ERR_CONNECTION_RESET - U některých webu Vyřešeno

[KedarCZE]

1. část
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Kedar (administrator) on KEDAR-PC (31-10-2015 19:55:13)
Running from C:\Users\Kedar\Desktop
Loaded Profiles: Kedar (Available Profiles: Kedar & Ivana & Admin & Administrator & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2014-04-01] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1356552 2015-10-20] (Bogdan Sharkov)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155976 2015-10-03] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ec3a632-3aa3-425f-bde8-cb72858b8185}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66a5afab-40ce-4898-91f4-b804c7f3690b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR NewTab: Default -> "chrome-extension://dljbcjbfojhlfhgenhepllagfecdpchb/startpage/startpage.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-20]
CHR Extension: (Dokumenty Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-20]
CHR Extension: (Disk Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (OGame Galaxy Extension) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\clknnoodfglafkilgjcgeikipgjkkaai [2015-07-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (OGame Debris Fields Finder Extension) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddccmiobomjhcahhjglkakjhcbeagidi [2015-07-20]
CHR Extension: (OGame Resources Extension) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinnmkijapcbjfflfncafmfhajnggenb [2015-07-20]
CHR Extension: (PasswordBox - Free Password Manager) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb [2015-10-01]
CHR Extension: (Google+) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-07-20]
CHR Extension: (Tabulky Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-08-10]
CHR Extension: (OGame Auctioneer Assistant) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjpkobjhgiladaphmdgnnfahkgceemg [2015-07-20]
CHR Extension: (AdBlock) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]
CHR Extension: (Speed Test) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko [2015-07-20]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2015-09-15]
CHR Extension: (Mapy Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-20]
CHR Extension: (My Music Play List) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpldeidflnblidgnlmdiiedgpjemlac [2015-07-20]
CHR Extension: (Bing2Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2015-09-29]
CHR Extension: (Twitch Now) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (piZap Photo Editor) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2015-07-20]
CHR Extension: (OGame Timer) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\phcgdpgoofnibfjcekphmdbjhkdfnkad [2015-07-20]
CHR Extension: (Gmail) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-20]
CHR Extension: (OGame Basic Fleet Dispatcher Extension) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkaalmgomellfonmhgklpbgodejcfhfa [2015-07-20]
CHR Profile: C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
CHR Extension: (YouTube) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
CHR Extension: (Google Search) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
CHR Extension: (Google Sheets) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
CHR Extension: (Google Wallet) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
CHR Extension: (Gmail) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASNB4LDRSvc; C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe [33912 2014-10-01] (ASUS)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2485208 2015-08-26] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-13] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [111888 2015-10-30] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-08-26] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-08-26] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-08-26] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-08-26] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-08-26] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-08-26] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-08-26] (ESET)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-02-18] (Sony Mobile Communications)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-31] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-30] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9112792 2014-05-28] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

[Reklama]

[KedarCZE]

2. část

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 19:55 - 2015-10-31 19:55 - 00023078 _____ C:\Users\Kedar\Desktop\FRST.txt
2015-10-31 19:50 - 2015-10-31 19:55 - 00000000 ____D C:\FRST
2015-10-31 19:48 - 2015-10-31 19:49 - 02198016 _____ (Farbar) C:\Users\Kedar\Desktop\FRST64.exe
2015-10-31 19:46 - 2015-10-31 19:46 - 00016148 _____ C:\WINDOWS\system32\KEDAR-PC_Kedar_HistoryPrediction.bin
2015-10-31 11:08 - 2015-10-31 11:10 - 23803976 _____ C:\Users\Kedar\Desktop\RogueKillerX64_beta.exe
2015-10-30 23:59 - 2015-10-30 23:14 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-10-30 23:16 - 2015-10-31 00:02 - 00007647 _____ C:\zoek-results.log
2015-10-30 23:14 - 2015-10-30 23:53 - 00000000 ____D C:\zoek_backup
2015-10-30 21:47 - 2015-10-30 21:47 - 00018580 _____ C:\Users\Kedar\AppData\Local\recently-used.xbel
2015-10-30 21:38 - 2015-10-30 21:38 - 00402159 _____ C:\Users\Kedar\Documents\Bez názvu.xcf
2015-10-30 20:26 - 2015-10-30 20:26 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-30 18:46 - 2015-10-30 18:46 - 00193336 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2015-10-30 18:26 - 2015-10-30 18:26 - 01804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-10-30 18:17 - 2015-10-30 18:17 - 01309184 _____ C:\Users\Kedar\Desktop\zoek.exe
2015-10-30 16:55 - 2015-10-30 16:56 - 22924872 _____ C:\Users\Kedar\Desktop\RogueKillerX64.exe
2015-10-30 16:39 - 2015-10-30 16:39 - 00001252 _____ C:\Users\Kedar\Desktop\JRT.txt
2015-10-30 16:31 - 2015-10-30 16:31 - 00001128 _____ C:\Users\Kedar\Desktop\Malw.txt
2015-10-30 16:30 - 2015-10-30 16:30 - 01801288 _____ (Malwarebytes) C:\Users\Kedar\Desktop\JRT.exe
2015-10-30 16:29 - 2015-10-30 16:29 - 00016148 _____ C:\WINDOWS\system32\KEDAR-PC_Ivana_HistoryPrediction.bin
2015-10-30 14:38 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 14:38 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 14:38 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 14:38 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 14:38 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 14:37 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 14:37 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 14:37 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 14:37 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 14:37 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 14:36 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 14:36 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 14:36 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 14:36 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 14:36 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 14:36 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 14:36 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 14:36 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 14:35 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 14:35 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 14:35 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 14:34 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 14:34 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 14:34 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 14:34 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 14:33 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 14:33 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 14:33 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 14:32 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 14:32 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 14:32 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 14:32 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 14:31 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 14:31 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:59 - 2015-10-30 10:03 - 00000000 ____D C:\AdwCleaner
2015-10-30 09:56 - 2015-10-30 09:56 - 01691648 _____ C:\Users\Kedar\Desktop\AdwCleaner (1).exe
2015-10-30 08:59 - 2015-10-30 08:59 - 00013118 _____ C:\Users\Kedar\Desktop\hijackthis.log
2015-10-30 08:57 - 2015-10-30 08:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kedar\Desktop\HijackThis.exe
2015-10-28 23:06 - 2015-10-28 23:07 - 00351512 _____ C:\WINDOWS\Minidump\102815-44484-01.dmp
2015-10-28 23:06 - 2015-10-28 23:06 - 714912639 _____ C:\WINDOWS\MEMORY.DMP
2015-10-28 23:06 - 2015-10-28 23:06 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-27 19:16 - 2015-10-27 19:16 - 00000000 ____D C:\Users\Kedar\Documents\ClownfishSoundTemp
2015-10-24 08:00 - 2015-10-24 08:00 - 00001460 _____ C:\Users\Kedar\Desktop\asdasd.txt
2015-10-21 18:37 - 2015-10-21 18:37 - 01193704 _____ (Adobe Systems Incorporated) C:\Users\Ivana\Downloads\readerdc_cz_ga_install.exe
2015-10-21 13:44 - 2015-10-31 14:24 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-21 13:44 - 2015-10-21 13:44 - 00003904 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-19 12:18 - 2015-10-19 12:18 - 00000000 ____D C:\Users\Ivana\AppData\Local\CEF
2015-10-15 18:15 - 2015-07-10 12:00 - 00193940 _____ C:\Users\Kedar\Desktop\Windows Notify System Generic.wav
2015-10-14 17:08 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 17:08 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 17:08 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 17:08 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 17:08 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 17:08 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 17:08 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 17:08 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 17:08 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 17:08 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 17:08 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 17:08 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 17:08 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 17:08 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 17:08 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 17:08 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 17:08 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 17:08 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 17:08 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 17:08 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 17:08 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 17:08 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 17:08 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 17:08 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 17:08 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 17:08 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 17:08 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 17:08 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 17:08 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 17:08 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 17:08 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 17:08 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 17:08 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 17:08 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 17:08 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 17:08 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 17:08 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 14:23 - 2015-10-16 12:43 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-10-14 14:23 - 2015-10-16 12:43 - 00000000 ____D C:\WINDOWS\system32\NV
2015-10-14 14:20 - 2015-10-06 19:46 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-14 14:20 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-14 14:19 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-14 14:19 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-14 14:17 - 2015-10-14 14:17 - 00000000 ____D C:\NVIDIA
2015-10-13 11:24 - 2015-10-13 11:24 - 04587520 _____ (Google Inc.) C:\WINDOWS\SysWOW64\GPhotos.scr
2015-10-10 17:14 - 2015-10-10 17:14 - 00000000 ____D C:\Users\Kedar\Documents\free-videoconverter
2015-10-10 17:14 - 2015-10-10 17:14 - 00000000 ____D C:\Users\Kedar\AppData\Local\free-videoconverter
2015-10-10 14:36 - 2015-10-10 14:36 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\THQ
2015-10-10 14:33 - 2015-10-10 14:33 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-10 14:25 - 2015-10-10 15:33 - 00000472 _____ C:\WINDOWS\DXError.log
2015-10-10 14:24 - 2015-10-10 15:47 - 00528772 _____ C:\WINDOWS\DirectX.log
2015-10-02 15:49 - 2015-10-16 04:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-02 15:49 - 2015-10-16 04:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-02 15:40 - 2015-10-31 14:12 - 00002992 _____ C:\WINDOWS\PFRO.log
2015-10-01 15:41 - 2015-09-17 07:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 15:41 - 2015-09-17 07:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 15:41 - 2015-09-17 07:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 15:41 - 2015-09-17 07:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 15:41 - 2015-09-17 06:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 15:41 - 2015-09-17 06:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 15:41 - 2015-09-17 06:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 15:41 - 2015-09-17 06:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 15:41 - 2015-09-17 06:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 15:40 - 2015-09-17 07:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 15:40 - 2015-09-17 07:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 15:40 - 2015-09-17 07:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 15:40 - 2015-09-17 07:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 15:40 - 2015-09-17 07:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 15:40 - 2015-09-17 07:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 15:40 - 2015-09-17 07:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 15:40 - 2015-09-17 07:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 15:40 - 2015-09-17 07:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 15:40 - 2015-09-17 07:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 15:40 - 2015-09-17 07:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 15:40 - 2015-09-17 07:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 15:40 - 2015-09-17 07:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 15:40 - 2015-09-17 07:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 15:40 - 2015-09-17 07:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 15:40 - 2015-09-17 07:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 15:40 - 2015-09-17 07:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 15:40 - 2015-09-17 07:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 15:40 - 2015-09-17 07:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 15:40 - 2015-09-17 07:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 15:40 - 2015-09-17 07:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 15:40 - 2015-09-17 07:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 15:40 - 2015-09-17 07:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 15:40 - 2015-09-17 07:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 15:40 - 2015-09-17 06:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 15:40 - 2015-09-17 06:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 15:40 - 2015-09-17 06:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 15:40 - 2015-09-17 06:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 15:40 - 2015-09-17 06:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 15:40 - 2015-09-17 06:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 15:40 - 2015-09-17 06:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 15:40 - 2015-09-17 06:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 15:40 - 2015-09-17 06:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 15:40 - 2015-09-17 06:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 15:40 - 2015-09-17 06:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 15:40 - 2015-09-17 06:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 15:40 - 2015-09-17 06:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 15:40 - 2015-09-17 06:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 15:40 - 2015-09-17 06:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 15:40 - 2015-09-17 06:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 15:40 - 2015-09-17 06:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 15:40 - 2015-09-17 06:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 15:40 - 2015-09-17 06:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 15:40 - 2015-09-17 06:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 15:40 - 2015-09-17 06:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 15:40 - 2015-09-17 06:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 15:40 - 2015-09-17 06:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 15:40 - 2015-09-17 06:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 15:40 - 2015-09-17 06:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 15:40 - 2015-09-17 06:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 15:40 - 2015-09-17 06:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 15:40 - 2015-09-17 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 15:40 - 2015-09-17 06:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 15:40 - 2015-09-17 06:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 15:40 - 2015-09-17 06:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 15:40 - 2015-09-17 06:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 15:40 - 2015-09-17 06:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 15:40 - 2015-09-17 06:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 15:40 - 2015-09-17 06:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 15:40 - 2015-09-17 06:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 15:40 - 2015-09-17 06:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 15:40 - 2015-09-17 06:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 15:40 - 2015-09-17 06:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 15:40 - 2015-09-17 06:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 15:40 - 2015-09-17 06:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 15:40 - 2015-09-17 06:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 15:39 - 2015-09-19 06:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 15:39 - 2015-09-17 07:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 15:39 - 2015-09-17 07:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 15:39 - 2015-09-17 07:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 15:39 - 2015-09-17 07:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 15:39 - 2015-09-17 07:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 15:39 - 2015-09-17 07:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 15:39 - 2015-09-17 07:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 15:39 - 2015-09-17 07:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 15:39 - 2015-09-17 07:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 15:39 - 2015-09-17 07:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 15:39 - 2015-09-17 07:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 15:39 - 2015-09-17 07:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 15:39 - 2015-09-17 07:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 15:39 - 2015-09-17 07:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 15:39 - 2015-09-17 07:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 15:39 - 2015-09-17 07:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 15:39 - 2015-09-17 07:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 15:39 - 2015-09-17 07:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 15:39 - 2015-09-17 07:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 15:39 - 2015-09-17 07:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 15:39 - 2015-09-17 07:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 15:39 - 2015-09-17 07:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 15:39 - 2015-09-17 07:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 15:39 - 2015-09-17 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 15:39 - 2015-09-17 07:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 15:39 - 2015-09-17 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 15:39 - 2015-09-17 07:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 15:39 - 2015-09-17 07:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 15:39 - 2015-09-17 07:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 15:39 - 2015-09-17 07:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 15:39 - 2015-09-17 07:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 15:39 - 2015-09-17 07:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 15:39 - 2015-09-17 07:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 15:39 - 2015-09-17 07:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 15:39 - 2015-09-17 07:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 15:39 - 2015-09-17 06:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 15:39 - 2015-09-17 06:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 15:39 - 2015-09-17 06:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 15:39 - 2015-09-17 06:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 15:39 - 2015-09-17 06:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 15:39 - 2015-09-17 06:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 15:39 - 2015-09-17 06:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 15:39 - 2015-09-17 06:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 15:39 - 2015-09-17 06:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 15:39 - 2015-09-17 06:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 15:39 - 2015-09-17 06:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 15:39 - 2015-09-17 06:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 15:39 - 2015-09-17 06:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 15:39 - 2015-09-17 06:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 15:39 - 2015-09-17 06:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 15:39 - 2015-09-17 06:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 15:39 - 2015-09-17 06:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 15:39 - 2015-09-17 06:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 15:39 - 2015-09-17 06:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 15:39 - 2015-09-17 06:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 15:39 - 2015-09-17 06:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 15:39 - 2015-09-17 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 15:39 - 2015-09-17 06:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 15:39 - 2015-09-17 06:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 15:39 - 2015-09-17 06:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 15:39 - 2015-09-17 06:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 15:39 - 2015-09-17 06:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 15:39 - 2015-09-17 06:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 15:39 - 2015-09-17 06:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 15:39 - 2015-09-17 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 15:39 - 2015-09-17 06:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 15:39 - 2015-09-17 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 15:39 - 2015-09-17 06:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 15:39 - 2015-09-17 06:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 15:39 - 2015-09-17 06:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 15:38 - 2015-09-17 07:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 15:38 - 2015-09-17 06:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 15:38 - 2015-09-17 06:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 14:45 - 2015-10-01 14:45 - 00042391 _____ C:\Users\Kedar\Documents\Clownfish.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-31 19:49 - 2015-08-10 11:51 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15C2D9CD-D4AD-411F-B991-6F4280579101}
2015-10-31 19:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-31 19:48 - 2015-09-03 17:54 - 00003294 _____ C:\WINDOWS\System32\Tasks\Run LSI
2015-10-31 19:48 - 2015-08-31 13:36 - 00000000 ____D C:\Program Files (x86)\LSI
2015-10-31 19:47 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-31 19:47 - 2014-10-30 17:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-31 19:46 - 2015-08-07 17:10 - 02038596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-31 19:46 - 2015-07-10 17:02 - 00843298 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-31 19:46 - 2015-07-10 17:02 - 00192530 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-31 14:17 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-31 14:16 - 2015-09-29 20:45 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-31 14:12 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-31 14:12 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-31 14:11 - 2014-05-23 12:49 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\OBS
2015-10-31 12:43 - 2014-04-05 18:54 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Skype
2015-10-31 12:41 - 2015-02-07 19:28 - 00000000 ____D C:\Program Files\OBS
2015-10-31 11:50 - 2014-10-31 17:12 - 00036608 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-10-30 21:47 - 2014-06-03 19:34 - 00000000 ____D C:\Users\Kedar\AppData\Local\gtk-2.0
2015-10-30 21:47 - 2014-06-03 19:27 - 00000000 ____D C:\Users\Kedar\.gimp-2.8
2015-10-30 20:26 - 2015-09-30 18:29 - 00003406 _____ C:\WINDOWS\setupact.log
2015-10-30 20:26 - 2015-08-07 17:08 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-30 20:23 - 2014-11-03 15:04 - 00000000 ____D C:\Users\Kedar\AppData\Local\CrashDumps
2015-10-30 18:26 - 2015-08-07 17:57 - 00000000 ____D C:\Users\Kedar\AppData\Local\Packages
2015-10-30 18:26 - 2014-03-12 15:32 - 00111888 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys
2015-10-30 17:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 14:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 10:32 - 2014-04-05 08:12 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Adobe
2015-10-30 09:37 - 2014-07-25 14:41 - 00000000 ____D C:\ProgramData\Sony
2015-10-30 09:37 - 2014-07-25 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-10-30 08:59 - 2015-08-07 17:56 - 00000000 ____D C:\Users\Kedar\AppData\Local\VirtualStore
2015-10-30 08:46 - 2014-04-05 08:12 - 00045056 _____ C:\WINDOWS\system32\acovcnt.exe
2015-10-29 19:17 - 2015-09-30 18:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-29 08:39 - 2014-04-05 08:34 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-29 00:13 - 2015-08-07 17:14 - 00000000 ____D C:\Users\Ivana
2015-10-27 21:13 - 2015-08-18 19:31 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-27 21:12 - 2015-08-18 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-25 08:31 - 2015-08-26 17:47 - 00000000 ____D C:\Users\Kedar\.oracle_jre_usage
2015-10-24 20:05 - 2015-04-04 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 20:05 - 2014-12-06 19:29 - 00000000 ____D C:\Program Files\Java
2015-10-24 16:52 - 2015-08-07 17:14 - 00000000 ___RD C:\Users\Kedar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 19:04 - 2014-12-28 16:01 - 00012315 _____ C:\Users\Kedar\Desktop\League of Legends.xlsx
2015-10-22 13:21 - 2014-04-05 18:54 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 18:37 - 2014-04-08 14:17 - 00000000 ____D C:\Users\Ivana\AppData\Local\Adobe
2015-10-21 13:50 - 2015-08-10 11:58 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-20 12:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-18 13:04 - 2015-08-20 10:37 - 00010211 _____ C:\Users\Kedar\Desktop\Boti kteří jdou zvolit na custom hry.xlsx
2015-10-16 19:00 - 2015-08-18 19:31 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-10-16 13:26 - 2014-05-23 10:26 - 00000000 ____D C:\Users\Kedar\Desktop\bordel
2015-10-15 14:37 - 2015-06-03 15:26 - 00000828 _____ C:\Users\Kedar\Desktop\LoL.lnk
2015-10-15 13:38 - 2015-08-07 17:08 - 00000000 ____D C:\Program Files\Elantech
2015-10-14 20:47 - 2014-04-06 17:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 20:14 - 2014-04-06 17:42 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 14:23 - 2015-08-07 17:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-14 13:48 - 2014-10-30 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-14 13:48 - 2014-10-30 17:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-13 20:24 - 2015-05-14 15:12 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 16:37 - 2014-06-10 11:24 - 00000000 ____D C:\Users\Ivana\Documents\Radek-škola
2015-10-13 12:26 - 2015-08-07 18:12 - 00056008 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-10-13 12:26 - 2014-12-22 12:43 - 00525512 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-10-11 17:55 - 2015-08-07 17:14 - 00000000 ____D C:\Users\Kedar
2015-10-10 16:03 - 2015-08-16 14:30 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\obs-studio
2015-10-10 15:52 - 2014-05-25 16:17 - 00000000 ____D C:\Users\Kedar\Documents\My Games
2015-10-10 15:52 - 2014-04-01 15:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-10 14:20 - 2014-10-31 19:24 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\DAEMON Tools Pro
2015-10-07 18:19 - 2014-07-27 09:46 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\uTorrent
2015-10-07 10:56 - 2015-07-25 19:58 - 00000000 ____D C:\Users\Ivana\Desktop\Foto
2015-10-06 19:45 - 2015-09-02 14:27 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-05 16:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 08:50 - 2014-10-30 17:18 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-05 08:50 - 2014-10-30 17:18 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 08:50 - 2014-10-30 17:18 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-04 18:14 - 2015-09-06 17:40 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\MPC-HC
2015-10-03 06:13 - 2014-08-28 13:17 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2015-10-03 05:58 - 2015-09-02 14:55 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-03 05:58 - 2015-09-02 14:55 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 05:58 - 2015-09-02 14:55 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-03 05:58 - 2015-09-02 14:55 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-03 05:58 - 2015-09-02 14:27 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 03:38 - 2015-09-02 14:52 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2015-09-02 14:52 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-10-03 03:38 - 2015-09-02 14:52 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 15:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-01 13:24 - 2014-04-01 15:54 - 00002147 _____ C:\WINDOWS\system32\ServiceFilter.ini
2015-10-01 13:23 - 2014-04-01 15:54 - 00002850 _____ C:\WINDOWS\system32\AutoRunFilter.ini
2015-10-01 10:30 - 2015-09-02 14:52 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-06-04 16:10 - 2014-06-04 16:10 - 0000097 _____ () C:\Users\Kedar\AppData\Roaming\LauncherSettings_live.cfg
2014-06-04 16:08 - 2014-06-04 16:08 - 0000039 _____ () C:\Users\Kedar\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-10-30 21:47 - 2015-10-30 21:47 - 0018580 _____ () C:\Users\Kedar\AppData\Local\recently-used.xbel
2014-04-06 01:02 - 2015-05-17 09:36 - 0007610 _____ () C:\Users\Kedar\AppData\Local\resmon.resmoncfg
2014-07-27 08:26 - 2015-03-23 20:06 - 0000059 _____ () C:\Users\Kedar\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\Kedar\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Kedar\AppData\Local\Temp\PidGenX.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 12:01

==================== End of FRST.txt ============================

[KedarCZE]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Kedar (2015-10-31 19:55:57)
Running from C:\Users\Kedar\Desktop
Windows 10 Home (X64) (2015-08-07 16:56:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-1254521284-2832283178-1197838188-1006 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1254521284-2832283178-1197838188-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1254521284-2832283178-1197838188-503 - Limited - Disabled)
Guest (S-1-5-21-1254521284-2832283178-1197838188-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1254521284-2832283178-1197838188-1003 - Limited - Enabled)
Ivana (S-1-5-21-1254521284-2832283178-1197838188-1004 - Limited - Enabled) => C:\Users\Ivana
Kedar (S-1-5-21-1254521284-2832283178-1197838188-1001 - Administrator - Enabled) => C:\Users\Kedar

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.117.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.141.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
µTorrent (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\uTorrent) (Version: 3.4.3.40538 - BitTorrent Inc.) - Víc jak půl roku nepoužité
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.6603 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1601.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.0.4203 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{40A56C68-9D6C-40BD-8711-F40DD46DB4F6}) (Version: 9.0.117.0 - ESET, spol. s r.o.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.6 - Androxyde)
FormApps Signing Extension (HKLM-x32\...\{801F9351-A8A7-441D-9398-6A56E143E316}) (Version: 1.28.0.8 - Software602 a.s.)
Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.35 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.5.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.6 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.10.0 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MC BP-Modpack 1.7.10 (HKLM-x32\...\MC BP-Modpack) (Version: 1.7.10 - Minecraft Building Paradise)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM-x32\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\MK LOL) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero WaveEditor (HKLM-x32\...\{8F7F40B4-8C55-4B92-8C89-16501DAC697F}) (Version: 12.5.00800 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
OffScrub_O15msi_OFFICE15.00BD (HKLM\...\OFFICE15.00BD) (Version: 15.0.4569.1506 - )
OffScrub_O15msi_OFFICE15.Proof (HKLM\...\OFFICE15.Proof) (Version: 15.0.4569.1506 - )
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 358.50 (Version: 358.50 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sony Mobile Emma (HKLM-x32\...\Emma) (Version: 2.14.15.201410271230 - Sony Mobile Communications Inc.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.13.201509231442 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version: - Cryptic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{81352991-AE30-4BD7-826F-F929A5AAD413}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Ulož.to File Manager verze 1.7 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{6B99320D-817F-42CE-B45E-5C9AD42678E3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
USB2.0 UVC VGA WebCam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10277 - Realtek Semiconductor Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.47 - ASUS)
Wooxy version 1.1.0.0 (HKLM-x32\...\{4096013E-16CD-4165-9AD9-535C61E833DC}_is1) (Version: 1.1.0.0 - Chewy)
World of Tanks (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

15-10-2015 18:33:35 Installed VirtualDJ 8
20-10-2015 16:17:17 Windows Update
24-10-2015 20:03:59 Removed Java 8 Update 66 (64-bit)
30-10-2015 09:35:47 Removed Vegas Pro 13.0 (64-bit)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-31 12:06 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD254F5-0F39-4F2E-B212-60D8A80F3649} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {0E7FB0EA-0275-419D-A38D-B1352DA97971} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {116AEB86-DE5F-4C62-ACF0-C97EFE247036} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17] (Realtek Semiconductor)
Task: {16C3986E-28FF-44B5-A46F-32D2CCDF867D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {527C6882-4680-4C46-8761-A39DA59AC8F1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17] (Realtek Semiconductor)
Task: {5C38E921-20B9-4AF2-88DC-02289540E2F5} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-09-09] (Aequus Gaming)
Task: {6A56D27B-9F1E-4DDD-A067-61E492E98D6F} - System32\Tasks\Trigger KMS Activation => Z:\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: {7B24FE63-DE8F-44C5-B87A-00584A91C919} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {911F3F9D-71EE-4D1C-AF2B-3316BA0DEBE8} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {99F59E7F-ED0E-43D4-9F08-2FFC5AC63645} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {9C8E9B45-8C2F-430E-838D-3E87300F346F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {AC7BE6ED-21C0-4477-A8A4-8129F2D3E00C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C45DD868-BB14-4478-B4FC-2700896B0468} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {CE1A0D32-F44F-4AA8-832A-98CC72AEECDD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {D02C2BB3-2513-46CF-A424-731D48110570} - System32\Tasks\R@1n-KMS\KMS-Restart => start KMS-R@1n
Task: {D40A9080-5579-4EAE-AE36-2025EBF3CF0D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {D996E246-BD60-4C7A-8BAF-BEAF6682715B} - System32\Tasks\{6FC251E7-D893-4D84-9697-604816CA8390} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus\Autorun.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus"
Task: {DC6AD74F-0DE4-4E2A-827C-7DCC18688094} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {F166584F-3A4D-4A6C-AD5C-AA79ACCC9523} - System32\Tasks\{A3E97EB3-34E1-4C1A-8DD5-AD25EBB9DE12} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator\Setup.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator"
Task: {F72C63E3-0988-4242-AC37-A10FBE7BA07D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-07 17:51 - 2015-08-07 17:51 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-02 14:52 - 2015-10-03 03:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 15:39 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 15:41 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:40 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 22:21 - 2011-03-09 22:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-01 16:48 - 2014-10-01 16:48 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2013-05-20 10:02 - 2013-05-20 10:02 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvcPS.dll
2014-10-31 19:29 - 2014-11-02 12:02 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\skype.com -> hxxps://apps.skype.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kedar\Desktop\ZAD7Cis.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9B74C372-DB15-461A-B46C-E50096B46FEA}] => (Allow) LPort=1688
FirewallRules: [{4FB3201A-0085-4ACB-A98F-E0E05D3D037E}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{ED54FEA6-7288-4C1E-95C9-CD1ECC63575F}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F352C287-5C74-4153-8C2A-346EF35A1787}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{BC6D53A0-C9AD-4467-9F0C-6952AAB11433}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{F38520F9-7FDF-40F3-B296-BE8CC3C3D1DE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CF4AEE28-CDC5-4594-8F28-E6E4105D1800}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7ED1B97F-ADCD-4BFA-8638-A00C5D9250D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{69C0978D-F465-405E-BE40-78C22AE0C185}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{4227DF60-EF00-4F0C-A91A-19A471073580}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0348D515-6C21-40CB-A405-CD1ADF2709A9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B081C0FF-FD8C-4959-AEA6-48C225AAC982}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DF317345-079C-4E7A-B019-D68246F7269F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{1AFBB746-430F-468F-874D-3164874723C2}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{C7684BEB-2D02-4055-9375-9C226652A81F}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{D1BE4EBF-C566-47BC-A41A-AC70A4CC748F}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{B3AC85D1-3009-411F-BA7E-888C9F59B766}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{DFD7A4A7-9BF1-4C3F-B6C8-41C90870C149}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{737CDED2-251E-410A-8C70-1E70B35B284F}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{DE3A5C27-3F21-4A0D-B29D-1C8BB438F909}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{B667811A-11B3-40AF-A01B-F71DE0A4B01A}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{D644B576-B24B-4A87-A70C-A458628E760C}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{B62D726D-1AFC-4B7B-AE32-1908DACDC873}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{797711F9-4822-4936-8C74-D27461B73333}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{CD32D911-3746-4FDB-BFED-42CA0BD79BEE}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{2465E4A7-92F5-4837-801F-BA8CB217117A}] => (Allow) E:\Hry\Survarium\temp\survarium_launcher.exe
FirewallRules: [{D3993D84-5204-4760-BB62-D55E84BF5C8D}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0D0B85C8-8F60-4BD3-B3BC-4ABCBC20121A}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B8AA0D4F-34C3-49B0-8E50-CE538A240997}] => (Allow) LPort=5000
FirewallRules: [{0DAFC252-B5D6-4F06-8730-868B44864F8D}] => (Allow) LPort=61096
FirewallRules: [{408DEA53-09CF-4889-BF2E-9C09D04B7181}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2E994644-3396-458F-9EC5-D612892D80AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{598A9E61-5CC5-4917-96E7-5F492E295156}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{F1801C69-438D-4F06-A946-CADE634AA6D2}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{79B53679-C978-4A82-86D2-9796F5EC0A95}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{288A201F-F63B-4487-9450-B6D463837234}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{6BCCCAB1-B6DE-404C-9534-8B0A2078D72B}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{4FEF42BF-8A93-42A9-87D3-3D3211913BB7}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5EF66ADF-89F9-4835-9877-AC713486E4C4}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9E9C75EF-8876-4C5F-864D-20F029E5FC8A}] => (Allow) LPort=41780
FirewallRules: [{21B7FE24-EA43-4E54-A328-A473D576A6C2}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{8BF51832-A4E9-40BC-9701-66D6A4502D5D}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{0A45C3B0-456E-4ED3-AD69-66C5F7F85364}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5F96D7F-F3F3-469E-905A-8CAD3F307A00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB043C8B-19D3-4634-A2E3-0A57C3CE04E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{168CBEE4-AE9E-4E45-B3FD-6A1E671D5866}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0E88281F-309D-41A5-B027-1EFD84A669EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7AFCE8B0-5577-4B76-A9C7-BA6D44F6CDB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04B9ADAE-D69B-45F1-87B3-3EBEDEDBDFC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D1A102D8-6047-43C2-832C-9F355A110C9A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E2408EEB-DFA5-45D3-8735-DF3665F6A2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0BC13C-2D0F-4D57-B28A-823A62543748}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D710B6A6-223D-48F9-9584-029D0ACC03D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C8C1B580-DDD4-445E-8CF7-730B263078E7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7A558F1E-05B6-4245-AF79-9B488D2FCB1C}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{33E76313-6417-4D4A-8113-A8E81EC6CB57}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{CFAD32F1-E34F-4C9F-B289-864515C1248C}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{16897F67-5368-4F75-A09F-4AAC7E22C02A}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{A4C7B5F5-9E59-4B99-9222-C8A0418A6945}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{B5CC52DF-2BAF-481D-AEA5-797781731C85}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{74DC8322-E344-423A-9D5E-0EFE255E2C6C}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5F04E0C9-8090-4F55-8F4E-EA6D4A2369BF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{BF194211-8E67-4B3E-96A7-0FE6AD41DDE2}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{1637B59B-7FF9-4CFA-9D20-72563526D382}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{B35E79FA-4D76-49CB-AFCB-2800B5FF5DDC}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1B9A5068-16D1-4984-B0C3-70F970020DC4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{411A8847-6F59-42F5-8A2E-41DA6CC80AC7}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8DAD9EBB-8DC1-489D-BFDB-8F51E541C55D}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{089C0668-4730-4E65-A2E6-2873974CC1C4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1D85AF4F-9D58-4647-88F5-5A3295EE8E7B}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{ECFFD95E-E837-406F-A7F9-C69E42B318A4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7D26AC2A-CC9D-4889-B716-C212518E6BFF}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{A42BF0C9-DC46-4726-A171-386D77ACAC32}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6AF869C1-9C82-4CEE-B685-0A13198790EF}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{E1C9A896-0EB9-4429-9E9A-A95B8DFEF759}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{86AC07D9-0AB6-4A18-B76E-B1B30E7203CF}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{2DE487A7-F692-4C31-8D7B-3A40AB20A0B7}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0C81125E-6128-4B8F-92F1-2E0AD67A5897}] => (Allow) LPort=1900
FirewallRules: [{B126A94A-9B72-41B9-85F4-0F6B4FDF8C48}] => (Allow) LPort=2869
FirewallRules: [{1E3ACD3F-BD44-4E22-A925-4E413D9CC588}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E7147BE4-7065-417D-85F0-354F63297C80}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{E8D96C11-DB85-4AB6-873A-6F787690538A}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{C6F14999-6307-48B8-A6D3-1672E5A749AF}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{03287BFA-6AF7-4BA8-8798-0C1CFF543C94}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{D5BDBC51-33FB-4793-BEFE-7A05A37CD933}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{59353A72-DC69-45D4-86A2-09F720F327AA}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{02A12D4C-89B4-4799-9B02-FECE06E509BD}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FCAC061B-561E-46CA-A9EB-C2CBBC7BDA24}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2F084736-5EB1-46CA-96A3-F202B016AA0B}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{8A1F0118-5EE4-4E49-8893-79CF80AA0E58}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{32412C59-6658-427D-ACA0-7526ECF8CAF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3431ACA2-CF93-4C8C-9598-E0FC16F82927}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6288D71B-CF60-48CE-86C6-1BA5EA39B87E}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{563CC441-8333-4592-A35B-B5040FAC2BB7}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{5285F75C-C075-4B30-9D40-1A2BF7DD51E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5649D4D0-0339-4222-8119-ABCF8F2FAF59}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7B950B23-4ED1-4753-86FF-9BC65D7E56EA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F8DC8BD-8249-4EFF-B5CF-5A97211168A0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{209C5C0A-9E62-4B86-BE94-7F4F349F69BC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D4022056-E3E6-447B-8FA1-8B6C08A4CBD5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C38F9B0D-4E4C-44B4-9C23-4F0193FE874C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{3FF92CB6-7F25-4380-88BB-BA6F68AE6DA9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9E4EB648-0ED1-4351-A8FD-330CE7697803}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4CBF17F8-9FFC-4939-B01C-0E8AF483A087}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E73183AE-8947-428C-9D06-0990C19908A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B8E8A6C7-5DF6-4752-AE8A-F9257454885C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C1798FDA-5691-47AE-89FB-96991DF54E2A}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{921D38B1-D488-46BB-B5B0-4612861B4DBE}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{556A51B8-C009-4943-B23E-AC57761D8DB7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{93243E3E-D5D0-4B02-AA93-B093F6C04C5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D7465BAB-DD8D-4B62-A2C0-6E24AE5DE028}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{605BC948-5708-4EBB-A30E-518E3FF3BFC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3FD2DD9E-03A4-4E5B-9E01-7DD00EC08CA0}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{79FCF62C-1FA6-4CE4-8FD1-993348C2CB89}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF19779A-3C6F-48A8-845E-2DB153981B23}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E8453146-4F3C-4926-8DA8-E279FBAFCFA9}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9628DA2-C129-443C-B1E1-72B5245D42F3}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EB608CC-E6C5-4002-80CF-BDB024AE8DE1}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32740511-060E-425E-B3EB-0E110B79EC35}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ABC6461-E5B3-4964-B2C8-962B412EE406}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73960E7B-A9A7-4ECD-BD2A-D2F2D05C8592}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{234E38D0-425E-4189-B634-551562574E32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{92CB28CF-A29E-46BB-8EB8-3AE1E8E82B79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C11D9928-1F7A-4E3E-BF38-E90C42C2BFE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E744D126-5C7B-482E-8B64-4ECB6587E7AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{871005B8-1821-47E2-9BD4-3B3AC7D142CB}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1F055FEF-A640-4EA7-A697-A97B40712578}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{71E55BA7-F4D8-42B1-BC93-703661BF3604}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D5805427-FE99-4485-A7BD-4501B71CB8A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF350FF2-8910-4C77-A0A4-08EAA40F4238}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{8B495639-05FD-4317-AE8E-A8B20C4194BF}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{4A739C5E-46E2-4279-B128-EE4742F05004}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2015 02:40:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/31/2015 02:35:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/31/2015 02:16:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AutoRearm.exe, verze: 2.5.3.0, časové razítko: 0x54c2b452
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.10240.16384, časové razítko: 0x559f38c3
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002a1c8
ID chybujícího procesu: 0x768
Čas spuštění chybující aplikace: 0xAutoRearm.exe0
Cesta k chybující aplikaci: AutoRearm.exe1
Cesta k chybujícímu modulu: AutoRearm.exe2
ID zprávy: AutoRearm.exe3
Úplný název chybujícího balíčku: AutoRearm.exe4
ID aplikace související s chybujícím balíčkem: AutoRearm.exe5

Error: (10/31/2015 02:16:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: AutoRearm.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Exception
Zásobník:
na ..
(System.String, System.String)
na ..
(.
)
na ..
()

Error: (10/31/2015 02:16:43 PM) (Source: Software Protection Platform Service) (EventID: 8212) (User: )
Description: Neúspěšné obnovení aktivačního období pro ID aplikace = 0ff1ce15-a989-479d-af46-f275c6370663, ID jednotky SKU = b322da9c-a2e2-4058-9e4e-f59a6970bd69. Zbývající počet obnovení aktivačního období: 0. Kód chyby: 0xC004D307

Error: (10/31/2015 02:16:42 PM) (Source: Software Protection Platform Service) (EventID: 8212) (User: )
Description: Neúspěšné obnovení aktivačního období pro ID aplikace = 0ff1ce15-a989-479d-af46-f275c6370663, ID jednotky SKU = 41499869-4103-4d3b-9da6-d07df41b6e39. Zbývající počet obnovení aktivačního období: 0. Kód chyby: 0xC004D307

Error: (10/31/2015 02:16:42 PM) (Source: Software Protection Platform Service) (EventID: 8212) (User: )
Description: Neúspěšné obnovení aktivačního období pro ID aplikace = 0ff1ce15-a989-479d-af46-f275c6370663, ID jednotky SKU = 1b686580-9fb1-4b88-bfba-eae7c0da31ad. Zbývající počet obnovení aktivačního období: 0. Kód chyby: 0xC004D307

Error: (10/31/2015 02:15:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/31/2015 02:15:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.10240.16515 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 7d0

Čas spuštění: 01d113de15d7be31

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

ID hlášení: 62142664-7fd1-11e5-9bef-5404a6034d5e

Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: CortanaUI

Error: (10/31/2015 02:14:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: KEDAR-PC)
Description: Aplikace Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI se nespustila ve stanovenou dobu.


System errors:
=============
Error: (10/31/2015 07:54:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:22 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:10 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:09 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:09 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:54:09 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:53:33 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/31/2015 07:53:33 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.


CodeIntegrity:
===================================
Date: 2015-10-15 20:10:46.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:45.984
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:45.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:45.697
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:45.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:45.521
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:43.331
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 20:10:41.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 17:42:40.267
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-10-15 17:42:40.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 44%
Total physical RAM: 4006.69 MB
Available physical RAM: 2219.39 MB
Total Virtual: 8102.69 MB
Available Virtual: 6046.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:200 GB) (Free:113.65 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:240.66 GB) (Free:114.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 2756CB74)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=240.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[KedarCZE]

Ty věci okolo nelegálního Officu se budu zbavovat hodlám si koupit konečně legální. Ale to co tu teď řeším blokuje i CZC.cz kde si ho chci koupit :( . Takže všechno co je nazváno KMS, KSM a R@1n-KMS jestli by se dalo přes tenhle program odstanit.

[jerabina]

Ano, vidím to tam, máš to tím docela slušně prolezlé. Fixlist by měl vše ohledně KMS vymazat.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\WINDOWS\SysWOW64\ff_vfw.dll
C:\WINDOWS\system32\ServiceFilter.ini
C:\WINDOWS\system32\AutoRunFilter.ini
C:\WINDOWS\system32\nvcoproc.bin

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1356552 2015-10-20] (Bogdan Sharkov)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]

CHR NewTab: Default -> "chrome-extension://dljbcjbfojhlfhgenhepllagfecdpchb/startpage/startpage.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Bing2Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2015-09-29]

Task: {0AD254F5-0F39-4F2E-B212-60D8A80F3649} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {0E7FB0EA-0275-419D-A38D-B1352DA97971} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {6A56D27B-9F1E-4DDD-A067-61E492E98D6F} - System32\Tasks\Trigger KMS Activation => Z:\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: {7B24FE63-DE8F-44C5-B87A-00584A91C919} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic
Task: {D02C2BB3-2513-46CF-A424-731D48110570} - System32\Tasks\R@1n-KMS\KMS-Restart => start KMS-R@1n
Task: {D996E246-BD60-4C7A-8BAF-BEAF6682715B} - System32\Tasks\{6FC251E7-D893-4D84-9697-604816CA8390} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus\Autorun.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus"
Task: {F166584F-3A4D-4A6C-AD5C-AA79ACCC9523} - System32\Tasks\{A3E97EB3-34E1-4C1A-8DD5-AD25EBB9DE12} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator\Setup.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator"

Z:\aktivator - KMSnano v19 Final
C:\WINDOWS\LastGood.Tmp

C:\Program Files\KMSpico
C:\Users\Admin\AppData\Local\Temp\KMSnano
C:\Windows\KMS-R@1n.exe
E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus
E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator

FirewallRules: [{4227DF60-EF00-4F0C-A91A-19A471073580}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0348D515-6C21-40CB-A405-CD1ADF2709A9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B081C0FF-FD8C-4959-AEA6-48C225AAC982}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DF317345-079C-4E7A-B019-D68246F7269F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6288D71B-CF60-48CE-86C6-1BA5EA39B87E}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{563CC441-8333-4592-A35B-B5040FAC2BB7}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{C1798FDA-5691-47AE-89FB-96991DF54E2A}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{921D38B1-D488-46BB-B5B0-4612861B4DBE}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{F38520F9-7FDF-40F3-B296-BE8CC3C3D1DE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CF4AEE28-CDC5-4594-8F28-E6E4105D1800}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

EmptyTemp:
Hosts:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[KedarCZE]

Virustotal taky nejde takže jsem to udělal přes telefon :(
C:\WINDOWS\system32\AutoRunFilter.ini - https://www.virustotal.com/cs/file/6844 ... 446363399/
C:\WINDOWS\SysWOW64\ff_vfw.dll - https://www.virustotal.com/cs/file/4715 ... 446363761/
C:\WINDOWS\system32\nvcoproc.bin - https://www.virustotal.com/cs/file/7ddc ... 446364282/
C:\WINDOWS\system32\ServiceFilter.ini - https://www.virustotal.com/cs/file/c76b ... 446364504/

[jaro3]

První neukazuje..

Udělej ten script v FRST.

[KedarCZE]

Fix result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Kedar (2015-11-01 09:38:41) Run:1
Running from C:\Users\Kedar\Desktop
Loaded Profiles: Kedar & (Available Profiles: Kedar & Ivana & Admin & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1356552 2015-10-20] (Bogdan Sharkov)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]

CHR NewTab: Default -> "chrome-extension://dljbcjbfojhlfhgenhepllagfecdpchb/startpage/startpage.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Bing2Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2015-09-29]

Task: {0AD254F5-0F39-4F2E-B212-60D8A80F3649} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {0E7FB0EA-0275-419D-A38D-B1352DA97971} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {6A56D27B-9F1E-4DDD-A067-61E492E98D6F} - System32\Tasks\Trigger KMS Activation => Z:\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: {7B24FE63-DE8F-44C5-B87A-00584A91C919} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic
Task: {D02C2BB3-2513-46CF-A424-731D48110570} - System32\Tasks\R@1n-KMS\KMS-Restart => start KMS-R@1n
Task: {D996E246-BD60-4C7A-8BAF-BEAF6682715B} - System32\Tasks\{6FC251E7-D893-4D84-9697-604816CA8390} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus\Autorun.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus"
Task: {F166584F-3A4D-4A6C-AD5C-AA79ACCC9523} - System32\Tasks\{A3E97EB3-34E1-4C1A-8DD5-AD25EBB9DE12} => pcalua.exe -a "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator\Setup.exe" -d "E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator"

Z:\aktivator - KMSnano v19 Final
C:\WINDOWS\LastGood.Tmp

C:\Program Files\KMSpico
C:\Users\Admin\AppData\Local\Temp\KMSnano
C:\Windows\KMS-R@1n.exe
E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus
E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator

FirewallRules: [{4227DF60-EF00-4F0C-A91A-19A471073580}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{0348D515-6C21-40CB-A405-CD1ADF2709A9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B081C0FF-FD8C-4959-AEA6-48C225AAC982}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DF317345-079C-4E7A-B019-D68246F7269F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6288D71B-CF60-48CE-86C6-1BA5EA39B87E}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{563CC441-8333-4592-A35B-B5040FAC2BB7}] => (Allow) C:\Users\Admin\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{C1798FDA-5691-47AE-89FB-96991DF54E2A}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{921D38B1-D488-46BB-B5B0-4612861B4DBE}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{F38520F9-7FDF-40F3-B296-BE8CC3C3D1DE}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CF4AEE28-CDC5-4594-8F28-E6E4105D1800}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish => value removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
Chrome NewTab => removed successfully
Chrome Session Restore: => removed successfully
C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AD254F5-0F39-4F2E-B212-60D8A80F3649}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AD254F5-0F39-4F2E-B212-60D8A80F3649}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E7FB0EA-0275-419D-A38D-B1352DA97971}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E7FB0EA-0275-419D-A38D-B1352DA97971}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A56D27B-9F1E-4DDD-A067-61E492E98D6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A56D27B-9F1E-4DDD-A067-61E492E98D6F}" => key removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B24FE63-DE8F-44C5-B87A-00584A91C919}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B24FE63-DE8F-44C5-B87A-00584A91C919}" => key removed successfully
C:\WINDOWS\System32\Tasks\R@1n-KMS\Office365ProPlus => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Office365ProPlus" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D02C2BB3-2513-46CF-A424-731D48110570}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D02C2BB3-2513-46CF-A424-731D48110570}" => key removed successfully
C:\WINDOWS\System32\Tasks\R@1n-KMS\KMS-Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\KMS-Restart" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D996E246-BD60-4C7A-8BAF-BEAF6682715B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D996E246-BD60-4C7A-8BAF-BEAF6682715B}" => key removed successfully
C:\WINDOWS\System32\Tasks\{6FC251E7-D893-4D84-9697-604816CA8390} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6FC251E7-D893-4D84-9697-604816CA8390}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F166584F-3A4D-4A6C-AD5C-AA79ACCC9523}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F166584F-3A4D-4A6C-AD5C-AA79ACCC9523}" => key removed successfully
C:\WINDOWS\System32\Tasks\{A3E97EB3-34E1-4C1A-8DD5-AD25EBB9DE12} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3E97EB3-34E1-4C1A-8DD5-AD25EBB9DE12}" => key removed successfully
"Z:\aktivator - KMSnano v19 Final" => not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
"C:\Program Files\KMSpico" => not found.
"C:\Users\Admin\AppData\Local\Temp\KMSnano" => not found.
"C:\Windows\KMS-R@1n.exe" => not found.
"E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 Professional Plus" => not found.
"E:\Stažené Soubory\Kedar\uTorrent\Microsoft Office 2013 professional plus_x32x64 + activator" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4227DF60-EF00-4F0C-A91A-19A471073580} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0348D515-6C21-40CB-A405-CD1ADF2709A9} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B081C0FF-FD8C-4959-AEA6-48C225AAC982} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF317345-079C-4E7A-B019-D68246F7269F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6288D71B-CF60-48CE-86C6-1BA5EA39B87E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{563CC441-8333-4592-A35B-B5040FAC2BB7} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1798FDA-5691-47AE-89FB-96991DF54E2A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{921D38B1-D488-46BB-B5B0-4612861B4DBE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F38520F9-7FDF-40F3-B296-BE8CC3C3D1DE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF4AEE28-CDC5-4594-8F28-E6E4105D1800} => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 646.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 09:39:15 ====

[KedarCZE]

Zjistil jsem že všechny stránky mají něco společného a to že jsou šifrované přes HTTPS. Třeba http://www.fio.cz/ se načte ale https://www.fio.cz/ib2/login nikoliv.

[KedarCZE]

A někde jsem četl že by to mohlo být kvůli tomu že využívám 2 antivirusy. Používám Eset 9 Betu licence končí za 29 dní a Malwarebytes Anti-Malware mám koupenou licenci.

[Orcus]

První neukazuje..

Ještě dodej odkaz na ten první soubor, co jsi měl otestovat na Virustotal. Odkaz nefunguje.

[KedarCZE]

https://www.virustotal.com/cs/file/6844 ... 446391472/