scvhost Vyřešeno

[kostidrom]

no dobra skusim to az zitra dnes dam wu a skusim to saktualizovat nekde pišou že to muže trvat až 10h se mi to nepodařilo od zaři saktualizovat, bod obnoveni me nefunguje nejde me vytvořit jednou kvuli viru aby me ten program neco neudelal combofix

[Reklama]

[jaro3]

Combofix dělá taky zálohu..
Pokud jsi měl problémy s CF , tak dáme FRST.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

v tom se dá opravit/vytvořit nový bod obnovy.

[kostidrom]

nemel jsem problem jen aby me to neco neudelalo za chvli tam dam frst

[kostidrom]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by hall (administrator) on HALL-PC (12-12-2016 19:19:29)
Running from C:\Users\hall\Desktop
Loaded Profiles: hall (Available Profiles: hall)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
() C:\Program Files (x86)\GameforgeLive\gfl_client.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe
(DivX, LLC) C:\Users\hall\AppData\Local\Temp\dxa70A3.tmp\dxa70A4.tmp
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14011120 2016-12-09] (Zemana Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1042912 2016-10-13] (DivX, LLC)
HKLM-x32\...\Run: [reset] => regedit /s reset.reg
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\MountPoints2: H - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\MountPoints2: {528c2203-aca0-11e5-a49a-f46d045f7818} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-01-23] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9D6487DC-45A3-405A-BEC0-1589D6141010}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/en-us/?ocid=U221DHP&pc=U221
SearchScopes: HKU\S-1-5-21-3633478581-3110627933-1294825731-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\hall\AppData\Roaming\Mozilla\Firefox\Profiles\qqfe1697.default-1476900301052 [2016-12-12]
FF NewTab: Mozilla\Firefox\Profiles\qqfe1697.default-1476900301052 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\qqfe1697.default-1476900301052 -> hxxps://www.seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\hall\AppData\Roaming\Mozilla\Firefox\Profiles\qqfe1697.default-1476900301052\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-07-05] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-09-27] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3633478581-3110627933-1294825731-1000: @my.com/Games -> C:\Users\hall\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-04] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3633478581-3110627933-1294825731-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hall\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-3633478581-3110627933-1294825731-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-18] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-01-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-01-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-01-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-01-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-01-24] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hall\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (uBlock Origin) - C:\Users\hall\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\hall\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [227104 2016-11-10] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2815520 2016-11-17] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-10-18] (NVIDIA Corporation)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-18] ()
S3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14011120 2016-12-09] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-08-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-18] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232072 2016-11-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [177792 2016-11-17] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [67712 2016-11-17] (ESET)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-08-09] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-08-27] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2016-06-27] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-10] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-10] (Zemana Ltd.)
S3 cpuz138; \??\C:\Users\hall\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va023; \??\C:\Windows\SysWOW64\Drivers\X6va023 [X]
S3 X6va024; \??\C:\Windows\SysWOW64\Drivers\X6va024 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 X6va034; \??\C:\Windows\SysWOW64\Drivers\X6va034 [X]
S3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-12 19:22 - 2016-12-12 19:22 - 00001072 _____ C:\Users\Public\Desktop\DivX Player.lnk
2016-12-12 19:21 - 2016-12-12 19:21 - 00001097 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2016-12-12 19:19 - 2016-12-12 19:21 - 00017475 _____ C:\Users\hall\Desktop\FRST.txt
2016-12-12 19:19 - 2016-12-12 19:19 - 00000000 ____D C:\FRST
2016-12-12 19:17 - 2016-12-12 19:18 - 02420224 _____ (Farbar) C:\Users\hall\Desktop\FRST64.exe
2016-12-11 15:34 - 2016-06-10 19:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-11 15:34 - 2016-06-10 19:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-11 15:34 - 2016-06-10 19:46 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-11 15:34 - 2016-06-10 19:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-11 15:34 - 2016-06-10 16:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-11 15:34 - 2016-06-10 16:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-11 15:34 - 2016-06-10 15:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-11 15:34 - 2016-06-10 15:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-11 15:34 - 2016-06-10 15:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-11 15:34 - 2016-06-10 15:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-11 15:34 - 2016-06-10 15:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-11 15:34 - 2016-06-10 15:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-11 15:34 - 2016-06-06 17:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-11 15:34 - 2016-06-06 17:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-11 15:34 - 2016-06-06 17:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-11 15:34 - 2016-06-06 17:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-11 15:34 - 2016-06-06 16:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-11 15:34 - 2016-06-06 16:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-11 15:34 - 2016-06-06 16:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-11 15:34 - 2016-06-06 16:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-11 15:34 - 2016-05-17 00:22 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-11 15:34 - 2016-05-17 00:19 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-11 15:34 - 2016-05-17 00:19 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-11 15:34 - 2016-05-17 00:18 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-11 15:34 - 2016-05-17 00:18 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-11 15:34 - 2016-05-17 00:17 - 01732888 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-11 15:34 - 2016-05-17 00:16 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-11 15:34 - 2016-05-17 00:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-11 15:34 - 2016-05-16 22:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-11 15:34 - 2016-05-16 22:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-11 15:34 - 2016-05-16 22:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-11 15:34 - 2016-05-16 22:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-11 15:34 - 2016-05-16 22:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-11 15:34 - 2016-05-16 22:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-11 15:34 - 2016-05-16 22:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-11 15:34 - 2016-05-16 22:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-11 15:34 - 2016-05-16 22:10 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-11 15:34 - 2016-05-16 22:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-11 15:34 - 2016-05-16 22:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-11 15:34 - 2016-05-16 22:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-11 15:34 - 2016-05-16 22:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-11 15:34 - 2016-05-16 22:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-11 15:34 - 2016-05-13 23:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-11 15:34 - 2016-05-13 23:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-11 15:34 - 2016-05-13 23:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-11 15:34 - 2016-05-13 23:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-12-11 15:34 - 2016-05-13 22:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-11 15:34 - 2016-05-13 22:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-11 15:34 - 2016-05-13 22:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-11 15:34 - 2016-05-13 22:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-11 15:34 - 2016-05-13 22:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-12-11 15:34 - 2016-05-13 22:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-12-11 15:34 - 2016-05-13 22:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-12-11 15:34 - 2016-05-13 22:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-12-11 15:34 - 2016-05-13 22:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-12-11 15:34 - 2016-05-13 22:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-12-11 15:34 - 2016-05-13 22:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-12-11 15:34 - 2016-05-13 22:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-12-11 15:34 - 2016-05-12 18:14 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-11 15:34 - 2016-05-12 18:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-11 15:34 - 2016-05-12 16:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-11 15:34 - 2016-05-12 16:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-12-11 15:34 - 2016-05-12 16:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-11 15:34 - 2016-05-12 14:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-11 15:34 - 2016-05-12 14:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-12-11 15:34 - 2016-05-12 14:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-12-11 15:34 - 2016-05-04 18:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-11 15:34 - 2016-05-04 18:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-11 15:34 - 2016-05-04 18:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-11 15:34 - 2016-05-04 18:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-11 15:34 - 2016-05-04 18:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-11 15:34 - 2016-05-04 16:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-11 15:34 - 2016-05-04 15:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-11 14:08 - 2016-11-10 22:09 - 00227104 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-12-11 14:03 - 2016-12-11 14:03 - 00000000 ____D C:\db72b3484c362d39f900a3e4
2016-12-11 13:55 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-11 13:55 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-11 10:57 - 2016-12-11 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-12-10 20:48 - 2016-12-10 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-10 20:47 - 2016-12-10 20:48 - 07194312 _____ (Microsoft Corporation) C:\Users\hall\Downloads\vcredist_x64.exe
2016-12-10 20:33 - 2016-12-10 20:33 - 01005568 _____ (Microsoft Corporation) C:\Users\hall\Downloads\dotNetFx45_Full_setup.exe
2016-12-10 17:35 - 2016-12-10 17:35 - 00004735 _____ C:\STF2AEC.tmp
2016-12-10 16:56 - 2016-12-10 16:56 - 00004735 _____ C:\STF80E6.tmp
2016-12-10 13:01 - 2016-12-12 19:19 - 00073656 _____ C:\Windows\ZAM.krnl.trace
2016-12-10 13:01 - 2016-12-12 19:19 - 00059787 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-10 13:01 - 2016-12-11 10:57 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-12-10 13:01 - 2016-12-10 13:01 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-10 13:01 - 2016-12-10 13:01 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-10 13:01 - 2016-12-10 13:01 - 00000000 ____D C:\Users\hall\AppData\Local\Zemana
2016-12-10 12:48 - 2016-12-10 12:48 - 00000000 ____D C:\Users\hall\AppData\Roaming\ProductData
2016-12-10 11:34 - 2016-12-10 11:34 - 00000000 ____D C:\zoek
2016-12-10 10:43 - 2016-12-10 11:38 - 00004096 _____ C:\runcheck.txt
2016-12-10 10:43 - 2016-12-10 11:38 - 00000000 ____D C:\zoek_backup
2016-12-08 17:57 - 2016-12-09 16:55 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-12-08 17:57 - 2016-12-08 20:41 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-07 19:30 - 2016-12-07 19:30 - 00000000 ____D C:\Users\hall\Downloads\Gameforge Live
2016-12-07 18:24 - 2016-12-07 18:24 - 00000000 ____D C:\ProgramData\Sophos
2016-12-07 18:24 - 2016-12-07 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-12-07 18:24 - 2016-12-07 18:24 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-12-07 18:23 - 2016-12-07 18:23 - 00000000 ____D C:\Users\hall\AppData\Roaming\ESET
2016-12-07 18:22 - 2016-12-07 18:23 - 157380120 _____ (Sophos Limited) C:\Users\hall\Downloads\Sophos Virus Removal Tool.exe
2016-12-06 21:23 - 2016-12-06 21:23 - 00000000 ____D C:\Users\hall\AppData\Local\Steam
2016-12-06 21:19 - 2016-12-12 16:36 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-06 20:43 - 2016-12-06 20:43 - 00000034 _____ C:\Windows\system32\uid.txt
2016-12-06 19:27 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-06 19:27 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-05 20:56 - 2016-12-07 17:42 - 00000000 ____D C:\AdwCleaner
2016-12-04 16:13 - 2016-12-04 16:13 - 00000000 ____D C:\e1b13ddf1f45ab95a86a
2016-11-19 11:31 - 2016-11-19 11:31 - 00109296 _____ C:\Users\hall\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-19 11:29 - 2016-12-12 16:37 - 00000000 ____D C:\Users\hall\AppData\LocalLow\Mozilla
2016-11-18 17:59 - 2016-12-01 21:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 16:40 - 2016-11-18 16:40 - 00420856 _____ C:\Windows\system32\FNTCACHE.DAT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-12 19:21 - 2014-01-23 21:50 - 00000000 ____D C:\Users\hall\AppData\Roaming\DivX
2016-12-12 19:21 - 2014-01-23 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-12-12 19:21 - 2014-01-23 21:38 - 00000000 ____D C:\ProgramData\DivX
2016-12-12 16:51 - 2009-07-14 05:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 16:51 - 2009-07-14 05:45 - 00023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 16:43 - 2009-07-14 16:18 - 05319518 _____ C:\Windows\system32\perfh005.dat
2016-12-12 16:43 - 2009-07-14 16:18 - 01713682 _____ C:\Windows\system32\perfc005.dat
2016-12-12 16:43 - 2009-07-14 06:13 - 00006508 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-12 16:36 - 2016-05-25 16:07 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-12 16:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-11 20:06 - 2015-12-29 17:25 - 00000000 ____D C:\Users\hall\AppData\Local\CrashDumps
2016-12-11 20:03 - 2014-01-27 16:22 - 00007598 _____ C:\Users\hall\AppData\Local\Resmon.ResmonCfg
2016-12-11 20:03 - 2009-07-14 06:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-11 17:44 - 2015-05-22 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-12-11 17:42 - 2015-08-24 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam 2
2016-12-10 18:44 - 2016-06-20 20:46 - 00000000 ____D C:\Users\hall\AppData\Local\UnrealEngine
2016-12-10 13:07 - 2014-01-20 18:14 - 00000000 ____D C:\Users\hall
2016-12-10 12:47 - 2014-07-10 13:12 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-10 11:38 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-10 11:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-12-09 19:23 - 2014-07-15 13:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-08 20:25 - 2016-09-22 16:52 - 00000000 ____D C:\Users\hall\Documents\Street Racing Syndicate
2016-12-06 21:19 - 2016-01-26 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-06 19:24 - 2016-09-22 13:42 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-06 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-05 17:35 - 2014-01-23 17:23 - 00000832 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-02 17:13 - 2014-01-23 20:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-17 20:54 - 2016-09-22 14:54 - 00232072 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-11-17 20:54 - 2016-09-22 14:54 - 00177792 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-11-17 20:54 - 2016-09-22 14:54 - 00067712 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2016-11-17 13:07 - 2014-01-23 20:56 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-17 12:33 - 2014-04-27 21:29 - 00000000 ____D C:\Users\hall\AppData\Local\PrivaZer
2016-11-17 12:31 - 2014-04-24 16:57 - 00000000 ____D C:\Users\hall\AppData\Local\ElevatedDiagnostics
2016-11-17 12:24 - 2014-08-11 18:54 - 00000000 ____D C:\Users\hall\AppData\Roaming\uTorrent
2016-11-17 11:02 - 2014-09-14 12:46 - 00000000 ____D C:\Users\hall\AppData\Local\Adobe
2016-11-17 11:02 - 2014-01-23 20:56 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-17 11:02 - 2014-01-23 20:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-17 11:02 - 2014-01-23 20:56 - 00003854 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-17 11:02 - 2014-01-23 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-17 11:02 - 2014-01-23 20:56 - 00000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2014-01-27 16:22 - 2016-12-11 20:03 - 0007598 _____ () C:\Users\hall\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\hall\AppData\Local\Temp\7za.exe
C:\Users\hall\AppData\Local\Temp\DaS_21.exe
C:\Users\hall\AppData\Local\Temp\dllnt_dump.dll
C:\Users\hall\AppData\Local\Temp\hijackthis.exe
C:\Users\hall\AppData\Local\Temp\libeay32.dll
C:\Users\hall\AppData\Local\Temp\msvcr120.dll
C:\Users\hall\AppData\Local\Temp\NirCmd.exe
C:\Users\hall\AppData\Local\Temp\PEVZ.EXE
C:\Users\hall\AppData\Local\Temp\remove.exe
C:\Users\hall\AppData\Local\Temp\sed.exe
C:\Users\hall\AppData\Local\Temp\shortcut.exe
C:\Users\hall\AppData\Local\Temp\sqlite3.dll
C:\Users\hall\AppData\Local\Temp\swreg.exe
C:\Users\hall\AppData\Local\Temp\swxcacls.exe
C:\Users\hall\AppData\Local\Temp\wget.exe
C:\Users\hall\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-07 18:18

==================== End of FRST.txt ============================

[kostidrom]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by hall (12-12-2016 19:22:22)
Running from C:\Users\hall\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-01-20 17:14:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3633478581-3110627933-1294825731-500 - Administrator - Disabled)
Guest (S-1-5-21-3633478581-3110627933-1294825731-501 - Limited - Enabled)
hall (S-1-5-21-3633478581-3110627933-1294825731-1000 - Administrator - Enabled) => C:\Users\hall
HomeGroupUser$ (S-1-5-21-3633478581-3110627933-1294825731-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.369.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.369.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
AIDA64 Extreme Edition v1.80 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 1.80 - FinalWire Ltd.)
Ansel (Version: 375.57 - NVIDIA Corporation) Hidden
Armored Warfare MyCom (HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\Armored Warfare MyCom) (Version: 1.90 - My.com B.V.)
Canon MP Navigator EX 1.2 (HKLM-x32\...\MP Navigator EX 1.2) (Version: - )
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - SG Europe)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.99 - DivX, LLC)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Epic Games Launcher (HKLM-x32\...\{DC13677B-1214-409C-8127-41BBC4445C61}) (Version: 1.1.73.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{286737D8-1C00-4FC4-B1D1-99CD24C8C12F}) (Version: 10.0.359.1 - ESET, spol. s r.o.)
ffdshow v1.3.4527 [2013-12-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4527.0 - )
FreeTorrentViewer (HKLM-x32\...\FreeTorrentViewer) (Version: 1.0.0.1 - Free Torrent Viewer)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
HWiNFO32 Version 5.02 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.02 - Martin Malík - REALiX)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Just Cause 2, âĺđńč˙ 1.0 (HKLM-x32\...\Just Cause 2_is1) (Version: 1.0 - )
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metin2 (HKLM-x32\...\Metin2_CZ_is1) (Version: - Gameforge 4D GmbH)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{c6870a89-ef30-4f22-bbd1-49cd2516bc56}) (Version: 12.0.40649.5 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{7c3d0734-5e24-446b-85ae-c610ee8eb53d}) (Version: 14.0.23918.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{a15bc95a-8359-40e6-b4bc-5a219bcc492a}) (Version: 14.0.23918.0 - Корпорация Майкрософт)
Mozilla Firefox 50.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 cs)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
My.com Game Center (HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\MyComGames) (Version: 3.169 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 375.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.57 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 375.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.57 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Ovládací panel NVIDIA 375.57 (Version: 375.57 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.7.0 - Goversoft LLC)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.0 - Activision)
Quake 4(TM) (x32 Version: 1.0 - Activision) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Rocket League (HKLM-x32\...\Rocket League_is1) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Serious Sam 3 BFE (HKLM-x32\...\{97425B85-2311-435E-9A28-0AA11B41E322}_is1) (Version: - Croteam)
Seznam Software (HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\SeznamInstall) (Version: - Seznam.cz)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Racing Syndicate (TM) (HKLM-x32\...\{1CC535A8-BD37-4AD5-BF85-1C366873BA47}) (Version: 1.00.0000 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
UE3Redist (HKLM-x32\...\InstallShield_{2FB04107-7BC2-449C-915A-530B29B5E0FE}) (Version: 1.00.0000 - Epic Games)
Unity Web Player (HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.118 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E7AC2D-1690-4498-B478-BE19C5B3DD6A} - \Start Registry Reviver Schedule -> No File <==== ATTENTION
Task: {0E07DBD5-A42D-4842-9CE6-50D99BBF21E1} - System32\Tasks\{7E431519-755E-447B-A666-6ED1DA512734} => pcalua.exe -a C:\Users\hall\Desktop\Assassins-creed-1-by-ElitePvP\splash\demo32.exe -d C:\Users\hall\Desktop\Assassins-creed-1-by-ElitePvP\splash
Task: {17455A39-02C8-45BF-90BE-CDCC0E7917B4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-18] (NVIDIA Corporation)
Task: {20ADE3F1-20AD-498E-95D0-3130D91589AB} - \Start Registry Reviver Update -> No File <==== ATTENTION
Task: {25A1ABA2-7212-4B87-B6E1-3F46DE739320} - System32\Tasks\{40A5C82C-5DD1-4D2D-A598-F0883CCC0B19} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l2057
Task: {2A46ADA9-E822-4923-B7F6-78BC2F7699C6} - System32\Tasks\{94DDE699-8246-489C-B940-E18258FC28BB} => pcalua.exe -a "E:\hry\Dead Space 1\Dead Space 1\Uninstall.exe" -d "E:\hry\Dead Space 1\Dead Space 1"
Task: {2E856421-1717-4CA3-B014-DF06265C3560} - \ASC9_PerformanceMonitor -> No File <==== ATTENTION
Task: {2FCC061C-EBD1-44CB-8149-26497249284D} - System32\Tasks\{3928906C-789B-417A-9789-7FB7C35355AD} => pcalua.exe -a "E:\hry\Dead Space 2\DS2CZ.exe" -d "E:\hry\Dead Space 2"
Task: {359D5BFA-42C0-40E6-88B4-22FFA851D34A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {3D755C88-4272-499D-BC05-71A538352582} - System32\Tasks\{36C9D3C4-B052-47EC-93E7-C99CBD6C2729} => pcalua.exe -a C:\Users\hall\Desktop\Assassins-creed-1-by-ElitePvP\autorun.exe -d C:\Users\hall\Desktop\Assassins-creed-1-by-ElitePvP
Task: {449818EE-D626-45CD-8E3A-4A314589054B} - System32\Tasks\{E097616A-20A9-473F-BC0F-3BF8DD0DB721} => pcalua.exe -a "E:\hry\Risen\bin\Risen_Czech_1.00_LangPack .exe" -d E:\hry\Risen\bin
Task: {49CD52E2-8A10-4F7D-A7F1-159CB0A638AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {4B1ABC14-F8DE-4CAF-B6AF-B377EF557A57} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-18] (NVIDIA Corporation)
Task: {4D6A911D-4456-42DA-A724-51272311744F} - System32\Tasks\{F1015109-56A9-4700-B002-41C905D428E1} => pcalua.exe -a "C:\Program Files (x86)\iWebar\Uninstall.exe" -c /fcp=1
Task: {568A2B65-85F2-4655-8762-4B20EB37BB3D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {61020E62-FAD6-4F48-A41F-B08D69AEB0EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17] (Adobe Systems Incorporated)
Task: {6986B60B-0812-4B76-89A7-C2009DEABB77} - System32\Tasks\{E9069E01-2C2C-4912-8E87-7F2579C14442} => pcalua.exe -a C:\Users\hall\Downloads\Risen_Hotfix_101_International.exe -d C:\Users\hall\Downloads
Task: {730D9D9A-833C-4262-84E5-70886F666490} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2016-01-18] (Piriform Ltd)
Task: {748596FF-21EF-4803-9055-998573E9D463} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {7D2DCB88-ABDB-4BDA-B9C0-941C18736B9D} - System32\Tasks\{24B6E8A4-ABB7-4903-8ECD-E91074314F27} => pcalua.exe -a C:\Users\hall\Desktop\SUPERAntiSpyware571026cz.exe -d C:\Users\hall\Desktop
Task: {80E9F2CD-4705-43DB-9237-394043A0DCAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {826F524C-F3B2-4905-B375-348A70C10B8C} - System32\Tasks\{8458DE6A-7905-41ED-A033-6E927E9DDD11} => pcalua.exe -a C:\Users\hall\Downloads\vcredist_x86(1).exe -d C:\Users\hall\Downloads
Task: {84C7E4C6-D06D-46DE-A43F-7D644A028474} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-11-11] (DivX, LLC)
Task: {886A8ED5-3F98-4AAB-A007-6807428DC96A} - System32\Tasks\{8FF5D482-D2F3-4006-8255-2E43BC4C9D48} => pcalua.exe -a C:\Users\hall\Downloads\vcredist_x86.exe -d C:\Users\hall\Downloads
Task: {889E9CFD-62D6-4366-A8D8-1524F3DDAF26} - System32\Tasks\{CEAD9AC7-01F5-4AA5-80A3-34ADCC88C10A} => pcalua.exe -a C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity\GDFInstall.exe -d C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity -c /nomediacenter /silent GDF.dll /allusers /exe GDF.dll <==== ATTENTION
Task: {8C4F5C9B-CA02-45A8-A07D-AE6E9E133FF4} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {9D412710-71C1-4EF3-9B82-602008EA2871} - \ASC9_SkipUac_hall -> No File <==== ATTENTION
Task: {9DFEAF0F-A9E0-4720-9E44-78CF8B53E045} - System32\Tasks\{AE3DD50B-774B-47A9-A5E9-646BD3155BAE} => pcalua.exe -a E:\hry\Assassin's_Creed_Unity\GDFInstall.exe -d E:\hry\Assassin's_Creed_Unity
Task: {A28AE478-AB0F-4BBE-B98B-420640A20D8C} - System32\Tasks\{EF9BFE2A-B42A-4418-88C8-A25C00A0C0C7} => pcalua.exe -a "E:\hry\Dead Space 2 PC Full game ^^nosTEAM^^\Dead Space 2\DS2CZ.exe" -d "E:\hry\Dead Space 2 PC Full game ^^nosTEAM^^\Dead Space 2"
Task: {A4913268-BA1B-48FB-963C-E41F99D7ACEB} - System32\Tasks\{E216BD03-DB74-4EF4-902D-1D392616CEAB} => pcalua.exe -a C:\Users\hall\Desktop\Risen3_Cz_v1.00_BETA_build42.exe -d C:\Users\hall\Desktop
Task: {AB30C255-E8F4-4614-814F-D9A95CC1309F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B4C74C40-7A3D-40CD-803C-078141A3E6B5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-18] (NVIDIA Corporation)
Task: {BC7BBBA9-AE09-4E71-9673-92DBD20A770A} - System32\Tasks\Defraggler Volume E Task => C:\Program Files\Defraggler\df64.exe [2016-01-18] (Piriform Ltd)
Task: {BE151D79-A5E4-4149-B253-45AAECEBE1DB} - System32\Tasks\{9B4FBCE6-D93D-43B1-9ED4-C34AA3EE5C31} => pcalua.exe -a "E:\hry\Risen CZ\Setup.exe" -d "E:\hry\Risen CZ"
Task: {CA1DEEA7-82E9-4F22-A27C-7152DFEE6E33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-18] (NVIDIA Corporation)
Task: {CEE2A619-B3B1-4B85-88E3-1BB8C3051BF8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-18] (NVIDIA Corporation)
Task: {D822F897-29B6-403D-888F-8F48B77EFB18} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8E41D27-C837-4C23-85E9-11BA99F8FBC2} - System32\Tasks\{303274CD-E2D3-4248-AC2A-36CCCBF684E4} => pcalua.exe -a E:\hry\quake4\Quake4-1.4.2.exe -d E:\hry\quake4
Task: {DBD3605B-A7AA-409B-97EA-A9456DA0FE83} - System32\Tasks\{F3F4BA3D-BF50-469A-8E31-6EB3D2C4B482} => pcalua.exe -a F:\AUTOSTARTER.EXE -d F:\
Task: {E81AF9DC-104A-4103-BDE0-A19A3593C9D4} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2016-08-05] (Goversoft LLC)
Task: {EA3FECE3-E6BB-4983-B35A-3437CAE525C2} - \Driver Booster SkipUAC (hall) -> No File <==== ATTENTION
Task: {EA5838B7-1EE1-416D-A1CD-1628EDCA9E63} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume E Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\hall\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\hall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\hall\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->

==================== Loaded Modules (Whitelisted) ==============

2016-05-25 16:06 - 2016-10-18 20:52 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-15 21:25 - 2016-11-15 21:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-04-17 12:10 - 2016-06-24 10:22 - 03070624 _____ () C:\Program Files (x86)\GameforgeLive\gfl_client.exe
2016-12-06 21:21 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-12-06 21:21 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-12-06 21:21 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-12-06 21:21 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-12-06 21:21 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-12-06 21:21 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-12-06 21:21 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-12-06 21:21 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-12-06 21:21 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-12-06 21:21 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-06 21:21 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-06 21:21 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-06 21:21 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-11-17 11:02 - 2016-11-17 11:02 - 19640512 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
2016-04-17 12:10 - 2016-06-24 09:40 - 00088064 _____ () C:\Program Files (x86)\GameforgeLive\libgcc_s_sjlj-1.dll
2016-04-17 12:10 - 2016-06-24 09:40 - 00863744 _____ () C:\Program Files (x86)\GameforgeLive\libstdc++-6.dll
2016-04-17 12:10 - 2016-06-24 09:41 - 05686669 _____ () C:\Program Files (x86)\GameforgeLive\libtorrent.dll
2016-04-17 12:10 - 2016-06-24 09:40 - 00097659 _____ () C:\Program Files (x86)\GameforgeLive\libboost_system-mgw47-mt-1_53.dll
2016-04-17 12:10 - 2016-06-24 09:41 - 01765301 _____ () C:\Program Files (x86)\GameforgeLive\libgcrypt-11.dll
2016-04-17 12:10 - 2016-06-24 09:41 - 00126959 _____ () C:\Program Files (x86)\GameforgeLive\libgpg-error-0.dll
2016-04-17 12:10 - 2016-06-24 09:47 - 00530432 _____ () C:\Program Files (x86)\GameforgeLive\log4qt.dll
2016-04-17 12:10 - 2016-06-24 09:46 - 00141312 _____ () C:\Program Files (x86)\GameforgeLive\qjson.dll
2016-12-12 19:16 - 2016-12-12 19:16 - 00768000 _____ () C:\Users\hall\AppData\Local\Temp\dxa9886.tmp\dxa9896.tmp

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [234]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-12-10 14:22 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\hall\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: EventSystem => 2
MSCONFIG\startupfolder: C:^Users^hall^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: B Register C: =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\hall\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{080AA666-1F79-49A2-A8DF-E3645E8C906D}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{1D3F8F74-B48C-4C1B-B1F6-7E8CEBB2CE54}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{D90C01DB-CA21-46BA-AA0C-A9B5828AC726}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [UDP Query User{07A2F6F6-ABAB-4133-8965-9AFAE98ED91B}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [{9706FA10-C4B8-4B11-81DD-07F8E1BDC36D}] => C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{38855608-D369-4291-9308-46E7E2E47E9D}] => C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{93ED3694-A49F-4CB3-AB3C-9575F9DDAB37}C:\windows\syswow64\svchost.exe] => C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{8CF830AC-ECE5-40C7-A42D-C9B3F6B9111C}C:\windows\syswow64\svchost.exe] => C:\windows\syswow64\svchost.exe
FirewallRules: [{06CF511E-AFD6-47D7-A26F-C162ED2DAFCE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7CD4B5A-D3E6-4013-B5C8-C00896732AEE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B53EC729-1F5C-4C90-82EA-11BF2B11A677}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C5A0D6C5-C3E8-4E48-B32F-B66AC18A2E97}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3D1E67BE-6307-4EC2-94C6-48FBBF0E4F74}C:\users\hall\appdata\roaming\utorrent\utorrent.exe] => C:\users\hall\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{30A531AE-FA62-486C-8678-00BCBBAE2008}C:\users\hall\appdata\roaming\utorrent\utorrent.exe] => C:\users\hall\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{908FDC88-64F9-4337-B384-C115A26C0E87}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F6DC604A-2295-42B2-86C6-4FE35330943A}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{09E14AE6-444E-4613-847D-2F71B0A380EC}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{954672E8-0AB3-49F8-B3ED-D62547B266EB}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{82A13BF7-940E-437E-8561-06935751B606}E:\hry\siri sam\serious sam 2\bin\dedicatedserver.exe] => E:\hry\siri sam\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [UDP Query User{766923EC-66BE-4687-AC2C-40DA2EDE4B21}E:\hry\siri sam\serious sam 2\bin\dedicatedserver.exe] => E:\hry\siri sam\serious sam 2\bin\dedicatedserver.exe
FirewallRules: [{1B4203E0-006D-44F5-8308-12108A3A45C4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{016CA6B4-7059-45A5-AD78-0A9D34844106}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2F3F11F0-2BC2-4D79-92D1-2235CDEC8FC6}] => C:\Users\hall\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{F7368EF5-A952-4BC1-A2A7-7D6916331FBF}] => C:\Users\hall\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [TCP Query User{868165A0-BCFA-4052-99BE-BD043486EE79}E:\hry\armored warfare mycom\bin64\armoredwarfare.exe] => E:\hry\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{CF3780E5-5350-428A-AEE5-0D0C1F730669}E:\hry\armored warfare mycom\bin64\armoredwarfare.exe] => E:\hry\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{AD5A383A-3728-4735-9ECA-5B4EB769BDD7}C:\users\hall\appdata\local\mycomgames\mycomgames.exe] => C:\users\hall\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{E7479B6C-3B93-4420-88E7-F8E238221C2B}C:\users\hall\appdata\local\mycomgames\mycomgames.exe] => C:\users\hall\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{4CC01881-3E2D-49B5-AEE6-22B2695E2003}] => E:\hry\WarThunder\launcher.exe
FirewallRules: [{25A7D013-5AF9-4C89-A0A3-FF864E573FE8}] => E:\hry\WarThunder\launcher.exe
FirewallRules: [{13894A02-1422-40BC-AF94-A31F55896EAB}] => C:\Users\hall\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A3C5037D-57FA-41CD-B4A4-4E8C1546DC64}] => C:\Users\hall\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{93AA5BDC-81BA-4D7C-A559-62B9A1D2E919}E:\hry\warthunder\win32\aces.exe] => E:\hry\warthunder\win32\aces.exe
FirewallRules: [UDP Query User{56C89A71-683C-4BD7-BC03-4F1A734C9E26}E:\hry\warthunder\win32\aces.exe] => E:\hry\warthunder\win32\aces.exe
FirewallRules: [TCP Query User{C6C7E7BB-1101-4AC8-A1ED-717E11B4F62D}E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{9B4FA9C8-E6D9-4C98-95EE-D15925499446}E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{8F435CD9-EB21-4291-9CCA-84BF65CB2AD2}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{04C1EE65-107C-4F5F-9571-BC0E596CC3FA}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{5157F9B3-A675-465A-B4DD-B7CDF13A95C4}E:\hry\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => E:\hry\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{FCCF6E42-1C4E-4BFF-85FA-02977C470539}E:\hry\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => E:\hry\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{FE560D3C-0E7D-4CF8-BE6C-F073D2AEE9EB}E:\hry\qake4\quake4ded.exe] => E:\hry\qake4\quake4ded.exe
FirewallRules: [UDP Query User{D9907EA6-0439-4B71-B8CD-3EAD0DA14F64}E:\hry\qake4\quake4ded.exe] => E:\hry\qake4\quake4ded.exe
FirewallRules: [TCP Query User{DFECBD02-2DE0-4E1C-B7CE-9AA364B8DD48}E:\hry\qake4\quake 4\quake4ded.exe] => E:\hry\qake4\quake 4\quake4ded.exe
FirewallRules: [UDP Query User{FCCD8C5B-377C-410B-8FDD-7DB804332637}E:\hry\qake4\quake 4\quake4ded.exe] => E:\hry\qake4\quake 4\quake4ded.exe
FirewallRules: [TCP Query User{30897F46-69A8-47E0-ABE9-FFD453FE06C5}E:\hry\qake4\quake4.exe] => E:\hry\qake4\quake4.exe
FirewallRules: [UDP Query User{C5B64ECF-2470-4803-AB2B-A26064E68D62}E:\hry\qake4\quake4.exe] => E:\hry\qake4\quake4.exe
FirewallRules: [{2A0554A4-D72F-414E-84D5-F062925C5A4F}] => C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{8FFBBE79-CB4D-4CBB-8FE6-365AD47CB33A}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{112B39CA-CC5F-4846-871C-405874CCC188}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [TCP Query User{4BA5BB13-09B6-4686-B532-C3BE89EEDDB7}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{D7179D74-F4A4-4626-8E3C-1790BBE58953}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{A2D6FD9B-3C5B-4AD7-AAF9-8A8C27E83BD6}E:\hry\need-for-speed-world\need for speed world\data\nfsw.exe] => E:\hry\need-for-speed-world\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{229A8BE3-D178-454F-95EA-2E8A5298798E}E:\hry\need-for-speed-world\need for speed world\data\nfsw.exe] => E:\hry\need-for-speed-world\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{DCBE9517-D90F-48C8-AD97-738FD0E5E186}E:\hry\grand theft auto v\gta5.exe] => E:\hry\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{049E1657-36C4-4FAC-A947-BF405D6CF727}E:\hry\grand theft auto v\gta5.exe] => E:\hry\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{0DADCF88-5A5F-47EA-8FCB-5F972E2F891E}E:\hry\dying light\dyinglightgame.exe] => E:\hry\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{E171C014-EFC6-42A6-9FFF-5054CBCAFB81}E:\hry\dying light\dyinglightgame.exe] => E:\hry\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{7FD826AF-CF0B-4CB5-91E6-5B21F3519E8C}E:\hry\mr dj\need for speed hot pursuit\nfs11.exe] => E:\hry\mr dj\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{4AE462B8-7969-4689-A095-FDF43D11B76A}E:\hry\mr dj\need for speed hot pursuit\nfs11.exe] => E:\hry\mr dj\need for speed hot pursuit\nfs11.exe
FirewallRules: [{E05A90DB-FD37-4723-8998-A49E8872B854}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{771DC284-38B7-47B5-9AB0-DE9C3DD21EC8}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09E84237-570D-4700-825D-F361EB25C70F}] => C:\Program Files (x86)\Steam\Steam.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {c8659c5c-e118-4ac0-9713-75c5c847659c}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {c8659c5c-e118-4ac0-9713-75c5c847659c}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Název modulu pro zápis: ASR Writer
ID instance modulu pro zápis: {22fa3c62-8eff-4c87-a209-44b7e88e61e3}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Název modulu pro zápis: ASR Writer
ID instance modulu pro zápis: {22fa3c62-8eff-4c87-a209-44b7e88e61e3}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 12346) (User: )
Description: Chyba služby Stínová kopie svazku: Při pokusu o inicializaci nástroje pro zápis do registru došlo k chybě 0x80042302, V součásti Stínová kopie svazku došlo k neočekávané chybě.
Další informace získáte v protokolu událostí aplikace.
. To může způsobit chybu
při vytváření stínových kopií v budoucnu.

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Název modulu pro zápis: COM+ REGDB Writer
ID instance modulu pro zápis: {98c0022d-cb80-4d51-b48b-703410f723fc}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Název modulu pro zápis: COM+ REGDB Writer
ID instance modulu pro zápis: {98c0022d-cb80-4d51-b48b-703410f723fc}

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 12342) (User: )
Description: Chyba služby Stínová kopie svazku: Při pokusu o inicializaci nástroje pro zápis do registru došlo k chybě 0x80042302, V součásti Stínová kopie svazku došlo k neočekávané chybě.
Další informace získáte v protokolu událostí aplikace.
. To může způsobit chybu
při vytváření stínových kopií v budoucnu.

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Subscribing the Registry server writer failed. hr = 8004230208lx došlo k neočekávané chybě. hr= 0x80042302, V součásti Stínová kopie svazku došlo k neočekávané chybě.
Další informace získáte v protokolu událostí aplikace.
.

Error: (12/12/2016 07:23:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.


Operace:
Přihlášení odběru modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Název modulu pro zápis: Registry Writer
ID instance modulu pro zápis: {582b2cd2-2e69-46f5-a689-54c3007e2202}


System errors:
=============
Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (12/12/2016 05:13:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba inteligentního přenosu na pozadí závisí na službě Systém událostí COM+, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


CodeIntegrity:
===================================
Date: 2016-12-05 22:03:06.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-12-05 22:03:06.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-12-05 22:03:06.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-12-04 14:46:53.905
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-12-04 14:46:53.624
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-12-04 14:46:53.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-11-22 20:19:34.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-11-22 20:19:33.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-11-22 20:19:33.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2016-11-20 14:04:22.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod3FCD.dll.nup.raw because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 30%
Total physical RAM: 8191.05 MB
Available physical RAM: 5690.43 MB
Total Virtual: 16380.29 MB
Available Virtual: 13735.61 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:150 GB) (Free:69.13 GB) NTFS
Drive e: (Data) (Fixed) (Total:1247.16 GB) (Free:1028.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 1397.3 GB) (Disk ID: 1F6D61D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1247.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3633478581-3110627933-1294825731-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3633478581-3110627933-1294825731-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hall\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va023; \??\C:\Windows\SysWOW64\Drivers\X6va023 [X]
S3 X6va024; \??\C:\Windows\SysWOW64\Drivers\X6va024 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 X6va034; \??\C:\Windows\SysWOW64\Drivers\X6va034 [X]
S3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]
C:\Windows\SysWOW64\Drivers\X6va017
C:\Windows\SysWOW64\Drivers\X6va019
C:\Windows\SysWOW64\Drivers\X6va021 
C:\Windows\SysWOW64\Drivers\X6va022
C:\Windows\SysWOW64\Drivers\X6va023
C:\Windows\SysWOW64\Drivers\X6va024
C:\Windows\SysWOW64\Drivers\X6va025
C:\Windows\SysWOW64\Drivers\X6va026
C:\Windows\SysWOW64\Drivers\X6va027
C:\Windows\SysWOW64\Drivers\X6va028
C:\Windows\SysWOW64\Drivers\X6va029
C:\Windows\SysWOW64\Drivers\X6va034
C:\Windows\SysWOW64\Drivers\X6va061
C:\Windows\SysWOW64\Drivers\X6va062
C:\Windows\SysWOW64\Drivers\X6va063
C:\STF2AEC.tmp
C:\STF80E6.tmp
Task: {02E7AC2D-1690-4498-B478-BE19C5B3DD6A} - \Start Registry Reviver Schedule -> No File <==== ATTENTION
Task: {20ADE3F1-20AD-498E-95D0-3130D91589AB} - \Start Registry Reviver Update -> No File <==== ATTENTION
Task: {2E856421-1717-4CA3-B014-DF06265C3560} - \ASC9_PerformanceMonitor -> No File <==== ATTENTION
Task: {889E9CFD-62D6-4366-A8D8-1524F3DDAF26} - System32\Tasks\{CEAD9AC7-01F5-4AA5-80A3-34ADCC88C10A} => pcalua.exe -a C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity\GDFInstall.exe -d C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity -c /nomediacenter /silent GDF.dll /allusers /exe GDF.dll <==== ATTENTION
Task: {9D412710-71C1-4EF3-9B82-602008EA2871} - \ASC9_SkipUac_hall -> No File <==== ATTENTION
Task: {EA3FECE3-E6BB-4983-B35A-3437CAE525C2} - \Driver Booster SkipUAC (hall) -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\hall\AppData\Local\Temp\dxa9886.tmp
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\hall\AppData\Roaming\Seznam.cz\szninstall.exe" –c
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[kostidrom]

chtelo to restart sem dal ok

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by hall (13-12-2016 19:14:34) Run:1
Running from C:\Users\hall\Desktop
Loaded Profiles: hall (Available Profiles: hall)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3633478581-3110627933-1294825731-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-3633478581-3110627933-1294825731-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\hall\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va023; \??\C:\Windows\SysWOW64\Drivers\X6va023 [X]
S3 X6va024; \??\C:\Windows\SysWOW64\Drivers\X6va024 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 X6va034; \??\C:\Windows\SysWOW64\Drivers\X6va034 [X]
S3 X6va061; \??\C:\Windows\SysWOW64\Drivers\X6va061 [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
S3 X6va063; \??\C:\Windows\SysWOW64\Drivers\X6va063 [X]
C:\Windows\SysWOW64\Drivers\X6va017
C:\Windows\SysWOW64\Drivers\X6va019
C:\Windows\SysWOW64\Drivers\X6va021
C:\Windows\SysWOW64\Drivers\X6va022
C:\Windows\SysWOW64\Drivers\X6va023
C:\Windows\SysWOW64\Drivers\X6va024
C:\Windows\SysWOW64\Drivers\X6va025
C:\Windows\SysWOW64\Drivers\X6va026
C:\Windows\SysWOW64\Drivers\X6va027
C:\Windows\SysWOW64\Drivers\X6va028
C:\Windows\SysWOW64\Drivers\X6va029
C:\Windows\SysWOW64\Drivers\X6va034
C:\Windows\SysWOW64\Drivers\X6va061
C:\Windows\SysWOW64\Drivers\X6va062
C:\Windows\SysWOW64\Drivers\X6va063
C:\STF2AEC.tmp
C:\STF80E6.tmp
Task: {02E7AC2D-1690-4498-B478-BE19C5B3DD6A} - \Start Registry Reviver Schedule -> No File <==== ATTENTION
Task: {20ADE3F1-20AD-498E-95D0-3130D91589AB} - \Start Registry Reviver Update -> No File <==== ATTENTION
Task: {2E856421-1717-4CA3-B014-DF06265C3560} - \ASC9_PerformanceMonitor -> No File <==== ATTENTION
Task: {889E9CFD-62D6-4366-A8D8-1524F3DDAF26} - System32\Tasks\{CEAD9AC7-01F5-4AA5-80A3-34ADCC88C10A} => pcalua.exe -a C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity\GDFInstall.exe -d C:\Users\hall\AppData\Local\Temp\Rar$EXa0.051\Assassin's_Creed_Unity -c /nomediacenter /silent GDF.dll /allusers /exe GDF.dll <==== ATTENTION
Task: {9D412710-71C1-4EF3-9B82-602008EA2871} - \ASC9_SkipUac_hall -> No File <==== ATTENTION
Task: {EA3FECE3-E6BB-4983-B35A-3437CAE525C2} - \Driver Booster SkipUAC (hall) -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\hall\AppData\Local\Temp\dxa9886.tmp
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\hall\AppData\Roaming\Seznam.cz\szninstall.exe" –c
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKU\S-1-5-21-3633478581-3110627933-1294825731-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\hall\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
X6va017 => service removed successfully
X6va019 => service removed successfully
X6va021 => service removed successfully
X6va022 => service removed successfully
X6va023 => service removed successfully
X6va024 => service removed successfully
X6va025 => service removed successfully
X6va026 => service removed successfully
X6va027 => service removed successfully
X6va028 => service removed successfully
X6va029 => service removed successfully
X6va034 => service removed successfully
X6va061 => service removed successfully
X6va062 => service removed successfully
X6va063 => service removed successfully
"C:\Windows\SysWOW64\Drivers\X6va017" => not found.
"C:\Windows\SysWOW64\Drivers\X6va019" => not found.
"C:\Windows\SysWOW64\Drivers\X6va021" => not found.
"C:\Windows\SysWOW64\Drivers\X6va022" => not found.
"C:\Windows\SysWOW64\Drivers\X6va023" => not found.
"C:\Windows\SysWOW64\Drivers\X6va024" => not found.
"C:\Windows\SysWOW64\Drivers\X6va025" => not found.
"C:\Windows\SysWOW64\Drivers\X6va026" => not found.
"C:\Windows\SysWOW64\Drivers\X6va027" => not found.
"C:\Windows\SysWOW64\Drivers\X6va028" => not found.
"C:\Windows\SysWOW64\Drivers\X6va029" => not found.
"C:\Windows\SysWOW64\Drivers\X6va034" => not found.
"C:\Windows\SysWOW64\Drivers\X6va061" => not found.
"C:\Windows\SysWOW64\Drivers\X6va062" => not found.
"C:\Windows\SysWOW64\Drivers\X6va063" => not found.
C:\STF2AEC.tmp => moved successfully
C:\STF80E6.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02E7AC2D-1690-4498-B478-BE19C5B3DD6A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02E7AC2D-1690-4498-B478-BE19C5B3DD6A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Registry Reviver Schedule => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20ADE3F1-20AD-498E-95D0-3130D91589AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20ADE3F1-20AD-498E-95D0-3130D91589AB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Registry Reviver Update => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E856421-1717-4CA3-B014-DF06265C3560}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E856421-1717-4CA3-B014-DF06265C3560}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_PerformanceMonitor => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{889E9CFD-62D6-4366-A8D8-1524F3DDAF26}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{889E9CFD-62D6-4366-A8D8-1524F3DDAF26}" => key removed successfully
C:\Windows\System32\Tasks\{CEAD9AC7-01F5-4AA5-80A3-34ADCC88C10A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CEAD9AC7-01F5-4AA5-80A3-34ADCC88C10A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D412710-71C1-4EF3-9B82-602008EA2871}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D412710-71C1-4EF3-9B82-602008EA2871}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_hall => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA3FECE3-E6BB-4983-B35A-3437CAE525C2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA3FECE3-E6BB-4983-B35A-3437CAE525C2}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (hall) => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\hall\AppData\Local\Temp\dxa9886.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\seznam-listicka-distribuce" => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25568435 B
Java, Flash, Steam htmlcache => 55751707 B
Windows/system/drivers => 29184 B
Edge => 0 B
Chrome => 354731790 B
Firefox => 390017679 B
Opera => 1122016 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33490 B
LocalService => 0 B
NetworkService => 0 B
hall => 369175278 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:14:45 ====

[jaro3]

Co problémy?

[kostidrom]

no je to lepsi asi to nechame, za tyden budu vylepsovat pc možna to bude chtit přeinstal nevim tak diky za ty antiviry a za kontrolu pc měj se čau