Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Kedar (administrator) on KEDAR-PC (09-11-2015 14:14:26)
Running from C:\Users\Kedar\Desktop
Loaded Profiles: Kedar (Available Profiles: Kedar & Ivana & Admin & Administrator & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Aequus Gaming) C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-11-02] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-11-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177416 2015-11-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177416 2015-11-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-11-02] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ec3a632-3aa3-425f-bde8-cb72858b8185}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66a5afab-40ce-4898-91f4-b804c7f3690b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-05] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-08]
CHR Extension: (Dokumenty Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-08]
CHR Extension: (Disk Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (YouTube) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Tabulky Google) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-08]
CHR Extension: (Gmail) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-08]
CHR Profile: C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-14]
CHR Extension: (YouTube) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-14]
CHR Extension: (Google Search) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-14]
CHR Extension: (Google Sheets) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-14]
CHR Extension: (Google Wallet) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-14]
CHR Extension: (Gmail) - C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASNB4LDRSvc; C:\Program Files (x86)\ASUS\Wireless Console 3\ASNB4LDRSvc.exe [33912 2014-10-01] (ASUS)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2485208 2015-08-26] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-13] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-07] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
U2 OneSyncSvc_Session13; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session13; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session14; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session14; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session13; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session13; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session14; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session14; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session13; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session13; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session14; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session14; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session13; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session13; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session14; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session14; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [111888 2015-10-30] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-08-26] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-08-26] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-08-26] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-08-26] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-08-26] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-08-26] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-08-26] (ESET)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-02-18] (Sony Mobile Communications)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-30] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-07] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9112792 2014-05-28] (Realtek Semiconductor Corp.)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 14:14 - 2015-11-09 14:15 - 00021686 _____ C:\Users\Kedar\Desktop\FRST.txt
2015-11-09 14:14 - 2015-11-09 14:14 - 00000000 ____D C:\FRST
2015-11-09 14:12 - 2015-11-09 14:12 - 02198528 _____ (Farbar) C:\Users\Kedar\Downloads\FRST64 (1).exe
2015-11-09 14:06 - 2015-11-09 14:06 - 00016148 _____ C:\WINDOWS\system32\KEDAR-PC_Kedar_HistoryPrediction.bin
2015-11-08 15:43 - 2015-11-08 15:43 - 00602112 _____ (OldTimer Tools) C:\Users\Kedar\Desktop\OTL.exe
2015-11-08 15:38 - 2015-11-08 15:39 - 02198528 _____ (Farbar) C:\Users\Kedar\Desktop\FRST64.exe
2015-11-08 15:26 - 2015-11-08 15:00 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-08 15:02 - 2015-11-08 15:29 - 00007961 _____ C:\zoek-results.log
2015-11-08 15:00 - 2015-11-08 15:23 - 00000000 ____D C:\zoek_backup
2015-11-08 14:58 - 2015-11-08 14:58 - 00016148 _____ C:\WINDOWS\system32\KEDAR-PC_Ivana_HistoryPrediction.bin
2015-11-08 14:13 - 2015-11-08 14:13 - 01309184 _____ C:\Users\Kedar\Desktop\zoek.exe
2015-11-08 13:37 - 2015-11-08 13:37 - 00001184 _____ C:\Users\Kedar\Desktop\JRT.txt
2015-11-08 13:31 - 2015-11-08 13:31 - 00001127 _____ C:\Users\Kedar\Desktop\aaas.txt
2015-11-08 11:19 - 2015-11-08 11:19 - 00000000 ____D C:\AdwCleaner
2015-11-08 11:02 - 2015-11-08 11:04 - 23803976 _____ C:\Users\Kedar\Desktop\RogueKillerX64_beta.exe
2015-11-08 10:57 - 2015-11-08 10:57 - 01801288 _____ (Malwarebytes) C:\Users\Kedar\Desktop\JRT.exe
2015-11-08 10:56 - 2015-11-08 10:56 - 01713664 _____ C:\Users\Kedar\Desktop\AdwCleaner.exe
2015-11-08 10:49 - 2015-11-08 10:49 - 00011004 _____ C:\Users\Kedar\Desktop\hijackthis.log
2015-11-08 10:48 - 2015-11-08 10:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kedar\Desktop\HijackThis.exe
2015-11-07 19:56 - 2015-11-07 19:57 - 00000225 _____ C:\Users\Kedar\Desktop\ERR_CONNECTION_RESET.txt
2015-11-07 10:14 - 2015-11-08 00:35 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-11-07 10:14 - 2015-11-08 00:35 - 00000000 ____D C:\WINDOWS\system32\NV
2015-11-07 10:10 - 2015-11-04 06:25 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-11-07 10:10 - 2015-11-02 18:03 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 37882160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 22343800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 18389112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 16561128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 15932376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435887.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435887.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-07 10:10 - 2015-11-02 18:03 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-06 21:57 - 2015-11-06 21:57 - 00018485 _____ C:\Users\Kedar\AppData\Local\recently-used.xbel
2015-11-06 19:17 - 2015-11-08 11:10 - 00000139 _____ C:\Users\Kedar\Desktop\Nový textový dokument.txt
2015-11-06 18:13 - 2015-05-18 12:42 - 08192512 _____ C:\Users\Kedar\Desktop\wdr4300v1_150518.bin
2015-11-06 17:12 - 2015-11-06 17:18 - 00000000 ____D C:\Users\Kedar\Desktop\new
2015-11-06 17:04 - 2015-11-06 17:05 - 00008434 _____ C:\WINDOWS\DPINST.LOG
2015-11-06 17:04 - 2015-11-06 17:04 - 00002101 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-06 16:39 - 2015-11-06 16:44 - 00000094 _____ C:\Users\Kedar\Desktop\Mac.txt
2015-11-05 14:29 - 2015-11-05 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-05 14:24 - 2015-11-05 14:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-30 21:38 - 2015-10-30 21:38 - 00402159 _____ C:\Users\Kedar\Documents\Bez názvu.xcf
2015-10-30 18:46 - 2015-10-30 18:46 - 00193336 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2015-10-30 14:38 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 14:38 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 14:38 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 14:38 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 14:38 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 14:37 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 14:37 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 14:37 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 14:37 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 14:37 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 14:36 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 14:36 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 14:36 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 14:36 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 14:36 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 14:36 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 14:36 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 14:36 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 14:35 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 14:35 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 14:35 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 14:34 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 14:34 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 14:34 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 14:34 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 14:33 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 14:33 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 14:33 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 14:32 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 14:32 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 14:32 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 14:32 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 14:31 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 14:31 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-28 23:06 - 2015-10-28 23:07 - 00351512 _____ C:\WINDOWS\Minidump\102815-44484-01.dmp
2015-10-28 23:06 - 2015-10-28 23:06 - 714912639 _____ C:\WINDOWS\MEMORY.DMP
2015-10-28 23:06 - 2015-10-28 23:06 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-27 19:16 - 2015-10-27 19:16 - 00000000 ____D C:\Users\Kedar\Documents\ClownfishSoundTemp
2015-10-21 18:37 - 2015-10-21 18:37 - 01193704 _____ (Adobe Systems Incorporated) C:\Users\Ivana\Downloads\readerdc_cz_ga_install.exe
2015-10-19 12:18 - 2015-10-19 12:18 - 00000000 ____D C:\Users\Ivana\AppData\Local\CEF
2015-10-15 18:15 - 2015-07-10 12:00 - 00193940 _____ C:\Users\Kedar\Desktop\Windows Notify System Generic.wav
2015-10-14 17:08 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 17:08 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 17:08 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 17:08 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 17:08 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 17:08 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 17:08 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 17:08 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 17:08 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 17:08 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 17:08 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 17:08 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 17:08 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 17:08 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 17:08 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 17:08 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 17:08 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 17:08 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 17:08 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 17:08 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 17:08 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 17:08 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 17:08 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 17:08 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 17:08 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 17:08 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 17:08 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 17:08 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 17:08 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 17:08 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 17:08 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 17:08 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 17:08 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 17:08 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 17:08 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 17:08 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 17:08 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 17:08 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 17:08 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 17:08 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 17:08 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 17:08 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-14 14:20 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-14 14:17 - 2015-10-14 14:17 - 00000000 ____D C:\NVIDIA
2015-10-13 11:24 - 2015-10-13 11:24 - 04587520 _____ (Google Inc.) C:\WINDOWS\SysWOW64\GPhotos.scr
2015-10-10 17:14 - 2015-10-10 17:14 - 00000000 ____D C:\Users\Kedar\Documents\free-videoconverter
2015-10-10 17:14 - 2015-10-10 17:14 - 00000000 ____D C:\Users\Kedar\AppData\Local\free-videoconverter
2015-10-10 14:36 - 2015-10-10 14:36 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\THQ
2015-10-10 14:33 - 2015-10-10 14:33 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-10 14:25 - 2015-10-10 15:33 - 00000472 _____ C:\WINDOWS\DXError.log
2015-10-10 14:24 - 2015-10-10 15:47 - 00528772 _____ C:\WINDOWS\DirectX.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 14:12 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-09 14:11 - 2015-09-03 17:54 - 00003294 _____ C:\WINDOWS\System32\Tasks\Run LSI
2015-11-09 14:10 - 2015-08-07 17:10 - 02038596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-09 14:10 - 2015-07-10 17:02 - 00843298 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-09 14:10 - 2015-07-10 17:02 - 00192530 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-09 14:09 - 2015-09-29 20:45 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-09 14:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-09 14:08 - 2014-10-30 17:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 21:11 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-08 21:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-08 21:11 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-08 20:49 - 2014-04-05 18:54 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Skype
2015-11-08 15:27 - 2015-10-02 15:40 - 00004808 _____ C:\WINDOWS\PFRO.log
2015-11-08 15:22 - 2015-08-10 11:51 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15C2D9CD-D4AD-411F-B991-6F4280579101}
2015-11-08 13:39 - 2014-10-31 17:12 - 00036608 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-08 10:53 - 2014-04-01 15:58 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-11-08 10:53 - 2014-04-01 15:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-08 10:16 - 2015-08-31 13:36 - 00000000 ____D C:\Program Files (x86)\LSI
2015-11-08 09:42 - 2015-08-31 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
2015-11-08 09:10 - 2014-04-05 08:12 - 00045056 _____ C:\WINDOWS\system32\acovcnt.exe
2015-11-07 19:46 - 2015-08-07 17:14 - 00000000 ____D C:\Users\Kedar
2015-11-07 19:39 - 2015-08-07 17:14 - 00000000 ____D C:\Users\Ivana
2015-11-07 18:12 - 2015-07-10 13:20 - 05041888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-07 10:14 - 2015-09-30 18:29 - 00003484 _____ C:\WINDOWS\setupact.log
2015-11-07 10:14 - 2015-08-07 17:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-07 10:01 - 2015-05-17 10:04 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Notepad++
2015-11-07 10:00 - 2015-05-17 10:04 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-11-06 21:58 - 2014-06-03 19:27 - 00000000 ____D C:\Users\Kedar\.gimp-2.8
2015-11-06 21:57 - 2014-06-03 19:34 - 00000000 ____D C:\Users\Kedar\AppData\Local\gtk-2.0
2015-11-06 17:04 - 2014-07-25 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-06 15:53 - 2015-08-07 17:57 - 00000000 ____D C:\Users\Kedar\AppData\Local\Packages
2015-11-05 15:54 - 2014-04-05 08:12 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Adobe
2015-11-05 15:08 - 2014-04-05 08:34 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-05 14:21 - 2014-08-21 17:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-05 14:20 - 2013-06-22 18:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-04 15:50 - 2015-09-29 20:44 - 00001601 _____ C:\DelFix.txt
2015-11-04 14:59 - 2015-07-10 17:05 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-04 14:56 - 2009-07-14 03:34 - 00000482 _____ C:\WINDOWS\win.ini
2015-11-04 14:55 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-04 06:25 - 2015-09-02 14:27 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-03 14:32 - 2015-08-08 09:18 - 00002404 _____ C:\Users\Ivana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 14:32 - 2015-08-08 09:18 - 00000000 ___RD C:\Users\Ivana\OneDrive
2015-11-02 20:41 - 2014-11-03 15:04 - 00000000 ____D C:\Users\Kedar\AppData\Local\CrashDumps
2015-11-02 19:25 - 2015-09-21 14:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-02 18:03 - 2015-09-02 14:27 - 18486504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 03126984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-02 18:03 - 2015-09-02 14:27 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 06358832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-02 14:36 - 2015-09-02 14:52 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-02 14:36 - 2015-09-02 14:52 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-01 18:42 - 2014-04-01 15:54 - 00002154 _____ C:\WINDOWS\system32\ServiceFilter.ini
2015-11-01 10:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 10:10 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-01 09:38 - 2015-08-08 11:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
2015-10-31 14:11 - 2014-05-23 12:49 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\OBS
2015-10-31 12:41 - 2015-02-07 19:28 - 00000000 ____D C:\Program Files\OBS
2015-10-30 20:26 - 2015-08-07 17:08 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-30 18:26 - 2014-03-12 15:32 - 00111888 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys
2015-10-30 17:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 09:37 - 2014-07-25 14:41 - 00000000 ____D C:\ProgramData\Sony
2015-10-30 08:59 - 2015-08-07 17:56 - 00000000 ____D C:\Users\Kedar\AppData\Local\VirtualStore
2015-10-29 19:17 - 2015-09-30 18:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-28 08:42 - 2015-09-02 14:52 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-10-27 21:13 - 2015-08-18 19:31 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-27 21:12 - 2015-08-18 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-25 08:31 - 2015-08-26 17:47 - 00000000 ____D C:\Users\Kedar\.oracle_jre_usage
2015-10-24 20:05 - 2015-04-04 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 20:05 - 2014-12-06 19:29 - 00000000 ____D C:\Program Files\Java
2015-10-24 16:52 - 2015-08-07 17:14 - 00000000 ___RD C:\Users\Kedar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 19:04 - 2014-12-28 16:01 - 00012315 _____ C:\Users\Kedar\Desktop\League of Legends.xlsx
2015-10-22 13:21 - 2014-04-05 18:54 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 18:37 - 2014-04-08 14:17 - 00000000 ____D C:\Users\Ivana\AppData\Local\Adobe
2015-10-21 13:50 - 2015-08-10 11:58 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-20 12:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-18 13:04 - 2015-08-20 10:37 - 00010211 _____ C:\Users\Kedar\Desktop\Boti kteří jdou zvolit na custom hry.xlsx
2015-10-16 19:00 - 2015-08-18 19:31 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-10-16 13:26 - 2014-05-23 10:26 - 00000000 ____D C:\Users\Kedar\Desktop\bordel
2015-10-16 04:10 - 2015-10-02 15:49 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 15:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 14:37 - 2015-06-03 15:26 - 00000828 _____ C:\Users\Kedar\Desktop\LoL.lnk
2015-10-15 13:38 - 2015-08-07 17:08 - 00000000 ____D C:\Program Files\Elantech
2015-10-14 20:47 - 2014-04-06 17:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 20:14 - 2014-04-06 17:42 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 13:48 - 2014-10-30 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-14 13:48 - 2014-10-30 17:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-13 16:37 - 2014-06-10 11:24 - 00000000 ____D C:\Users\Ivana\Documents\Radek-škola
2015-10-13 12:26 - 2015-08-07 18:12 - 00056008 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-10-13 12:26 - 2014-12-22 12:43 - 00525512 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-10-12 04:05 - 2015-09-02 14:55 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-12 04:05 - 2015-09-02 14:55 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-12 04:04 - 2015-09-02 14:55 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-12 04:04 - 2015-09-02 14:55 - 01710752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-10 16:03 - 2015-08-16 14:30 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\obs-studio
2015-10-10 15:52 - 2014-05-25 16:17 - 00000000 ____D C:\Users\Kedar\Documents\My Games
2015-10-10 14:20 - 2014-10-31 19:24 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\DAEMON Tools Pro
==================== Files in the root of some directories =======
2014-06-04 16:10 - 2014-06-04 16:10 - 0000097 _____ () C:\Users\Kedar\AppData\Roaming\LauncherSettings_live.cfg
2014-06-04 16:08 - 2014-06-04 16:08 - 0000039 _____ () C:\Users\Kedar\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-11-06 21:57 - 2015-11-06 21:57 - 0018485 _____ () C:\Users\Kedar\AppData\Local\recently-used.xbel
2014-04-06 01:02 - 2015-05-17 09:36 - 0007610 _____ () C:\Users\Kedar\AppData\Local\resmon.resmoncfg
2014-07-27 08:26 - 2015-03-23 20:06 - 0000059 _____ () C:\Users\Kedar\AppData\Local\UserProducts.xml
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-31 12:01
==================== End of FRST.txt ============================
ERR_CONNECTION_RESET - U některých webu Vyřešeno
Re: ERR_CONNECTION_RESET - U některých webu
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Kedar (2015-11-09 14:16:56)
Running from C:\Users\Kedar\Desktop
Windows 10 Home (X64) (2015-08-07 16:56:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-1254521284-2832283178-1197838188-1006 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1254521284-2832283178-1197838188-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1254521284-2832283178-1197838188-503 - Limited - Disabled)
Guest (S-1-5-21-1254521284-2832283178-1197838188-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1254521284-2832283178-1197838188-1003 - Limited - Enabled)
Ivana (S-1-5-21-1254521284-2832283178-1197838188-1004 - Limited - Enabled) => C:\Users\Ivana
Kedar (S-1-5-21-1254521284-2832283178-1197838188-1001 - Administrator - Enabled) => C:\Users\Kedar
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 9.0.117.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.141.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
µTorrent (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\uTorrent) (Version: 3.4.3.40538 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{40A56C68-9D6C-40BD-8711-F40DD46DB4F6}) (Version: 9.0.117.0 - ESET, spol. s r.o.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.6 - Androxyde)
FormApps Signing Extension (HKLM-x32\...\{801F9351-A8A7-441D-9398-6A56E143E316}) (Version: 1.28.0.8 - Software602 a.s.)
Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.49 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.5.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.6 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.11.1 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MC BP-Modpack 1.7.10 (HKLM-x32\...\MC BP-Modpack) (Version: 1.7.10 - Minecraft Building Paradise)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\MK LOL) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{8F7F40B4-8C55-4B92-8C89-16501DAC697F}) (Version: 12.5.00800 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.87 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
OffScrub_O15msi_OFFICE15.00BD (HKLM\...\OFFICE15.00BD) (Version: 15.0.4569.1506 - )
OffScrub_O15msi_OFFICE15.Proof (HKLM\...\OFFICE15.Proof) (Version: 15.0.4569.1506 - )
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 358.87 (Version: 358.87 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sony Mobile Emma (HKLM-x32\...\Emma) (Version: 2.14.15.201410271230 - Sony Mobile Communications Inc.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.13.201509231442 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version: - Cryptic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{81352991-AE30-4BD7-826F-F929A5AAD413}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Ulož.to File Manager verze 1.7 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
USB2.0 UVC VGA WebCam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10277 - Realtek Semiconductor Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.47 - ASUS)
Wooxy version 1.1.0.0 (HKLM-x32\...\{4096013E-16CD-4165-9AD9-535C61E833DC}_is1) (Version: 1.1.0.0 - Chewy)
World of Tanks (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
04-11-2015 15:49:41 End of disinfection
08-11-2015 10:50:54 Configured Power2Go
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-11-08 15:02 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {116AEB86-DE5F-4C62-ACF0-C97EFE247036} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17] (Realtek Semiconductor)
Task: {26BAA797-5D98-48EB-AF4A-48F793E7A678} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {527C6882-4680-4C46-8761-A39DA59AC8F1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17] (Realtek Semiconductor)
Task: {5C38E921-20B9-4AF2-88DC-02289540E2F5} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-10-24] (Aequus Gaming)
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {911F3F9D-71EE-4D1C-AF2B-3316BA0DEBE8} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {9C8E9B45-8C2F-430E-838D-3E87300F346F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C45DD868-BB14-4478-B4FC-2700896B0468} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {D40A9080-5579-4EAE-AE36-2025EBF3CF0D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {DC6AD74F-0DE4-4E2A-827C-7DCC18688094} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {F72C63E3-0988-4242-AC37-A10FBE7BA07D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {F8EAF0D8-6392-4A50-9354-99AB3B456199} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {F9D84F3C-97BC-421A-97D4-769296B7D633} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2015-08-07 17:51 - 2015-08-07 17:51 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-02 14:52 - 2015-11-02 14:36 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-05 14:24 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 15:39 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:41 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:40 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-05 15:07 - 2015-11-04 06:01 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.49\libglesv2.dll
2015-11-05 15:07 - 2015-11-04 06:00 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.49\libegl.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 40622592 _____ () C:\Program Files (x86)\LSI\libcef.dll
2015-08-31 13:36 - 2015-08-31 13:36 - 00570947 _____ () C:\Program Files (x86)\LSI\sqlite3.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 22:21 - 2011-03-09 22:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-01 16:48 - 2014-10-01 16:48 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-10-31 19:29 - 2014-11-02 12:02 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00911360 _____ () C:\Program Files (x86)\LSI\libglesv2.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00134144 _____ () C:\Program Files (x86)\LSI\libegl.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00950272 _____ () C:\Program Files (x86)\LSI\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\skype.com -> hxxps://apps.skype.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kedar\Desktop\ZAD7Cis.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9B74C372-DB15-461A-B46C-E50096B46FEA}] => (Allow) LPort=1688
FirewallRules: [{4FB3201A-0085-4ACB-A98F-E0E05D3D037E}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{ED54FEA6-7288-4C1E-95C9-CD1ECC63575F}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F352C287-5C74-4153-8C2A-346EF35A1787}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{BC6D53A0-C9AD-4467-9F0C-6952AAB11433}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{7ED1B97F-ADCD-4BFA-8638-A00C5D9250D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{69C0978D-F465-405E-BE40-78C22AE0C185}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{1AFBB746-430F-468F-874D-3164874723C2}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{C7684BEB-2D02-4055-9375-9C226652A81F}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{D1BE4EBF-C566-47BC-A41A-AC70A4CC748F}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{B3AC85D1-3009-411F-BA7E-888C9F59B766}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{DFD7A4A7-9BF1-4C3F-B6C8-41C90870C149}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{737CDED2-251E-410A-8C70-1E70B35B284F}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{DE3A5C27-3F21-4A0D-B29D-1C8BB438F909}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{B667811A-11B3-40AF-A01B-F71DE0A4B01A}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{D644B576-B24B-4A87-A70C-A458628E760C}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{B62D726D-1AFC-4B7B-AE32-1908DACDC873}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{797711F9-4822-4936-8C74-D27461B73333}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{CD32D911-3746-4FDB-BFED-42CA0BD79BEE}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{2465E4A7-92F5-4837-801F-BA8CB217117A}] => (Allow) E:\Hry\Survarium\temp\survarium_launcher.exe
FirewallRules: [{D3993D84-5204-4760-BB62-D55E84BF5C8D}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0D0B85C8-8F60-4BD3-B3BC-4ABCBC20121A}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B8AA0D4F-34C3-49B0-8E50-CE538A240997}] => (Allow) LPort=5000
FirewallRules: [{0DAFC252-B5D6-4F06-8730-868B44864F8D}] => (Allow) LPort=61096
FirewallRules: [{408DEA53-09CF-4889-BF2E-9C09D04B7181}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2E994644-3396-458F-9EC5-D612892D80AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{598A9E61-5CC5-4917-96E7-5F492E295156}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{F1801C69-438D-4F06-A946-CADE634AA6D2}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{79B53679-C978-4A82-86D2-9796F5EC0A95}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{288A201F-F63B-4487-9450-B6D463837234}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{6BCCCAB1-B6DE-404C-9534-8B0A2078D72B}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{4FEF42BF-8A93-42A9-87D3-3D3211913BB7}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5EF66ADF-89F9-4835-9877-AC713486E4C4}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9E9C75EF-8876-4C5F-864D-20F029E5FC8A}] => (Allow) LPort=41780
FirewallRules: [{21B7FE24-EA43-4E54-A328-A473D576A6C2}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{8BF51832-A4E9-40BC-9701-66D6A4502D5D}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{0A45C3B0-456E-4ED3-AD69-66C5F7F85364}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5F96D7F-F3F3-469E-905A-8CAD3F307A00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB043C8B-19D3-4634-A2E3-0A57C3CE04E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{168CBEE4-AE9E-4E45-B3FD-6A1E671D5866}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0E88281F-309D-41A5-B027-1EFD84A669EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7AFCE8B0-5577-4B76-A9C7-BA6D44F6CDB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04B9ADAE-D69B-45F1-87B3-3EBEDEDBDFC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D1A102D8-6047-43C2-832C-9F355A110C9A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E2408EEB-DFA5-45D3-8735-DF3665F6A2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0BC13C-2D0F-4D57-B28A-823A62543748}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D710B6A6-223D-48F9-9584-029D0ACC03D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C8C1B580-DDD4-445E-8CF7-730B263078E7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7A558F1E-05B6-4245-AF79-9B488D2FCB1C}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{33E76313-6417-4D4A-8113-A8E81EC6CB57}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{CFAD32F1-E34F-4C9F-B289-864515C1248C}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{16897F67-5368-4F75-A09F-4AAC7E22C02A}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{A4C7B5F5-9E59-4B99-9222-C8A0418A6945}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{B5CC52DF-2BAF-481D-AEA5-797781731C85}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{74DC8322-E344-423A-9D5E-0EFE255E2C6C}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5F04E0C9-8090-4F55-8F4E-EA6D4A2369BF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{BF194211-8E67-4B3E-96A7-0FE6AD41DDE2}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{1637B59B-7FF9-4CFA-9D20-72563526D382}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{B35E79FA-4D76-49CB-AFCB-2800B5FF5DDC}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1B9A5068-16D1-4984-B0C3-70F970020DC4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{411A8847-6F59-42F5-8A2E-41DA6CC80AC7}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8DAD9EBB-8DC1-489D-BFDB-8F51E541C55D}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{089C0668-4730-4E65-A2E6-2873974CC1C4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1D85AF4F-9D58-4647-88F5-5A3295EE8E7B}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{ECFFD95E-E837-406F-A7F9-C69E42B318A4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7D26AC2A-CC9D-4889-B716-C212518E6BFF}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{A42BF0C9-DC46-4726-A171-386D77ACAC32}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6AF869C1-9C82-4CEE-B685-0A13198790EF}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{E1C9A896-0EB9-4429-9E9A-A95B8DFEF759}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{86AC07D9-0AB6-4A18-B76E-B1B30E7203CF}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{2DE487A7-F692-4C31-8D7B-3A40AB20A0B7}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0C81125E-6128-4B8F-92F1-2E0AD67A5897}] => (Allow) LPort=1900
FirewallRules: [{B126A94A-9B72-41B9-85F4-0F6B4FDF8C48}] => (Allow) LPort=2869
FirewallRules: [{1E3ACD3F-BD44-4E22-A925-4E413D9CC588}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E7147BE4-7065-417D-85F0-354F63297C80}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{E8D96C11-DB85-4AB6-873A-6F787690538A}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{C6F14999-6307-48B8-A6D3-1672E5A749AF}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{03287BFA-6AF7-4BA8-8798-0C1CFF543C94}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{D5BDBC51-33FB-4793-BEFE-7A05A37CD933}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{59353A72-DC69-45D4-86A2-09F720F327AA}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{02A12D4C-89B4-4799-9B02-FECE06E509BD}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FCAC061B-561E-46CA-A9EB-C2CBBC7BDA24}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2F084736-5EB1-46CA-96A3-F202B016AA0B}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{8A1F0118-5EE4-4E49-8893-79CF80AA0E58}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{32412C59-6658-427D-ACA0-7526ECF8CAF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3431ACA2-CF93-4C8C-9598-E0FC16F82927}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5285F75C-C075-4B30-9D40-1A2BF7DD51E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5649D4D0-0339-4222-8119-ABCF8F2FAF59}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7B950B23-4ED1-4753-86FF-9BC65D7E56EA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F8DC8BD-8249-4EFF-B5CF-5A97211168A0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{209C5C0A-9E62-4B86-BE94-7F4F349F69BC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D4022056-E3E6-447B-8FA1-8B6C08A4CBD5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C38F9B0D-4E4C-44B4-9C23-4F0193FE874C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{3FF92CB6-7F25-4380-88BB-BA6F68AE6DA9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9E4EB648-0ED1-4351-A8FD-330CE7697803}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4CBF17F8-9FFC-4939-B01C-0E8AF483A087}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E73183AE-8947-428C-9D06-0990C19908A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B8E8A6C7-5DF6-4752-AE8A-F9257454885C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3FD2DD9E-03A4-4E5B-9E01-7DD00EC08CA0}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{79FCF62C-1FA6-4CE4-8FD1-993348C2CB89}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF19779A-3C6F-48A8-845E-2DB153981B23}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E8453146-4F3C-4926-8DA8-E279FBAFCFA9}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9628DA2-C129-443C-B1E1-72B5245D42F3}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EB608CC-E6C5-4002-80CF-BDB024AE8DE1}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32740511-060E-425E-B3EB-0E110B79EC35}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ABC6461-E5B3-4964-B2C8-962B412EE406}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73960E7B-A9A7-4ECD-BD2A-D2F2D05C8592}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{234E38D0-425E-4189-B634-551562574E32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{92CB28CF-A29E-46BB-8EB8-3AE1E8E82B79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C11D9928-1F7A-4E3E-BF38-E90C42C2BFE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E744D126-5C7B-482E-8B64-4ECB6587E7AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{871005B8-1821-47E2-9BD4-3B3AC7D142CB}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1F055FEF-A640-4EA7-A697-A97B40712578}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{71E55BA7-F4D8-42B1-BC93-703661BF3604}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D5805427-FE99-4485-A7BD-4501B71CB8A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF350FF2-8910-4C77-A0A4-08EAA40F4238}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{8B495639-05FD-4317-AE8E-A8B20C4194BF}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{C5749169-8E48-49A5-82C1-31D1FF4858DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/08/2015 09:10:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 02:58:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 11:19:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LoLSummonerInfo.exe verze 4.11.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: f70
Čas spuštění: 01d11a0e8083b9e0
Čas ukončení: 20
Cesta k aplikaci: C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
ID hlášení: 37440552-8602-11e5-9bf7-5404a6034d5e
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (11/08/2015 11:14:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 10:51:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (11/07/2015 10:17:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.10.0, časové razítko: 0x4d6f576c
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16430, časové razítko: 0x55c59f92
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x6d4
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (11/07/2015 10:16:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/07/2015 09:47:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/07/2015 09:24:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.10.0, časové razítko: 0x4d6f576c
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16430, časové razítko: 0x55c59f92
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x69c
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (11/07/2015 09:23:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
CodeIntegrity:
===================================
Date: 2015-11-06 15:54:10.754
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.633
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.157
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:09.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:09.784
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:02.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:53:56.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-01 14:02:08.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-01 14:02:08.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 59%
Total physical RAM: 4006.69 MB
Available physical RAM: 1642.13 MB
Total Virtual: 8102.69 MB
Available Virtual: 5468.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:200 GB) (Free:128.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:240.66 GB) (Free:114.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: 2756CB74)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=240.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Kedar (2015-11-09 14:16:56)
Running from C:\Users\Kedar\Desktop
Windows 10 Home (X64) (2015-08-07 16:56:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-1254521284-2832283178-1197838188-1006 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1254521284-2832283178-1197838188-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1254521284-2832283178-1197838188-503 - Limited - Disabled)
Guest (S-1-5-21-1254521284-2832283178-1197838188-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1254521284-2832283178-1197838188-1003 - Limited - Enabled)
Ivana (S-1-5-21-1254521284-2832283178-1197838188-1004 - Limited - Enabled) => C:\Users\Ivana
Kedar (S-1-5-21-1254521284-2832283178-1197838188-1001 - Administrator - Enabled) => C:\Users\Kedar
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 9.0.117.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.141.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
µTorrent (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\uTorrent) (Version: 3.4.3.40538 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{40A56C68-9D6C-40BD-8711-F40DD46DB4F6}) (Version: 9.0.117.0 - ESET, spol. s r.o.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.6 - Androxyde)
FormApps Signing Extension (HKLM-x32\...\{801F9351-A8A7-441D-9398-6A56E143E316}) (Version: 1.28.0.8 - Software602 a.s.)
Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.49 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.5.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.6 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKLM-x32\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.11.1 - Aequus Gaming Ltd.)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MC BP-Modpack 1.7.10 (HKLM-x32\...\MC BP-Modpack) (Version: 1.7.10 - Minecraft Building Paradise)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\MK LOL) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nero WaveEditor (HKLM-x32\...\{8F7F40B4-8C55-4B92-8C89-16501DAC697F}) (Version: 12.5.00800 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.87 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
OffScrub_O15msi_OFFICE15.00BD (HKLM\...\OFFICE15.00BD) (Version: 15.0.4569.1506 - )
OffScrub_O15msi_OFFICE15.Proof (HKLM\...\OFFICE15.Proof) (Version: 15.0.4569.1506 - )
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 358.87 (Version: 358.87 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sony Mobile Emma (HKLM-x32\...\Emma) (Version: 2.14.15.201410271230 - Sony Mobile Communications Inc.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.13.201509231442 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version: - Cryptic Studios)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{81352991-AE30-4BD7-826F-F929A5AAD413}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Ulož.to File Manager verze 1.7 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
USB2.0 UVC VGA WebCam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10277 - Realtek Semiconductor Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.47 - ASUS)
Wooxy version 1.1.0.0 (HKLM-x32\...\{4096013E-16CD-4165-9AD9-535C61E833DC}_is1) (Version: 1.1.0.0 - Chewy)
World of Tanks (HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
04-11-2015 15:49:41 End of disinfection
08-11-2015 10:50:54 Configured Power2Go
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-11-08 15:02 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {116AEB86-DE5F-4C62-ACF0-C97EFE247036} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-17] (Realtek Semiconductor)
Task: {26BAA797-5D98-48EB-AF4A-48F793E7A678} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {527C6882-4680-4C46-8761-A39DA59AC8F1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-05-17] (Realtek Semiconductor)
Task: {5C38E921-20B9-4AF2-88DC-02289540E2F5} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-10-24] (Aequus Gaming)
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {911F3F9D-71EE-4D1C-AF2B-3316BA0DEBE8} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {9C8E9B45-8C2F-430E-838D-3E87300F346F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C45DD868-BB14-4478-B4FC-2700896B0468} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {D40A9080-5579-4EAE-AE36-2025EBF3CF0D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {DC6AD74F-0DE4-4E2A-827C-7DCC18688094} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {F72C63E3-0988-4242-AC37-A10FBE7BA07D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {F8EAF0D8-6392-4A50-9354-99AB3B456199} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {F9D84F3C-97BC-421A-97D4-769296B7D633} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2015-08-07 17:51 - 2015-08-07 17:51 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-02 14:52 - 2015-11-02 14:36 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-05 14:24 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-10-01 15:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 15:39 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:41 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:39 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:40 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-05 15:07 - 2015-11-04 06:01 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.49\libglesv2.dll
2015-11-05 15:07 - 2015-11-04 06:00 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.49\libegl.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 40622592 _____ () C:\Program Files (x86)\LSI\libcef.dll
2015-08-31 13:36 - 2015-08-31 13:36 - 00570947 _____ () C:\Program Files (x86)\LSI\sqlite3.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 22:21 - 2011-03-09 22:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-10-01 16:48 - 2014-10-01 16:48 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-10-31 19:29 - 2014-11-02 12:02 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00911360 _____ () C:\Program Files (x86)\LSI\libglesv2.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00134144 _____ () C:\Program Files (x86)\LSI\libegl.dll
2015-08-31 13:36 - 2015-01-26 15:36 - 00950272 _____ () C:\Program Files (x86)\LSI\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\...\skype.com -> hxxps://apps.skype.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kedar\Desktop\ZAD7Cis.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9B74C372-DB15-461A-B46C-E50096B46FEA}] => (Allow) LPort=1688
FirewallRules: [{4FB3201A-0085-4ACB-A98F-E0E05D3D037E}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{ED54FEA6-7288-4C1E-95C9-CD1ECC63575F}] => (Allow) E:\Hry\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{F352C287-5C74-4153-8C2A-346EF35A1787}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{BC6D53A0-C9AD-4467-9F0C-6952AAB11433}] => (Allow) C:\Program Files (x86)\Sony Mobile\Emma\Emma.exe
FirewallRules: [{7ED1B97F-ADCD-4BFA-8638-A00C5D9250D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{69C0978D-F465-405E-BE40-78C22AE0C185}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{1AFBB746-430F-468F-874D-3164874723C2}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{C7684BEB-2D02-4055-9375-9C226652A81F}] => (Allow) E:\Hry\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{D1BE4EBF-C566-47BC-A41A-AC70A4CC748F}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{B3AC85D1-3009-411F-BA7E-888C9F59B766}] => (Allow) E:\Hry\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{DFD7A4A7-9BF1-4C3F-B6C8-41C90870C149}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{737CDED2-251E-410A-8C70-1E70B35B284F}] => (Allow) E:\Hry\Battle.net\Battle.net.exe
FirewallRules: [{DE3A5C27-3F21-4A0D-B29D-1C8BB438F909}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{B667811A-11B3-40AF-A01B-F71DE0A4B01A}] => (Allow) E:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{D644B576-B24B-4A87-A70C-A458628E760C}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{B62D726D-1AFC-4B7B-AE32-1908DACDC873}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{797711F9-4822-4936-8C74-D27461B73333}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{CD32D911-3746-4FDB-BFED-42CA0BD79BEE}] => (Allow) E:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{2465E4A7-92F5-4837-801F-BA8CB217117A}] => (Allow) E:\Hry\Survarium\temp\survarium_launcher.exe
FirewallRules: [{D3993D84-5204-4760-BB62-D55E84BF5C8D}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0D0B85C8-8F60-4BD3-B3BC-4ABCBC20121A}] => (Allow) E:\Hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B8AA0D4F-34C3-49B0-8E50-CE538A240997}] => (Allow) LPort=5000
FirewallRules: [{0DAFC252-B5D6-4F06-8730-868B44864F8D}] => (Allow) LPort=61096
FirewallRules: [{408DEA53-09CF-4889-BF2E-9C09D04B7181}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2E994644-3396-458F-9EC5-D612892D80AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{598A9E61-5CC5-4917-96E7-5F492E295156}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{F1801C69-438D-4F06-A946-CADE634AA6D2}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{79B53679-C978-4A82-86D2-9796F5EC0A95}] => (Allow) E:\Hry\Steam\SteamApps\common\Hazard Ops\UnrealEngine3\Binaries\Win32\InfernumLogin.exe
FirewallRules: [{288A201F-F63B-4487-9450-B6D463837234}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{6BCCCAB1-B6DE-404C-9534-8B0A2078D72B}] => (Allow) E:\Hry\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{4FEF42BF-8A93-42A9-87D3-3D3211913BB7}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5EF66ADF-89F9-4835-9877-AC713486E4C4}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9E9C75EF-8876-4C5F-864D-20F029E5FC8A}] => (Allow) LPort=41780
FirewallRules: [{21B7FE24-EA43-4E54-A328-A473D576A6C2}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{8BF51832-A4E9-40BC-9701-66D6A4502D5D}] => (Allow) E:\Hry\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{0A45C3B0-456E-4ED3-AD69-66C5F7F85364}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B5F96D7F-F3F3-469E-905A-8CAD3F307A00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB043C8B-19D3-4634-A2E3-0A57C3CE04E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{168CBEE4-AE9E-4E45-B3FD-6A1E671D5866}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0E88281F-309D-41A5-B027-1EFD84A669EA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7AFCE8B0-5577-4B76-A9C7-BA6D44F6CDB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04B9ADAE-D69B-45F1-87B3-3EBEDEDBDFC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{D1A102D8-6047-43C2-832C-9F355A110C9A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{E2408EEB-DFA5-45D3-8735-DF3665F6A2C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4C0BC13C-2D0F-4D57-B28A-823A62543748}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D710B6A6-223D-48F9-9584-029D0ACC03D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C8C1B580-DDD4-445E-8CF7-730B263078E7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7A558F1E-05B6-4245-AF79-9B488D2FCB1C}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{33E76313-6417-4D4A-8113-A8E81EC6CB57}] => (Allow) E:\Hry\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{CFAD32F1-E34F-4C9F-B289-864515C1248C}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{16897F67-5368-4F75-A09F-4AAC7E22C02A}] => (Allow) E:\Hry\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{A4C7B5F5-9E59-4B99-9222-C8A0418A6945}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{B5CC52DF-2BAF-481D-AEA5-797781731C85}] => (Allow) E:\Hry\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{74DC8322-E344-423A-9D5E-0EFE255E2C6C}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5F04E0C9-8090-4F55-8F4E-EA6D4A2369BF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{BF194211-8E67-4B3E-96A7-0FE6AD41DDE2}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{1637B59B-7FF9-4CFA-9D20-72563526D382}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{B35E79FA-4D76-49CB-AFCB-2800B5FF5DDC}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1B9A5068-16D1-4984-B0C3-70F970020DC4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{411A8847-6F59-42F5-8A2E-41DA6CC80AC7}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8DAD9EBB-8DC1-489D-BFDB-8F51E541C55D}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{089C0668-4730-4E65-A2E6-2873974CC1C4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{1D85AF4F-9D58-4647-88F5-5A3295EE8E7B}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{ECFFD95E-E837-406F-A7F9-C69E42B318A4}] => (Allow) E:\Hry\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7D26AC2A-CC9D-4889-B716-C212518E6BFF}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{A42BF0C9-DC46-4726-A171-386D77ACAC32}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6AF869C1-9C82-4CEE-B685-0A13198790EF}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{E1C9A896-0EB9-4429-9E9A-A95B8DFEF759}] => (Allow) E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{86AC07D9-0AB6-4A18-B76E-B1B30E7203CF}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{2DE487A7-F692-4C31-8D7B-3A40AB20A0B7}] => (Allow) E:\Hry\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0C81125E-6128-4B8F-92F1-2E0AD67A5897}] => (Allow) LPort=1900
FirewallRules: [{B126A94A-9B72-41B9-85F4-0F6B4FDF8C48}] => (Allow) LPort=2869
FirewallRules: [{1E3ACD3F-BD44-4E22-A925-4E413D9CC588}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E7147BE4-7065-417D-85F0-354F63297C80}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{E8D96C11-DB85-4AB6-873A-6F787690538A}] => (Allow) E:\Hry\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{C6F14999-6307-48B8-A6D3-1672E5A749AF}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{03287BFA-6AF7-4BA8-8798-0C1CFF543C94}] => (Allow) E:\Hry\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{D5BDBC51-33FB-4793-BEFE-7A05A37CD933}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{59353A72-DC69-45D4-86A2-09F720F327AA}] => (Allow) E:\Hry\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{02A12D4C-89B4-4799-9B02-FECE06E509BD}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{FCAC061B-561E-46CA-A9EB-C2CBBC7BDA24}] => (Allow) E:\Hry\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2F084736-5EB1-46CA-96A3-F202B016AA0B}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{8A1F0118-5EE4-4E49-8893-79CF80AA0E58}] => (Allow) E:\Hry\Steam\Steam.exe
FirewallRules: [{32412C59-6658-427D-ACA0-7526ECF8CAF1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3431ACA2-CF93-4C8C-9598-E0FC16F82927}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5285F75C-C075-4B30-9D40-1A2BF7DD51E1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5649D4D0-0339-4222-8119-ABCF8F2FAF59}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7B950B23-4ED1-4753-86FF-9BC65D7E56EA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F8DC8BD-8249-4EFF-B5CF-5A97211168A0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{209C5C0A-9E62-4B86-BE94-7F4F349F69BC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D4022056-E3E6-447B-8FA1-8B6C08A4CBD5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C38F9B0D-4E4C-44B4-9C23-4F0193FE874C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{3FF92CB6-7F25-4380-88BB-BA6F68AE6DA9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9E4EB648-0ED1-4351-A8FD-330CE7697803}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4CBF17F8-9FFC-4939-B01C-0E8AF483A087}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E73183AE-8947-428C-9D06-0990C19908A6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B8E8A6C7-5DF6-4752-AE8A-F9257454885C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3FD2DD9E-03A4-4E5B-9E01-7DD00EC08CA0}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{79FCF62C-1FA6-4CE4-8FD1-993348C2CB89}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF19779A-3C6F-48A8-845E-2DB153981B23}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E8453146-4F3C-4926-8DA8-E279FBAFCFA9}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9628DA2-C129-443C-B1E1-72B5245D42F3}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EB608CC-E6C5-4002-80CF-BDB024AE8DE1}] => (Allow) C:\Users\Kedar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32740511-060E-425E-B3EB-0E110B79EC35}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ABC6461-E5B3-4964-B2C8-962B412EE406}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73960E7B-A9A7-4ECD-BD2A-D2F2D05C8592}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{234E38D0-425E-4189-B634-551562574E32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{92CB28CF-A29E-46BB-8EB8-3AE1E8E82B79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C11D9928-1F7A-4E3E-BF38-E90C42C2BFE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E744D126-5C7B-482E-8B64-4ECB6587E7AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{871005B8-1821-47E2-9BD4-3B3AC7D142CB}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1F055FEF-A640-4EA7-A697-A97B40712578}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{71E55BA7-F4D8-42B1-BC93-703661BF3604}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D5805427-FE99-4485-A7BD-4501B71CB8A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FF350FF2-8910-4C77-A0A4-08EAA40F4238}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{8B495639-05FD-4317-AE8E-A8B20C4194BF}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{C5749169-8E48-49A5-82C1-31D1FF4858DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/08/2015 09:10:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 02:58:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 11:19:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LoLSummonerInfo.exe verze 4.11.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: f70
Čas spuštění: 01d11a0e8083b9e0
Čas ukončení: 20
Cesta k aplikaci: C:\Program Files (x86)\LSI\LoLSummonerInfo.exe
ID hlášení: 37440552-8602-11e5-9bf7-5404a6034d5e
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (11/08/2015 11:14:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/08/2015 10:51:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (11/07/2015 10:17:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.10.0, časové razítko: 0x4d6f576c
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16430, časové razítko: 0x55c59f92
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x6d4
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (11/07/2015 10:16:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/07/2015 09:47:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/07/2015 09:24:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.10.0, časové razítko: 0x4d6f576c
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16430, časové razítko: 0x55c59f92
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x69c
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (11/07/2015 09:23:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:54 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
Error: (11/09/2015 02:16:23 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.
CodeIntegrity:
===================================
Date: 2015-11-06 15:54:10.754
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.633
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.436
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:10.157
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:09.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:09.784
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:54:02.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-06 15:53:56.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-01 14:02:08.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-01 14:02:08.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 59%
Total physical RAM: 4006.69 MB
Available physical RAM: 1642.13 MB
Total Virtual: 8102.69 MB
Available Virtual: 5468.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:200 GB) (Free:128.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:240.66 GB) (Free:114.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: 2756CB74)Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=240.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: ERR_CONNECTION_RESET - U některých webu
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\system32\acovcnt.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
C:\WINDOWS\System32\Tasks\R@1n-KMS
C:\Program Files\KMSpico\Service_KMS.exe
co ty aktivátory?? Příště to nebudeme tolerovat!
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\system32\acovcnt.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
C:\WINDOWS\System32\Tasks\R@1n-KMS
C:\Program Files\KMSpico\Service_KMS.exe
co ty aktivátory?? Příště to nebudeme tolerovat!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: ERR_CONNECTION_RESET - U některých webu
WTF
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
Váš kolega to mazal já jsem odinstaloval celý office koupil legální nainstalovat legální office viděl jsem Home and Student edice a teď se dívám a je tam zpátky Professional Plus 2013
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: ERR_CONNECTION_RESET - U některých webu
Zajímavé ... Proveď v FRST následující skript:
Poté otestuj soubor C:\WINDOWS\system32\acovcnt.exe jak psal kolega a následně vymaž body obnovy (pokud nebude nějaký problém v systému).
Kód: Vybrat vše
Start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files\KMSpico
C:\WINDOWS\System32\Tasks\R@1n-KMS
EmptyTemp:
EndPoté otestuj soubor C:\WINDOWS\system32\acovcnt.exe jak psal kolega a následně vymaž body obnovy (pokud nebude nějaký problém v systému).
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: ERR_CONNECTION_RESET - U některých webu
Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Kedar (2015-11-09 19:50:37) Run:1
Running from C:\Users\Kedar\Desktop
Loaded Profiles: Kedar (Available Profiles: Kedar & Ivana & Admin & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files\KMSpico
C:\WINDOWS\System32\Tasks\R@1n-KMS
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe => Error: No automatic fix found for this entry.
"C:\windows\inf\mnccaspj.vbe" => not found.
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe => Error: No automatic fix found for this entry.
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe => Error: No automatic fix found for this entry.
"C:\windows\system32\mncfljln.vbe" => not found.
"C:\windows\system32\msstp.vbe" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF1A477B-72BA-42F6-8F82-A651EBF12415} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79043935-95F0-4E75-BFD2-5C805E8856B9} => value removed successfully
"C:\Program Files\KMSpico" => not found.
"C:\WINDOWS\System32\Tasks\R@1n-KMS" => not found. - Smazal jsem dříve než jsi to napsal
EmptyTemp: => 293.6 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:51:09 ====
Ran by Kedar (2015-11-09 19:50:37) Run:1
Running from C:\Users\Kedar\Desktop
Loaded Profiles: Kedar (Available Profiles: Kedar & Ivana & Admin & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1254521284-2832283178-1197838188-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe
C:\windows\inf\mnccaspj.vbe
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
FirewallRules: [{CF1A477B-72BA-42F6-8F82-A651EBF12415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{79043935-95F0-4E75-BFD2-5C805E8856B9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files\KMSpico
C:\WINDOWS\System32\Tasks\R@1n-KMS
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1254521284-2832283178-1197838188-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
MSCONFIG\startupreg: mnccaspjSrv => C:\windows\inf\mnccaspj.vbe => Error: No automatic fix found for this entry.
"C:\windows\inf\mnccaspj.vbe" => not found.
MSCONFIG\startupreg: mncfljlnSrv => C:\windows\system32\mncfljln.vbe => Error: No automatic fix found for this entry.
MSCONFIG\startupreg: MSStp => C:\windows\system32\msstp.vbe => Error: No automatic fix found for this entry.
"C:\windows\system32\mncfljln.vbe" => not found.
"C:\windows\system32\msstp.vbe" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF1A477B-72BA-42F6-8F82-A651EBF12415} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79043935-95F0-4E75-BFD2-5C805E8856B9} => value removed successfully
"C:\Program Files\KMSpico" => not found.
"C:\WINDOWS\System32\Tasks\R@1n-KMS" => not found. - Smazal jsem dříve než jsi to napsal
EmptyTemp: => 293.6 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:51:09 ====
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
Re: ERR_CONNECTION_RESET - U některých webu
Teď už mi nejde ani moje nejoblíbenější hra League Of Legends nemůže se připojit k ověřovacímu serveru ještě před FRST to šlo :/ .
OS: Windows 10 Home (22H2) 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO (8 GB)
RAM: 2x32 GB Kingston Fury Beast DDR4 3200MHz CL16
Zdroj: 750 W MSI MPG A750GF
SSD (OS): Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
SSD: 4 TB Samsung 870 EVO
Monitor: Dell S2721D
Case: Fractal Design Define S
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: ERR_CONNECTION_RESET - U některých webu
C:\windows\inf\mnccaspj.vbe
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
podívej se , zda tam najdeš tyto označené soubory.
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
C:\windows\system32\mncfljln.vbe
C:\windows\system32\msstp.vbe
podívej se , zda tam najdeš tyto označené soubory.
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 72 hostů