014-02-27 16:47 - 2016-04-30 18:58 - 5629952 _____ (The Qt Company Ltd) C:\Program Files\Qt5Core.dll
2014-02-27 16:48 - 2016-04-30 18:58 - 3935744 _____ (The Qt Company Ltd) C:\Program Files\Qt5Gui.dll
2014-02-27 16:47 - 2016-04-30 18:58 - 1094656 _____ (The Qt Company Ltd) C:\Program Files\Qt5Network.dll
2014-02-27 16:47 - 2016-04-30 18:58 - 0216576 _____ (The Qt Company Ltd) C:\Program Files\Qt5Sql.dll
2014-02-27 16:50 - 2016-04-30 18:58 - 5426176 _____ (The Qt Company Ltd) C:\Program Files\Qt5Widgets.dll
2014-02-28 11:14 - 2016-04-30 18:58 - 0174872 _____ () C:\Program Files\quazip.dll
2014-06-05 15:48 - 2016-04-30 18:58 - 0349696 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\ssleay32.dll
2014-08-04 15:45 - 2016-04-30 18:58 - 11480344 _____ (TeamSpeak Systems GmbH) C:\Program Files\ts3client_win64.exe
2015-08-03 17:08 - 2015-08-03 17:08 - 0126290 _____ (TeamSpeak Systems GmbH) C:\Program Files\Uninstall.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 1532184 _____ (TeamSpeak Systems GmbH) C:\Program Files\update.exe
2014-06-20 09:44 - 2016-04-30 18:58 - 0579975 _____ () C:\Program Files\usb.ids
2015-08-05 12:33 - 2015-08-05 12:34 - 1065984 _____ () C:\Users\Hanus\AppData\Local\file__0.localstorage
2016-01-03 15:06 - 2016-05-03 18:20 - 0007602 _____ () C:\Users\Hanus\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-13 15:07

==================== End of FRST.txt ============================

[Roy703]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by Hanus (2016-06-13 18:07:43)
Running from C:\Users\Hanus\Desktop
Windows 8.1 (Update) (X64) (2015-08-02 22:34:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3812361727-838257335-1277264128-500 - Administrator - Disabled)
Guest (S-1-5-21-3812361727-838257335-1277264128-501 - Limited - Disabled)
Hanus (S-1-5-21-3812361727-838257335-1277264128-1001 - Administrator - Enabled) => C:\Users\Hanus
HomeGroupUser$ (S-1-5-21-3812361727-838257335-1277264128-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2005 - Acer)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Napoleonic Era version 2.1.8 (HKLM-x32\...\{647233CC-A29F-4961-9CB0-50AD445C7238}_is1) (Version: 2.1.8 - Napoleonic Era Team)
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aktualizácie NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Arma 2 (HKLM\...\Steam App 33910) (Version: - Bohemia Interactive)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version: - )
Arma 2: DayZ Mod (HKLM\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version: - Bohemia Interactive)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3716.57 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Floris Mod Pack 2.54 (HKLM-x32\...\Floris Mod Pack_is1) (Version: - )
Freemake Video Converter verzia 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8102 - Acer Incorporated)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.135 - PandoraTV)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mount&Blade With Fire and Sword (HKLM-x32\...\Mount&Blade With Fire and Sword) (Version: - )
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Virtuálny zvuk Miracast 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 368.39 - NVIDIA Corporation)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version: - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Sims 4 (HKLM-x32\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.20.0.0 - GOG.com)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
War Thunder Launcher 1.0.1.538 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AFB4CD0-7918-429A-8BDD-BDC63674CF9F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {84C5AF9F-7871-4A33-B3DE-5DA044729B4B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] ()
Task: {8A6784D7-E7AA-4EC3-AB7C-06203DA68212} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-12-31] (Acer Incorporated)
Task: {90EB7AAA-E70E-4600-BD1D-C72EE4548DCE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {99CE1743-1169-4E83-B12F-51B9CAABF68B} - System32\Tasks\Opera scheduled Autoupdate 1441991824 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {AC2BDFE8-0D3D-4320-B058-B219581DA871} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {BC020A7B-62F1-480B-9042-C2C9B3EF0666} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {C9154531-98FE-4D25-8806-991275D1C4CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {E65993DB-CC5E-492A-9360-3EE45D612B2F} - System32\Tasks\SafeZone scheduled Autoupdate 1460888704 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {E74F8540-770E-4688-96E3-7F50ADEF0D81} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-03] (Microsoft Corporation)
Task: {E8C0342A-19B9-469B-A295-A92237C376F6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-03] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-04 15:26 - 2016-06-03 05:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-17 15:34 - 2014-01-03 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-02-04 15:59 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2016-02-04 15:59 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-05-03 18:17 - 2016-05-03 18:17 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-03 18:17 - 2016-05-03 18:17 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-13 13:28 - 2016-06-13 13:28 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061300\algo.dll
2016-05-03 18:17 - 2016-05-03 18:17 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-03 18:17 - 2016-05-03 18:17 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-04 15:59 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-17 12:16 - 2016-04-17 12:16 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-17 15:18 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-06-13 13:36 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hanus\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CCDMonitorService => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UEIPSvc => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "vibranceGUI"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9303AF6C-AEFD-4DFD-864D-A73602A9B920}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BB7884FD-15CD-4216-B64E-1EA78ADD4E68}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9BC65F97-9A38-4D34-B342-8A54D64E36C1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EA789DCF-8BED-451E-AEA4-07FD6B5372D6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{77AA6952-28EE-4C46-9033-A6ADFA8945E3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3FC56E80-8B74-4BB8-AE6F-09C7A51595BD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5BCD5C63-6890-44D6-92E6-7790EF464EBF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{D4CC9B98-88BB-4338-86DD-FBFD604C05C8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{C46D24EE-8041-4A2B-BCCC-0C4C882FEEA2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{4DC7970B-589C-4627-A68A-E265C90D6E7E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{571025CA-8060-4ED7-970D-EA2ECBF0E0E6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{871BEECF-FFD0-440E-8C28-1EE85220EF51}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{9B923312-5251-45B6-887B-257A3B8181DE}] => (Allow) D:\WarThunder\launcher.exe
FirewallRules: [{A374980F-FEAF-465C-AFAF-048255955051}] => (Allow) D:\WarThunder\bpreport.exe
FirewallRules: [{C54167DC-68FC-42E0-9AD7-636AE3CBF667}] => (Allow) D:\WarThunder\bpreport.exe
FirewallRules: [{EA48FB27-9BC9-4E3C-A16E-B9FA6CDC3BEB}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{13E0581D-964C-46B9-9A07-98F6CFDB8926}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4EAFD4C7-CE52-415A-91FE-567EC1189183}D:\world of tanks\worldoftanks.exe] => (Block) D:\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F7DC0447-A59A-4280-92B3-0BB6716C50C5}D:\world of tanks\worldoftanks.exe] => (Block) D:\world of tanks\worldoftanks.exe
FirewallRules: [TCP Query User{43A8DE7F-C19C-450E-877C-97F4E4165669}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [UDP Query User{389DDADE-A973-4A15-A8AB-00E434A0B12B}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [TCP Query User{F4970585-D85C-4A08-830D-226B9B9820FF}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [UDP Query User{8A956451-D1F8-4DA4-AABB-32907276D708}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [TCP Query User{7A40ADC1-4453-414C-9E1A-21D0F164BDE2}D:\world of tanks\wotlauncher.exe] => (Allow) D:\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{26A95EAE-97E0-46B2-B279-0ABF000C3EDA}D:\world of tanks\wotlauncher.exe] => (Allow) D:\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4BA68414-E6FA-457E-B20E-60CFBAC0FDFC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1955A99C-9A08-452F-BB29-B1C5FAAE4FEE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{392487C6-7639-4201-96ED-CBC93BD75DF7}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [UDP Query User{3C3B52FC-DA68-468D-8E4E-96FC89518A12}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [TCP Query User{DDE212A9-E064-4022-B28A-6215007EFA7D}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [UDP Query User{ED5028AA-7727-45B7-AB7E-9F59495A2C8F}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [TCP Query User{BDDF06B6-BE2C-44FD-9D42-91C862235BC6}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [UDP Query User{A3A7B054-FE2D-4751-9CE8-8598E1FDC424}D:\warthunder\aces.exe] => (Allow) D:\warthunder\aces.exe
FirewallRules: [TCP Query User{710C479E-9ABB-4B90-9DD7-5D44B7213CA0}D:\world of tanks\wotlauncher.exe] => (Allow) D:\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{DCFD65F3-7F28-4732-A895-05C349A03E3B}D:\world of tanks\wotlauncher.exe] => (Allow) D:\world of tanks\wotlauncher.exe
FirewallRules: [{000B07B7-34F0-46A1-BD5D-508B7C9529DB}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{15B06FC7-2C63-42B0-999A-1500A5C98C5D}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{39C81872-99A8-4729-98DA-4EA7E74AC653}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{2CC92D41-7EAB-4493-97A9-9602BC4F3AD9}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{06225CD6-A61F-49D5-B488-E8570579D225}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{CFA42265-2DD2-4F0B-87FB-9602FA049A0E}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{AF1F2499-1B96-41D5-911C-0DA1FB2ABE45}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{5296AAA7-4059-4130-8780-799ABE041A6E}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{238919D2-BF28-4A1C-8183-14F3DE9C85A8}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{0AD6A48A-597E-4F80-9721-EAD31173CE79}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{90786252-8057-48D8-BB92-89CF50534A3E}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{35C09DFE-1387-4038-924B-CAF89D466BEE}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{60EFCAAF-FB63-4F06-BFCF-EB94361FB040}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A3BCA762-96B1-4340-8171-DF59210817CA}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [{8201F9DB-326D-4276-B410-FB4733853ECB}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C342B4B2-FE4A-4B5B-B430-58FC7FBBAB41}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EDC52221-D55E-4972-A9F9-BF62DAF7BC59}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23986DBC-31B6-4EB7-B6CA-CE6CF66F2198}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4F4B5166-C767-44F5-A337-2353908DC69B}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30910B41-9219-4073-82BD-E64CFEC4DBE7}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A3245D9-7502-4BDD-A76D-B240901047C4}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{AA879E62-DD74-4B9C-91E2-E7357DFA349B}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{3121224E-FA4B-4E39-BC82-EF7B6AFB9BA8}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{BBBE37DA-6E8F-4C27-A2F4-9D0194E3E2FD}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{0C9B7925-34E7-46BA-BB35-46EB18383825}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{AF7F00D7-6D68-4EAA-9935-31F0D618C67F}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{BB5DA14F-FFDD-4662-AF70-441A37B1D908}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D1314B6D-1CD2-4108-BBA0-6C86EB5FB4BB}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{0AB0AA26-6E63-40AA-A62F-924CC5EE38D4}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{5C764B10-B679-4A99-9BCE-79D8762580B4}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{E69C4306-26AC-40CF-A662-C6846D1F72C7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F1DE7C1-3CD1-4B7F-A58F-BDC675CE98AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{637538B7-6B3F-4C1A-AC64-E4C3A295C1C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F19FB852-FC7C-4AE7-B63A-62870910D202}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0CED0247-225E-4927-B632-20D55A8AD548}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D1A18CCF-1B3A-47EC-99E5-17B19063FE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2F7BC7-7352-4783-B708-8569D1E0C3DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{93C28944-269F-4F7E-9F3E-750E6902C7E9}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{87DE8601-0B00-47CA-A534-B49030AE276B}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{74C9C830-4A31-4C95-93DB-9A978A13A57A}] => (Allow) C:\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{C436382E-8679-435C-837D-CC803ED37283}] => (Allow) C:\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{AE214F34-4154-4FA8-9882-3ECEC13A1DCF}] => (Allow) D:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{8917F71A-B2D5-4D27-BA9D-25628A4F0393}] => (Allow) D:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [TCP Query User{78374F0F-DA39-4090-B65A-B27C29398925}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{AE4A0F4E-CBEC-4BBC-BCC8-EE3A91035417}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{201C28CD-A48D-4302-9EF0-7D4EBAAA20C1}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{EB26907A-27BF-4932-AD82-5E63388DC965}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{0BFC4ECC-A4F1-4F53-8AF5-0DE635BB7DF1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{836CF81C-BCCA-4EA7-88B4-6C95C1EE6267}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [TCP Query User{3B56604A-67E8-4A14-97E1-D0C6EF091770}C:\program files (x86)\microsoft games\age of empires iii\age3n.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3n.exe
FirewallRules: [UDP Query User{3FB5BE2F-9ACF-4A32-BA15-8C7208404396}C:\program files (x86)\microsoft games\age of empires iii\age3n.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3n.exe
FirewallRules: [{D42514BA-E1AF-4A47-B6DA-D3FB4CAB66CF}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{8EEA46C7-3C16-494F-893C-FBECD85D695A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{F44CC431-6927-4DCD-BE75-E6FB9EF5B5C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0C7DF10A-719B-49AC-A970-659E5CF3A089}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{DF5302DA-5AA7-415D-ADE6-2EB96BA55570}] => (Allow) D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{403DD9E8-1B53-4C05-BC43-9799C89640EA}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{4D45781F-9C4D-47E9-BDB5-7151812EE119}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{64AA1969-ECB0-4B6A-8797-61CEF8D71998}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{25690A3A-EEB6-48F9-B905-0C967DED52D3}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{64FE1FE6-6EC7-44C8-A55F-A13D0D8A0C37}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{B09D559F-D20D-4EAB-A69D-3545B6CF8934}] => (Allow) D:\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{989E224A-A1B6-459A-A7B9-092FE48E6994}] => (Allow) C:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{1753AE99-7E00-4247-B8AC-53B442268A8C}] => (Allow) C:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{14F98D42-45A6-4A16-9422-0350CC2D5344}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{D898EA75-920D-45E7-9786-83901EBC43FC}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{A0C87448-DBFC-46BD-887C-A50B9D728BCE}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{C87586F4-52B8-43EF-98B0-FF47E3090958}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe

==================== Restore Points =========================

10-06-2016 14:18:14 Scheduled Checkpoint
10-06-2016 14:46:55 Installed DirectX
12-06-2016 19:41:12 JRT Pre-Junkware Removal
13-06-2016 13:35:27 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2016 05:05:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (06/13/2016 05:05:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: WUDFHost (3152) WindowsLocationProviderDatabase: Error -1032 (0xfffffbf8) occurred while opening logfile C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log.

Error: (06/13/2016 05:05:42 PM) (Source: ESENT) (EventID: 489) (User: )
Description: WUDFHost (3152) WindowsLocationProviderDatabase: An attempt to open the file "C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log" for read only access failed with system error 5 (0x00000005): "Prístup je odmietnutý. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (06/13/2016 05:05:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: WUDFHost (3152) WindowsLocationProviderDatabase: Error -1032 (0xfffffbf8) occurred while opening logfile C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log.

Error: (06/13/2016 05:05:32 PM) (Source: ESENT) (EventID: 489) (User: )
Description: WUDFHost (3152) WindowsLocationProviderDatabase: An attempt to open the file "C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log" for read only access failed with system error 5 (0x00000005): "Prístup je odmietnutý. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (06/13/2016 05:05:22 PM) (Source: ESENT) (EventID: 490) (User: )
Description: WUDFHost (3152) WindowsLocationProviderDatabase: An attempt to open the file "C:\ProgramData\Microsoft\Windows\LocationProvider\edb.chk" for read / write access failed with system error 5 (0x00000005): "Prístup je odmietnutý. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (06/13/2016 04:14:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (06/13/2016 04:14:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: WUDFHost (4044) WindowsLocationProviderDatabase: Error -1032 (0xfffffbf8) occurred while opening logfile C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log.

Error: (06/13/2016 04:14:03 PM) (Source: ESENT) (EventID: 489) (User: )
Description: WUDFHost (4044) WindowsLocationProviderDatabase: An attempt to open the file "C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log" for read only access failed with system error 5 (0x00000005): "Prístup je odmietnutý. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (06/13/2016 04:13:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: WUDFHost (4044) WindowsLocationProviderDatabase: Error -1032 (0xfffffbf8) occurred while opening logfile C:\ProgramData\Microsoft\Windows\LocationProvider\edb.log.


System errors:
=============
Error: (06/13/2016 04:02:33 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/13/2016 04:02:03 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/13/2016 03:08:30 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/13/2016 03:08:00 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/13/2016 01:48:39 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (06/13/2016 01:48:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\WINDOWS\system32\athExt.dll
Kód chyby: 126

Error: (06/13/2016 01:44:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/13/2016 01:44:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/13/2016 01:44:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/13/2016 01:44:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.


CodeIntegrity:
===================================
Date: 2016-01-24 08:50:38.540
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-23 08:18:38.571
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-22 16:09:36.388
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-22 13:31:05.880
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-21 13:31:45.144
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-20 13:35:30.403
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-19 16:57:46.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-19 14:04:57.579
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-18 13:47:16.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 08:37:20.307
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Percentage of memory in use: 14%
Total physical RAM: 8131.32 MB
Available physical RAM: 6934.95 MB
Total Virtual: 11684.32 MB
Available Virtual: 10359.56 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:223.88 GB) (Free:35.08 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.88 GB) (Free:55.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1761ADAE)

Partition: GPT.

==================== End of Addition.txt ============================

[Roy703]

Memtest-0 errors

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

000000000F55 Čas na roztočenie platní
CrystalDiskInfo udělej znovu

Drive c: (Acer) (Fixed) (Total:223.88 GB) (Free:35.08 GB) NTFS
měl bys mít nejméně 15-20% volného místa na systémovém disku , něco odinstaluj , smaž!

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku

[Roy703]

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2016
Ran by Hanus (2016-06-14 14:10:55) Run:1
Running from C:\Users\Hanus\Desktop
Loaded Profiles: Hanus (Available Profiles: Hanus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc200d97-2671-11e6-8453-448a5b9b27f4}" => key removed successfully
HKCR\CLSID\{fc200d97-2671-11e6-8453-448a5b9b27f4} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
EmptyTemp: => 604.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:11:04 ====

[Roy703]

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/06/14 14:18:55

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- HL-DT-ST DVDRAM GHB0N
- WDC WD5000AAKX-22ERMA0
- Microsoft Storage Spaces Controller [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-22ERMA0
Firmware : 17.01H17
Serial Number : WD-WCC2EZW14565
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5240 hod.
Power On Count : 1106 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 141 140 _21 000000000F55 Čas na roztočenie platní
04 _99 _99 __0 000000000455 Počet spustení/zastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 100 253 __0 000000000000 Počet chybných vyhľadávaní
09 _93 _93 __0 000000001478 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _99 _99 __0 000000000452 Počet cyklov zapnutia zariadenia
C0 200 200 __0 00000000006C Počet vypnutí disku
C1 200 200 __0 0000000003E9 Počet cyklov načítania/vymazania
C2 107 _87 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4332 455A 5731 3435 3635
020: 0000 8000 0032 3137 2E30 3148 3137 5744 4320 5744
030: 3530 3030 4141 4B58 2D32 3245 524D 4130 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0000
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 002C
090: 002C 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: B4C9 F2F0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8D 8C 55 0F 00 00 00 00 00 04 32 00 63 63 55
020: 04 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5D 5D 78 14 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 52 04 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 00 00 00 00 00 00 C1 32 00 C8 C8 E9
080: 03 00 00 00 00 00 C2 22 00 6B 57 24 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 FC 21 01 7B
170: 03 00 01 00 02 58 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5

[Roy703]

Ked chcem stiahnuť ten kaspersky tak mi ukáže toto:

[jaro3]

nemáš tam možnost ignore?
Nebo předtím vypni antivir+ firewall.

[Roy703]

Nemám tam možnosť ignore ale nejak som to stiahol ale zase ukázalo toto: