Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by pokit_000 (administrator) on FILIP-PC (05-12-2015 15:27:12)
Running from C:\Users\pokit_000\Desktop
Loaded Profiles: pokit_000 (Available Profiles: pokit_000)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Piriform) C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\pokit_000\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform) C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-05-18] (MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-23] (AVAST Software)
HKLM-x32\...\Run: [CCleanerCloudTray] => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe [2699688 2015-11-20] (Piriform)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638768 2015-12-02] (Electronic Arts)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-23] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.12.50.50 10.14.10.50
Tcpip\..\Interfaces\{D2CA3E08-045B-4244-B719-C63DB76D4CCE}: [DhcpNameServer] 10.12.50.50 10.14.10.50
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4121437175-3883749224-2057971567-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4121437175-3883749224-2057971567-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-23] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-08] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-23] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-08] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-09] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-10-09] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\pokit_000\AppData\Roaming\Mozilla\Firefox\Profiles\andc1vu3.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-12-02] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-10-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-10-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4121437175-3883749224-2057971567-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-23]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-23]
Chrome:
=======
CHR Profile: C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-27]
CHR Extension: (Google Drive) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Google Search) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast Online Security) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-04]
CHR Extension: (Skype Click to Call) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-27]
CHR Extension: (Gmail) - C:\Users\pokit_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-23] (AVAST Software)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCleanerCloudAgentService; C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe [18461608 2015-11-20] (Piriform)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-08] (PS Media s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-23] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-04] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39032 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-05 15:27 - 2015-12-05 15:27 - 00023151 _____ C:\Users\pokit_000\Desktop\FRST.txt
2015-12-05 15:26 - 2015-12-05 15:27 - 00000000 ____D C:\FRST
2015-12-05 15:26 - 2015-12-05 15:26 - 02369024 _____ (Farbar) C:\Users\pokit_000\Desktop\FRST64.exe
2015-12-05 15:20 - 2015-12-05 15:09 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-12-05 15:09 - 2015-12-05 15:21 - 00000000 ____D C:\zoek_backup
2015-12-05 15:08 - 2015-12-05 15:08 - 01309184 _____ C:\Users\pokit_000\Desktop\zoek.exe
2015-12-05 15:07 - 2015-12-05 15:07 - 00005634 _____ C:\Users\pokit_000\Desktop\rk_B6D1.tmp.txt
2015-12-05 14:57 - 2015-12-05 14:57 - 00005056 _____ C:\Users\pokit_000\Desktop\rk_1F1C.tmp.txt
2015-12-05 14:49 - 2015-12-05 14:59 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-05 14:49 - 2015-12-05 14:49 - 25023048 _____ C:\Users\pokit_000\Desktop\RogueKillerX64.exe
2015-12-05 14:48 - 2015-12-05 14:48 - 00000557 _____ C:\Users\pokit_000\Desktop\JRT.txt
2015-12-05 14:45 - 2015-12-05 14:45 - 01599336 _____ (Malwarebytes) C:\Users\pokit_000\Desktop\JRT.exe
2015-12-05 14:45 - 2015-12-05 14:45 - 00000735 _____ C:\Users\pokit_000\Desktop\AdwCleaner[C2].txt
2015-12-05 14:39 - 2015-12-05 14:39 - 00001140 _____ C:\Users\pokit_000\Desktop\Mam.txt
2015-12-05 14:26 - 2015-12-05 14:26 - 00006226 _____ C:\Users\pokit_000\Desktop\AdwCleaner[C1].txt
2015-12-05 14:21 - 2015-12-05 14:41 - 00000000 ____D C:\AdwCleaner
2015-12-05 14:20 - 2015-12-05 14:20 - 01736704 _____ C:\Users\pokit_000\Desktop\AdwCleaner.exe
2015-12-05 14:14 - 2015-12-05 14:16 - 00448512 _____ (OldTimer Tools) C:\Users\pokit_000\Desktop\TFC.exe
2015-12-05 14:10 - 2015-12-05 14:10 - 00050688 _____ (Atribune.org) C:\Users\pokit_000\Desktop\ATF-Cleaner.exe
2015-12-05 14:07 - 2015-12-05 14:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\pokit_000\Desktop\hijackthis.exe
2015-12-04 20:55 - 2015-12-05 13:08 - 00000000 ____D C:\Program Files (x86)\Adobe Arkalis
2015-12-04 20:55 - 2015-12-04 21:29 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\.minecraft
2015-12-04 18:41 - 2015-12-04 18:41 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-04 18:41 - 2015-12-04 18:41 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-04 18:41 - 2015-12-04 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-04 18:41 - 2015-12-04 18:41 - 00000000 ____D C:\Program Files\CCleaner
2015-12-04 18:35 - 2015-12-04 18:35 - 00000000 ____D C:\Users\pokit_000\Desktop\Word a Powerpoint
2015-12-04 18:33 - 2015-12-04 18:33 - 00003296 _____ C:\Windows\System32\Tasks\CCleaner Cloud Update
2015-12-04 18:33 - 2015-12-04 18:33 - 00003074 _____ C:\Windows\System32\Tasks\CCleaner Cloud Watchdog
2015-12-04 18:33 - 2015-12-04 18:33 - 00000000 ____D C:\ProgramData\Piriform
2015-12-04 18:33 - 2015-12-04 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Cloud
2015-12-04 18:33 - 2015-12-04 18:33 - 00000000 ____D C:\Program Files (x86)\CCleaner Cloud
2015-12-04 17:50 - 2015-12-04 17:50 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-12-04 17:50 - 2015-12-04 17:50 - 00000000 _____ C:\autoexec.bat
2015-12-04 16:29 - 2015-12-04 16:29 - 00000000 ____D C:\ProgramData\5e86ac4c-66a1-1
2015-12-04 16:29 - 2015-12-04 16:29 - 00000000 ____D C:\ProgramData\5e86ac4c-4427-0
2015-12-03 14:00 - 2015-12-03 14:00 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 14:00 - 2015-12-03 14:00 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 17:22 - 2015-12-05 14:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-02 17:22 - 2015-12-02 17:22 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-01 17:35 - 2015-12-01 17:35 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-01 17:35 - 2015-11-24 19:29 - 00102704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-12-01 17:34 - 2015-12-01 17:35 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-12-01 17:33 - 2015-11-25 00:10 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 18363696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 11131184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-12-01 17:33 - 2015-11-25 00:10 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435906.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435906.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00422056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-12-01 17:33 - 2015-11-25 00:10 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00117368 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 00039032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-12-01 17:26 - 2015-11-12 19:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-28 17:41 - 2015-11-28 17:41 - 00007597 _____ C:\Users\pokit_000\AppData\Local\Resmon.ResmonCfg
2015-11-24 15:35 - 2015-11-24 17:38 - 00000000 ____D C:\Users\pokit_000\Desktop\Rock Mix
2015-11-24 14:07 - 2015-11-24 14:07 - 00000000 ____D C:\Users\pokit_000\Downloads\Black-Sabbath-(2013)-13-(Deluxe-Edition)
2015-11-24 13:51 - 2015-11-24 14:00 - 164252310 _____ C:\Users\pokit_000\Downloads\Black-Sabbath-(2013)-13-(Deluxe-Edition).rar
2015-11-24 13:48 - 2015-11-24 13:48 - 00000000 ____D C:\Users\pokit_000\Desktop\Black Sabbath
2015-11-24 13:22 - 2015-11-24 13:39 - 00000000 ____D C:\Users\pokit_000\Desktop\Led zeppelin
2015-11-24 13:11 - 2015-11-24 13:11 - 00000000 ____D C:\Users\pokit_000\Downloads\The-Offspring---2005---Greatest-Hits-[320]
2015-11-24 13:03 - 2015-11-24 13:03 - 00000000 ____D C:\Users\pokit_000\Downloads\ACDC - Highway to Hell (1979)
2015-11-24 13:02 - 2015-11-24 13:02 - 00000000 ____D C:\Users\pokit_000\Downloads\ACDC---High-Voltage-(International-1976)-by-masterblaster4
2015-11-24 13:01 - 2015-11-24 13:08 - 125986911 _____ C:\Users\pokit_000\Downloads\The-Offspring---2005---Greatest-Hits-[320].rar
2015-11-24 12:54 - 2015-11-24 13:00 - 102767267 _____ C:\Users\pokit_000\Downloads\ACDC---High-Voltage-(International-1976)-by-masterblaster4.rar
2015-11-24 12:52 - 2015-11-24 12:52 - 00000000 ____D C:\Users\pokit_000\Downloads\Iron-Maiden---The-Book-Of-Souls-(2015)+cover(peko)
2015-11-24 11:44 - 2015-11-24 11:44 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-24 11:44 - 2015-11-24 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-24 11:43 - 2015-11-24 11:44 - 00000000 ____D C:\Program Files\iTunes
2015-11-24 11:43 - 2015-11-24 11:43 - 00000000 ____D C:\Program Files\iPod
2015-11-24 11:43 - 2015-11-24 11:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-24 11:39 - 2015-11-24 11:52 - 229276683 _____ C:\Users\pokit_000\Downloads\Iron-Maiden---The-Book-Of-Souls-(2015)+cover(peko).rar
2015-11-23 20:46 - 2015-11-23 20:45 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-23 20:45 - 2015-12-05 14:25 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-23 20:45 - 2015-11-23 20:45 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-23 20:45 - 2015-11-23 20:45 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-23 20:45 - 2015-11-23 20:45 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-23 20:45 - 2015-11-23 20:45 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\AVAST Software
2015-11-23 20:45 - 2015-11-23 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-23 20:45 - 2015-11-23 20:44 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-23 20:43 - 2015-11-23 20:43 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-21 16:55 - 2015-11-21 16:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-11-20 22:55 - 2015-11-20 22:55 - 00000000 ____D C:\Users\pokit_000\AppData\Local\ElevatedDiagnostics
2015-11-19 17:14 - 2015-11-19 17:25 - 00000000 ____D C:\Users\pokit_000\Documents\FIFA 16
2015-11-19 17:10 - 2015-11-27 09:56 - 00001167 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-11-19 17:10 - 2015-11-19 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-11-19 16:38 - 2015-11-19 16:39 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-19 16:36 - 2015-11-19 17:14 - 00000000 ____D C:\Users\pokit_000\AppData\Local\Origin
2015-11-19 16:35 - 2015-12-02 17:21 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-19 16:35 - 2015-11-19 16:35 - 00000995 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-19 16:35 - 2015-11-19 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-18 21:10 - 2015-11-18 21:10 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\dvdcss
2015-11-16 18:45 - 2015-11-16 18:45 - 00000000 ____D C:\Users\pokit_000\Documents\Vlastní šablony Office
2015-11-15 16:36 - 2015-11-15 16:36 - 00009582 _____ C:\Users\pokit_000\Desktop\wotko.wlmp
2015-11-15 14:27 - 2015-11-15 14:27 - 00000000 ____D C:\Users\pokit_000\Downloads\Intro Template 50
2015-11-15 14:27 - 2015-11-15 14:27 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Blender Foundation
2015-11-15 12:20 - 2015-11-15 12:20 - 00000000 ____D C:\Users\pokit_000\.thumbnails
2015-11-11 20:51 - 2015-11-11 20:51 - 00000222 _____ C:\Users\pokit_000\Desktop\Rocket League.url
2015-11-11 16:28 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 16:28 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 16:28 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 16:28 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 16:28 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 16:28 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 16:28 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 16:28 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 16:28 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 16:28 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 16:28 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 16:28 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 16:28 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 16:28 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 16:28 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 16:28 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 16:28 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 16:28 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 16:28 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 16:28 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 16:28 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 16:28 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 16:28 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 16:28 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 16:28 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 16:28 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 16:28 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 16:28 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 16:28 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 16:28 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 16:28 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 16:28 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 16:28 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 16:28 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 16:28 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 16:28 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 16:28 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 16:28 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 16:28 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 16:28 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 16:28 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 16:28 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 16:28 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 16:28 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 16:28 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 16:28 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 16:28 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 16:28 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 16:28 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 16:28 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 16:28 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 16:28 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 16:28 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 16:28 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 16:28 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 16:28 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 16:28 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 16:28 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 16:28 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 16:28 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 16:28 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 16:28 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 16:28 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 16:28 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 16:28 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 16:28 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 16:28 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 16:28 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 16:28 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 16:28 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 16:28 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 16:28 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 16:28 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 16:28 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 16:28 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 16:28 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-11 16:28 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 16:28 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-07 20:45 - 2015-11-07 20:55 - 176226434 _____ C:\Users\pokit_000\Downloads\AC-DC---High-Voltage-(1976).rar
2015-11-07 14:22 - 2015-11-19 16:24 - 00000000 ____D C:\Users\pokit_000\Desktop\Nová složka
2015-11-05 21:49 - 2015-11-29 12:49 - 00012800 ___SH C:\Users\pokit_000\Desktop\Thumbs.db
2015-11-05 19:22 - 2015-11-05 19:22 - 00000000 ____D C:\Users\pokit_000\AppData\LocalLow\Adobe
2015-11-05 19:21 - 2015-12-04 18:46 - 00000000 ___RD C:\Users\pokit_000\Creative Cloud Files
2015-11-05 19:20 - 2015-11-28 11:35 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-05 19:20 - 2015-11-28 11:35 - 00001157 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-05 17:55 - 2015-11-05 17:55 - 00000000 ____D C:\ProgramData\NFS Underground
2015-11-05 17:54 - 2015-11-05 17:54 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
2015-11-05 17:54 - 2015-11-05 17:54 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Need for Speed Underground v1.2.51733
2015-11-05 17:53 - 2015-11-05 17:53 - 00000000 ____D C:\Program Files (x86)\Portable
2015-11-05 17:41 - 2015-11-05 17:41 - 00000000 ____D C:\Users\pokit_000\Downloads\Game-Dev-Tycoon-1.5.25-+CZ-[Uploaded-by-Damo33]
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-05 15:26 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-05 15:24 - 2015-10-10 21:55 - 00000000 ____D C:\ProgramData\Origin
2015-12-05 15:24 - 2015-10-08 15:47 - 00000000 ____D C:\Users\pokit_000\OneDrive
2015-12-05 15:21 - 2015-10-06 14:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-05 15:21 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 15:00 - 2015-10-24 18:44 - 00036608 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-12-05 14:58 - 2015-10-24 18:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-05 14:48 - 2015-10-08 15:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4121437175-3883749224-2057971567-1001
2015-12-05 14:31 - 2014-11-21 05:53 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 14:31 - 2014-11-21 05:10 - 00738682 _____ C:\Windows\system32\perfh005.dat
2015-12-05 14:31 - 2014-11-21 05:10 - 00151404 _____ C:\Windows\system32\perfc005.dat
2015-12-05 14:31 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-05 14:28 - 2015-10-28 18:42 - 00000000 ____D C:\Users\pokit_000\AppData\Local\Adobe
2015-12-05 14:28 - 2015-10-08 16:05 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{94C882BA-0B96-410A-BBA5-A4642E15D25F}
2015-12-05 14:24 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-05 14:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\security
2015-12-05 14:03 - 2015-10-08 15:44 - 00000000 ____D C:\Users\pokit_000\AppData\Local\Packages
2015-12-04 23:54 - 2015-10-08 19:47 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-04 23:34 - 2015-10-08 17:45 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Skype
2015-12-04 21:21 - 2015-10-29 20:55 - 00000000 ____D C:\Users\pokit_000\AppData\Local\CrashDumps
2015-12-04 21:01 - 2015-10-08 17:46 - 01397248 ___SH C:\Users\pokit_000\Downloads\Thumbs.db
2015-12-04 18:50 - 2015-10-08 16:32 - 00000000 ____D C:\Games
2015-12-04 18:48 - 2015-10-08 20:16 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-04 18:48 - 2015-10-08 19:51 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-04 18:46 - 2015-10-28 18:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-04 18:40 - 2015-10-06 15:40 - 00000000 ____D C:\Windows\Panther
2015-12-04 17:50 - 2015-10-08 15:42 - 00000000 ____D C:\Users\pokit_000
2015-12-04 16:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing
2015-12-02 20:37 - 2015-10-08 17:45 - 00000000 ____D C:\ProgramData\Skype
2015-12-01 17:35 - 2015-10-06 14:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-01 17:35 - 2015-10-06 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-01 17:26 - 2015-10-08 15:44 - 00000000 ____D C:\Users\pokit_000\AppData\Local\NVIDIA Corporation
2015-12-01 17:26 - 2015-10-06 14:59 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-28 11:35 - 2015-10-28 18:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-28 11:35 - 2015-10-08 15:44 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\Adobe
2015-11-27 08:27 - 2015-10-06 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-27 08:08 - 2015-10-06 15:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-27 08:08 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 00:10 - 2015-10-08 17:10 - 15717672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-25 00:10 - 2015-10-06 14:56 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-25 00:10 - 2015-10-06 14:56 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 17516040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 12770752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-11-25 00:10 - 2015-10-06 14:55 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-24 19:40 - 2015-10-06 14:56 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-24 19:40 - 2015-10-06 14:56 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-24 19:40 - 2015-10-06 14:56 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-24 19:40 - 2015-10-06 14:56 - 00938616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-24 19:40 - 2015-10-06 14:56 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-24 19:40 - 2015-10-06 14:56 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-24 13:48 - 2015-10-19 19:32 - 00000000 ____D C:\Users\pokit_000\Desktop\hudba
2015-11-24 11:43 - 2015-10-10 19:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-24 10:57 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-23 20:43 - 2015-10-08 15:49 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-23 20:40 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-23 11:38 - 2015-10-06 14:56 - 06049858 _____ C:\Windows\system32\nvcoproc.bin
2015-11-21 16:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 16:35 - 2015-10-10 21:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-11-18 21:17 - 2015-10-15 19:45 - 00000000 ____D C:\Users\pokit_000\AppData\Roaming\vlc
2015-11-16 15:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-15 16:36 - 2015-10-29 12:43 - 00000000 ____D C:\Users\pokit_000\AppData\Local\Windows Live
2015-11-14 19:12 - 2015-10-10 14:23 - 00000000 ____D C:\Windows\system32\MRT
2015-11-14 19:10 - 2015-10-10 14:23 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-12 19:37 - 2015-10-06 14:56 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-12 19:37 - 2015-10-06 14:56 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-12 19:37 - 2015-10-06 14:56 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-12 19:37 - 2015-10-06 14:56 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-12 16:14 - 2013-08-22 15:44 - 00482280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 16:13 - 2015-10-16 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-12 16:13 - 2015-10-08 16:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-11 22:20 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 21:45 - 2015-10-26 17:56 - 00000000 ____D C:\Users\pokit_000\Documents\My Games
2015-11-11 19:43 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-06 15:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-05 19:21 - 2015-10-29 12:47 - 00000000 ___RD C:\Users\pokit_000\Creative Cloud Files (1)
2015-11-05 19:21 - 2015-10-28 18:46 - 00000000 ____D C:\ProgramData\Adobe
2015-11-05 16:13 - 2015-10-17 16:46 - 00003104 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4121437175-3883749224-2057971567-1001
==================== Files in the root of some directories =======
2015-11-28 17:41 - 2015-11-28 17:41 - 0007597 _____ () C:\Users\pokit_000\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-28 18:26
==================== End of FRST.txt ============================
Adobe Arkalis Vyřešeno
Re: Adobe Arkalis
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by pokit_000 (2015-12-05 15:27:45)
Running from C:\Users\pokit_000\Desktop
Windows 8.1 (X64) (2015-10-08 14:43:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4121437175-3883749224-2057971567-500 - Administrator - Disabled)
Guest (S-1-5-21-4121437175-3883749224-2057971567-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121437175-3883749224-2057971567-1003 - Limited - Enabled)
pokit_000 (S-1-5-21-4121437175-3883749224-2057971567-1001 - Administrator - Enabled) => C:\Users\pokit_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CCleaner Cloud (HKLM-x32\...\CCleaner Cloud) (Version: 1.1.0.1576 - Piriform)
CCleaner Cloud Installer (x32 Version: 1.0.0.1576 - Piriform) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.59 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{20F70BB1-9240-43D2-985C-A8F5C6AAA1C7}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office 2013 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft Launcher 1.8 (HKLM-x32\...\Minecraft Launcher 1.8 1.0.0) (Version: 1.0.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.029 - MSI)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 359.06 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 359.06 (Version: 359.06 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4121437175-3883749224-2057971567-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Restore Points =========================
15-11-2015 12:18:33 Installed Blender
19-11-2015 17:10:23 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
27-11-2015 08:12:57 Naplánovaný kontrolní bod
04-12-2015 18:33:05 Installed CCleaner Cloud Installer
05-12-2015 14:46:52 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2015-12-05 15:11 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DBFEB53-0412-41E7-A87A-BFA417647B91} - System32\Tasks\CCleaner Cloud Watchdog => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2015-11-20] (Piriform)
Task: {43363F76-17F6-4E29-A352-C4E275323BD4} - System32\Tasks\CCleaner Cloud Update => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2015-11-20] (Piriform)
Task: {4612C5B7-D23B-4ED7-9DAF-2FE8D8380790} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {529DF83F-2747-4400-9C3F-305DD6756773} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {5B631322-A3FC-471F-93DA-FBFA96D041DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {61BE47BC-5AA7-4A2B-988B-60EA7A89714B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4121437175-3883749224-2057971567-1001 => C:\Users\pokit_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-05] (Microsoft Corporation)
Task: {7126FC3C-ED05-4400-8929-09F949059736} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {8CA8CB58-1EA2-41E4-A21D-23A6C5A42149} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-17] (Microsoft Corporation)
Task: {9C7F3B8E-5172-4FC4-AA54-FC0973797F74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {A9C21273-1DE1-477F-8085-F5948BB06CA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated)
Task: {AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8} - \UpdateAdmin -> No File <==== ATTENTION
Task: {AC414DDE-BF54-4BBB-ACD8-C2728386076D} - \RocketTab -> No File <==== ATTENTION
Task: {C10707D0-C5EF-4368-BA85-1730F1DA2CF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-17] (Microsoft Corporation)
Task: {C37C31A9-7B1E-4F79-869F-973E48EC6E7F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {D53089D1-B935-40EC-9601-A8E7DDD9908E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {E1E55765-29B9-48C1-9809-B13BDF6BDE01} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-23] (AVAST Software)
Task: {F9D71975-6AB1-42C0-8B6D-95056F4CD0CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-06 14:56 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-09 14:31 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00708912 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00854320 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-08-26 08:44 - 2015-08-26 08:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-11-16 17:55 - 2015-11-16 17:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-12-03 23:40 - 2012-12-03 23:40 - 00024064 _____ () C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
2015-10-09 14:33 - 2015-10-09 14:33 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2015-10-09 14:31 - 2015-10-09 14:31 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
2015-11-23 20:45 - 2015-11-23 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-23 20:44 - 2015-11-23 20:44 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-05 14:15 - 2015-12-05 14:15 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120500\algo.dll
2015-11-23 20:44 - 2015-11-23 20:44 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-23 20:45 - 2015-11-23 20:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-20 03:41 - 2012-09-20 03:41 - 01311275 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.multiarray.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00410432 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.umath.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 02222455 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core._dotblas.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00174793 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.scalarmath.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00041019 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.lib._compiled_base.pyd
2012-09-20 03:42 - 2012-09-20 03:42 - 02382083 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.linalg.lapack_lite.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00046383 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.fft.fftpack_lite.pyd
2012-09-20 03:42 - 2012-09-20 03:42 - 00515437 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.random.mtrand.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00074240 _____ () C:\Program Files (x86)\Adobe Arkalis\_ctypes.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00040960 _____ () C:\Program Files (x86)\Adobe Arkalis\_socket.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00285184 _____ () C:\Program Files (x86)\Adobe Arkalis\_hashlib.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00009728 _____ () C:\Program Files (x86)\Adobe Arkalis\select.pyd
2012-06-19 17:01 - 2012-06-19 17:01 - 00577536 _____ () C:\Program Files (x86)\Adobe Arkalis\pyopencl._cl.pyd
2012-06-15 13:20 - 2012-06-15 13:20 - 00219648 _____ () C:\Program Files (x86)\Adobe Arkalis\boost_python-vc90-mt-1_48.dll
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Adobe Arkalis\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Adobe Arkalis\pywintypes27.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 42913912 _____ () C:\Windows\system32\nvcompiler.dll
2014-11-10 11:12 - 2014-11-10 11:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pokit_000\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.12.50.50 - 10.14.10.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FAFCC2CA-71FB-4D0F-8EDA-731CD2FC5D37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CEBA04E5-8CA4-42CE-A4F9-EECA53775A5F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E182C7D5-EECD-4D46-A5C0-4D6723A4EFDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A8186787-507A-49D5-9749-89E5AB2B3C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{82E6D237-59E0-4AA4-91DF-EDAE72EB971E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CD64F47C-2B52-457E-8ACB-CAFDB6DF1E03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C35F7D61-148A-4DB2-AE43-0811D47E0F98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7966B3AA-4565-49B0-8DD6-E9A0A8706D4E}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{51B56CC5-19F7-4DFA-9A8F-77738CF7095C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1065678-F4CA-410B-9EB4-204D0AA747B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45F6F493-4DFF-46E3-8DE5-1235B17DB926}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46B7B632-7775-47DF-B06C-C5407AAC1DEF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0949CF81-2FD7-4056-9815-D2D654E7B3D2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4D419F51-D14F-4BA7-9CE1-43F17568A094}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F621878-8B27-4795-B4AA-193BA24E5C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E5399394-800E-446A-BC18-3B83BBAF0163}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A9BE6686-9473-49D4-8DCC-5E5E572D5D49}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1A695DDD-E7B1-45F6-8157-D9DB2D845CE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4A24A8-3C89-4B8D-A784-A6C639F9335F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8552D4F5-3100-4852-9E25-F2B4A17EE52A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4FD0F109-5E60-4D3B-9990-608545CEA1A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3B9C5760-C0DE-42E0-9C40-34CD263AEC5B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C81A773C-3594-442E-A9AA-66B09A4556CC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4E9FC1FA-6DE8-4762-86B4-BD5C913DEA6F}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{CC44F72E-BF3F-4E78-BF89-1C9F6ADB325E}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{C06A24DF-B1DC-47EB-AC41-E4D2BF2D8F18}C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DEF1ECC9-66FD-428C-96E2-EA7F94B08CD3}C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DF180E1B-1B98-44AA-8C50-DCC8AA6BA141}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{15B60ECA-697A-4138-B12E-C0AFB0E4B536}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4DC52285-542D-4651-B811-2015B54156DB}] => (Allow) C:\Users\pokit_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{ACDF692D-A3CE-4ACF-AF55-48182E438ACE}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{7FF865B7-6B42-4B64-9365-7E01BAE67D8F}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{7902E31A-15C5-44F3-BC6D-4082071BA77D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D3637F3A-DECC-4DC8-B97A-2EFB1A5EF07A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C0FA66F6-EFA8-4336-B512-00F7A9CF2212}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F5351E1D-49DC-48DF-A8CE-1CA4ECC309A1}] => (Allow) LPort=2869
FirewallRules: [{7560EB2B-BD31-4519-9278-5521F3BAFB42}] => (Allow) LPort=1900
FirewallRules: [{DA7BC739-2207-4A3A-872C-A34F05D50FCB}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A51AF1C5-103E-451C-9D06-5AFEE77FBE69}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F9C64FD3-C269-4C5D-ABDB-049014D57252}C:\games\world_of_tanks_test\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_test\wotlauncher.exe
FirewallRules: [UDP Query User{C03E5A3F-BFC2-4797-9068-FA1C3A23EC47}C:\games\world_of_tanks_test\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_test\wotlauncher.exe
FirewallRules: [TCP Query User{8219E20F-7AFE-4E57-B4D4-3601100FFF25}C:\games\world_of_tanks_test\worldoftanks.exe] => (Block) C:\games\world_of_tanks_test\worldoftanks.exe
FirewallRules: [UDP Query User{76114BAE-980F-40A3-86F5-AD7F0E83D0BD}C:\games\world_of_tanks_test\worldoftanks.exe] => (Block) C:\games\world_of_tanks_test\worldoftanks.exe
FirewallRules: [TCP Query User{91B598B6-D2EA-411C-A390-0AC3F36DC73D}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{575E4761-535E-4484-8C4C-DAED3992B994}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{20EB880A-C5F7-4543-BF6E-A306AB53FEDE}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{DC888A28-9DD6-4595-BC07-00C8E2788931}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{F666F719-6156-425C-B2B7-92C878002408}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{157A63A3-5B44-4130-AF2B-88986F231968}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D6383721-DA4B-4363-9E25-239AA7B90828}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D4CE2098-A580-460C-B4BE-41A5C3BD9D0C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{1922C71D-616C-4687-99E9-7DA5682CBF83}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{403BF088-16C4-4330-A2F3-99B1A6D60243}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{940D185D-6F96-49DA-A3A3-B186AD627A94}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{FC77785D-8E0F-4E56-B009-1F1253C49234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5835943F-BB1A-4890-9982-9B830C5AC803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/05/2015 02:20:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (12/04/2015 09:21:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.3.9600.18009, časové razítko: 0x55c8e432
Název chybujícího modulu: SHELL32.dll, verze: 6.3.9600.18038, časové razítko: 0x55dc78ad
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004b541
ID chybujícího procesu: 0x134c
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3
Úplný název chybujícího balíčku: explorer.exe4
ID aplikace související s chybujícím balíčkem: explorer.exe5
Error: (12/04/2015 06:46:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program CCleaner64.exe verze 5.12.0.5431 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 18c0
Čas spuštění: 01d12ebb8f8044eb
Čas ukončení: 1954
Cesta k aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
ID hlášení: f342bc9d-9aae-11e5-826b-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 06:38:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (12/04/2015 05:19:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1c34
Čas spuštění: 01d12eaf8a6d95a0
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: d34716cc-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 05:19:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1340
Čas spuštění: 01d12eaf797ed414
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: c6b3f16f-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 05:19:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 17f0
Čas spuštění: 01d12eaa1c6261ed
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: c5cbb546-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 04:35:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (12/04/2015 04:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Error: (12/03/2015 10:04:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15437
System errors:
=============
Error: (12/05/2015 03:18:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 02:47:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/05/2015 02:41:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2015-11-24 10:57:23.331
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:57:23.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:52:13.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:52:13.721
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:14.852
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:14.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:13.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:13.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:08.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:08.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 8120 MB
Available physical RAM: 6291.04 MB
Total Virtual: 9400 MB
Available Virtual: 7292.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931 GB) (Free:780.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by pokit_000 (2015-12-05 15:27:45)
Running from C:\Users\pokit_000\Desktop
Windows 8.1 (X64) (2015-10-08 14:43:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4121437175-3883749224-2057971567-500 - Administrator - Disabled)
Guest (S-1-5-21-4121437175-3883749224-2057971567-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121437175-3883749224-2057971567-1003 - Limited - Enabled)
pokit_000 (S-1-5-21-4121437175-3883749224-2057971567-1001 - Administrator - Enabled) => C:\Users\pokit_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CCleaner Cloud (HKLM-x32\...\CCleaner Cloud) (Version: 1.1.0.1576 - Piriform)
CCleaner Cloud Installer (x32 Version: 1.0.0.1576 - Piriform) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.59 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{20F70BB1-9240-43D2-985C-A8F5C6AAA1C7}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office 2013 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft Launcher 1.8 (HKLM-x32\...\Minecraft Launcher 1.8 1.0.0) (Version: 1.0.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.029 - MSI)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 359.06 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 359.06 (Version: 359.06 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4121437175-3883749224-2057971567-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Restore Points =========================
15-11-2015 12:18:33 Installed Blender
19-11-2015 17:10:23 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
27-11-2015 08:12:57 Naplánovaný kontrolní bod
04-12-2015 18:33:05 Installed CCleaner Cloud Installer
05-12-2015 14:46:52 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2015-12-05 15:11 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DBFEB53-0412-41E7-A87A-BFA417647B91} - System32\Tasks\CCleaner Cloud Watchdog => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2015-11-20] (Piriform)
Task: {43363F76-17F6-4E29-A352-C4E275323BD4} - System32\Tasks\CCleaner Cloud Update => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2015-11-20] (Piriform)
Task: {4612C5B7-D23B-4ED7-9DAF-2FE8D8380790} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {529DF83F-2747-4400-9C3F-305DD6756773} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {5B631322-A3FC-471F-93DA-FBFA96D041DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {61BE47BC-5AA7-4A2B-988B-60EA7A89714B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4121437175-3883749224-2057971567-1001 => C:\Users\pokit_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-05] (Microsoft Corporation)
Task: {7126FC3C-ED05-4400-8929-09F949059736} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {8CA8CB58-1EA2-41E4-A21D-23A6C5A42149} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-17] (Microsoft Corporation)
Task: {9C7F3B8E-5172-4FC4-AA54-FC0973797F74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {A9C21273-1DE1-477F-8085-F5948BB06CA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated)
Task: {AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8} - \UpdateAdmin -> No File <==== ATTENTION
Task: {AC414DDE-BF54-4BBB-ACD8-C2728386076D} - \RocketTab -> No File <==== ATTENTION
Task: {C10707D0-C5EF-4368-BA85-1730F1DA2CF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-17] (Microsoft Corporation)
Task: {C37C31A9-7B1E-4F79-869F-973E48EC6E7F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {D53089D1-B935-40EC-9601-A8E7DDD9908E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {E1E55765-29B9-48C1-9809-B13BDF6BDE01} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-23] (AVAST Software)
Task: {F9D71975-6AB1-42C0-8B6D-95056F4CD0CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-06 14:56 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-09 14:31 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-08-25 15:01 - 2014-08-25 15:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00708912 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00854320 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-08-26 08:44 - 2015-08-26 08:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-11-16 17:55 - 2015-11-16 17:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-12-03 23:40 - 2012-12-03 23:40 - 00024064 _____ () C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
2015-10-09 14:33 - 2015-10-09 14:33 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2015-10-09 14:31 - 2015-10-09 14:31 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
2015-11-23 20:45 - 2015-11-23 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-23 20:44 - 2015-11-23 20:44 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-05 14:15 - 2015-12-05 14:15 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120500\algo.dll
2015-11-23 20:44 - 2015-11-23 20:44 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-06 14:56 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-19 16:36 - 2015-12-02 17:19 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-23 20:45 - 2015-11-23 20:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-20 03:41 - 2012-09-20 03:41 - 01311275 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.multiarray.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00410432 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.umath.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 02222455 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core._dotblas.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00174793 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.core.scalarmath.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00041019 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.lib._compiled_base.pyd
2012-09-20 03:42 - 2012-09-20 03:42 - 02382083 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.linalg.lapack_lite.pyd
2012-09-20 03:41 - 2012-09-20 03:41 - 00046383 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.fft.fftpack_lite.pyd
2012-09-20 03:42 - 2012-09-20 03:42 - 00515437 _____ () C:\Program Files (x86)\Adobe Arkalis\numpy.random.mtrand.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00074240 _____ () C:\Program Files (x86)\Adobe Arkalis\_ctypes.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00040960 _____ () C:\Program Files (x86)\Adobe Arkalis\_socket.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00285184 _____ () C:\Program Files (x86)\Adobe Arkalis\_hashlib.pyd
2012-04-11 03:31 - 2012-04-11 03:31 - 00009728 _____ () C:\Program Files (x86)\Adobe Arkalis\select.pyd
2012-06-19 17:01 - 2012-06-19 17:01 - 00577536 _____ () C:\Program Files (x86)\Adobe Arkalis\pyopencl._cl.pyd
2012-06-15 13:20 - 2012-06-15 13:20 - 00219648 _____ () C:\Program Files (x86)\Adobe Arkalis\boost_python-vc90-mt-1_48.dll
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Adobe Arkalis\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Adobe Arkalis\pywintypes27.dll
2015-12-01 17:33 - 2015-11-25 00:10 - 42913912 _____ () C:\Windows\system32\nvcompiler.dll
2014-11-10 11:12 - 2014-11-10 11:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pokit_000\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.12.50.50 - 10.14.10.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FAFCC2CA-71FB-4D0F-8EDA-731CD2FC5D37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CEBA04E5-8CA4-42CE-A4F9-EECA53775A5F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E182C7D5-EECD-4D46-A5C0-4D6723A4EFDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A8186787-507A-49D5-9749-89E5AB2B3C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{82E6D237-59E0-4AA4-91DF-EDAE72EB971E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CD64F47C-2B52-457E-8ACB-CAFDB6DF1E03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C35F7D61-148A-4DB2-AE43-0811D47E0F98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7966B3AA-4565-49B0-8DD6-E9A0A8706D4E}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{51B56CC5-19F7-4DFA-9A8F-77738CF7095C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1065678-F4CA-410B-9EB4-204D0AA747B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{45F6F493-4DFF-46E3-8DE5-1235B17DB926}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46B7B632-7775-47DF-B06C-C5407AAC1DEF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0949CF81-2FD7-4056-9815-D2D654E7B3D2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4D419F51-D14F-4BA7-9CE1-43F17568A094}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F621878-8B27-4795-B4AA-193BA24E5C29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E5399394-800E-446A-BC18-3B83BBAF0163}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A9BE6686-9473-49D4-8DCC-5E5E572D5D49}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1A695DDD-E7B1-45F6-8157-D9DB2D845CE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4A24A8-3C89-4B8D-A784-A6C639F9335F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8552D4F5-3100-4852-9E25-F2B4A17EE52A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4FD0F109-5E60-4D3B-9990-608545CEA1A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3B9C5760-C0DE-42E0-9C40-34CD263AEC5B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C81A773C-3594-442E-A9AA-66B09A4556CC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4E9FC1FA-6DE8-4762-86B4-BD5C913DEA6F}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{CC44F72E-BF3F-4E78-BF89-1C9F6ADB325E}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{C06A24DF-B1DC-47EB-AC41-E4D2BF2D8F18}C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DEF1ECC9-66FD-428C-96E2-EA7F94B08CD3}C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pokit_000\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DF180E1B-1B98-44AA-8C50-DCC8AA6BA141}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{15B60ECA-697A-4138-B12E-C0AFB0E4B536}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4DC52285-542D-4651-B811-2015B54156DB}] => (Allow) C:\Users\pokit_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{ACDF692D-A3CE-4ACF-AF55-48182E438ACE}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{7FF865B7-6B42-4B64-9365-7E01BAE67D8F}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{7902E31A-15C5-44F3-BC6D-4082071BA77D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D3637F3A-DECC-4DC8-B97A-2EFB1A5EF07A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C0FA66F6-EFA8-4336-B512-00F7A9CF2212}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F5351E1D-49DC-48DF-A8CE-1CA4ECC309A1}] => (Allow) LPort=2869
FirewallRules: [{7560EB2B-BD31-4519-9278-5521F3BAFB42}] => (Allow) LPort=1900
FirewallRules: [{DA7BC739-2207-4A3A-872C-A34F05D50FCB}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A51AF1C5-103E-451C-9D06-5AFEE77FBE69}] => (Allow) c:\program files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F9C64FD3-C269-4C5D-ABDB-049014D57252}C:\games\world_of_tanks_test\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_test\wotlauncher.exe
FirewallRules: [UDP Query User{C03E5A3F-BFC2-4797-9068-FA1C3A23EC47}C:\games\world_of_tanks_test\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_test\wotlauncher.exe
FirewallRules: [TCP Query User{8219E20F-7AFE-4E57-B4D4-3601100FFF25}C:\games\world_of_tanks_test\worldoftanks.exe] => (Block) C:\games\world_of_tanks_test\worldoftanks.exe
FirewallRules: [UDP Query User{76114BAE-980F-40A3-86F5-AD7F0E83D0BD}C:\games\world_of_tanks_test\worldoftanks.exe] => (Block) C:\games\world_of_tanks_test\worldoftanks.exe
FirewallRules: [TCP Query User{91B598B6-D2EA-411C-A390-0AC3F36DC73D}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{575E4761-535E-4484-8C4C-DAED3992B994}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{20EB880A-C5F7-4543-BF6E-A306AB53FEDE}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{DC888A28-9DD6-4595-BC07-00C8E2788931}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{F666F719-6156-425C-B2B7-92C878002408}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{157A63A3-5B44-4130-AF2B-88986F231968}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D6383721-DA4B-4363-9E25-239AA7B90828}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D4CE2098-A580-460C-B4BE-41A5C3BD9D0C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{1922C71D-616C-4687-99E9-7DA5682CBF83}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{403BF088-16C4-4330-A2F3-99B1A6D60243}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{940D185D-6F96-49DA-A3A3-B186AD627A94}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{FC77785D-8E0F-4E56-B009-1F1253C49234}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5835943F-BB1A-4890-9982-9B830C5AC803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/05/2015 02:20:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (12/04/2015 09:21:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.3.9600.18009, časové razítko: 0x55c8e432
Název chybujícího modulu: SHELL32.dll, verze: 6.3.9600.18038, časové razítko: 0x55dc78ad
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004b541
ID chybujícího procesu: 0x134c
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3
Úplný název chybujícího balíčku: explorer.exe4
ID aplikace související s chybujícím balíčkem: explorer.exe5
Error: (12/04/2015 06:46:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program CCleaner64.exe verze 5.12.0.5431 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 18c0
Čas spuštění: 01d12ebb8f8044eb
Čas ukončení: 1954
Cesta k aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
ID hlášení: f342bc9d-9aae-11e5-826b-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 06:38:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (12/04/2015 05:19:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1c34
Čas spuštění: 01d12eaf8a6d95a0
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: d34716cc-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 05:19:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1340
Čas spuštění: 01d12eaf797ed414
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: c6b3f16f-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 05:19:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.600.27 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 17f0
Čas spuštění: 01d12eaa1c6261ed
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
ID hlášení: c5cbb546-9aa2-11e5-8268-d8cb8a9a33a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/04/2015 04:35:05 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (12/04/2015 04:29:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Error: (12/03/2015 10:04:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15437
System errors:
=============
Error: (12/05/2015 03:18:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 03:18:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/05/2015 02:47:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (12/05/2015 02:41:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/05/2015 02:41:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2015-11-24 10:57:23.331
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:57:23.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:52:13.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:52:13.721
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:14.852
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:14.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:13.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:13.709
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:08.543
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-24 10:34:08.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 8120 MB
Available physical RAM: 6291.04 MB
Total Virtual: 9400 MB
Available Virtual: 7292.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931 GB) (Free:780.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 931.5 GB) (Disk ID: 00000000)Partition: GPT.
==================== End of Addition.txt ============================
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Adobe Arkalis
A fixlist si náhodou sám udělat nechceš? Mohl jsi si také smazat součást systému! 
Odinstaluj Spyhunter
Podívej se, co je v těchto složkách:
C:\Windows\ToastData
C:\Windows\CbsTemp
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.
Toto otestuj na Virustotal
C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
C:\ProgramData\regid.1991-06.com.microsoft
C:\Windows\system32\nvcoproc.bin
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Odinstaluj Spyhunter
Podívej se, co je v těchto složkách:
C:\Windows\ToastData
C:\Windows\CbsTemp
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.
Toto otestuj na Virustotal
C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
C:\ProgramData\regid.1991-06.com.microsoft
C:\Windows\system32\nvcoproc.bin
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CCleanerCloudTray] => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe [2699688 2015-11-20] (Piriform)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638768 2015-12-02] (Electronic Arts)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin HKU\S-1-5-21-4121437175-3883749224-2057971567-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
C:\autoexec.bat
C:\ProgramData\5e86ac4c-66a1-1
C:\ProgramData\5e86ac4c-4427-0
C:\Windows\LastGood.Tmp
C:\Program Files (x86)\Adobe Arkalis
Task: {529DF83F-2747-4400-9C3F-305DD6756773} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {A9C21273-1DE1-477F-8085-F5948BB06CA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated)
Task: {AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8} - \UpdateAdmin -> No File <==== ATTENTION
Task: {AC414DDE-BF54-4BBB-ACD8-C2728386076D} - \RocketTab -> No File <==== ATTENTION
Task: {C37C31A9-7B1E-4F79-869F-973E48EC6E7F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
EmptyTemp:
Hosts:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Adobe Arkalis
Fix result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by pokit_000 (2015-12-05 16:17:15) Run:1
Running from C:\Users\pokit_000\Desktop
Loaded Profiles: pokit_000 (Available Profiles: pokit_000)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CCleanerCloudTray] => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe [2699688 2015-11-20] (Piriform)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638768 2015-12-02] (Electronic Arts)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin HKU\S-1-5-21-4121437175-3883749224-2057971567-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
C:\autoexec.bat
C:\ProgramData\5e86ac4c-66a1-1
C:\ProgramData\5e86ac4c-4427-0
C:\Windows\LastGood.Tmp
C:\Program Files (x86)\Adobe Arkalis
Task: {529DF83F-2747-4400-9C3F-305DD6756773} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {A9C21273-1DE1-477F-8085-F5948BB06CA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated)
Task: {AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8} - \UpdateAdmin -> No File <==== ATTENTION
Task: {AC414DDE-BF54-4BBB-ACD8-C2728386076D} - \RocketTab -> No File <==== ATTENTION
Task: {C37C31A9-7B1E-4F79-869F-973E48EC6E7F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CCleanerCloudTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64 => value removed successfully
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EADM => value removed successfully
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
Firefox "newtab" removed successfully
Firefox "homepage" removed successfully
"HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\autoexec.bat => moved successfully
C:\ProgramData\5e86ac4c-66a1-1 => moved successfully
C:\ProgramData\5e86ac4c-4427-0 => moved successfully
C:\Windows\LastGood.Tmp => moved successfully
C:\Program Files (x86)\Adobe Arkalis => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{529DF83F-2747-4400-9C3F-305DD6756773}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{529DF83F-2747-4400-9C3F-305DD6756773}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9C21273-1DE1-477F-8085-F5948BB06CA0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9C21273-1DE1-477F-8085-F5948BB06CA0}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateAdmin => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC414DDE-BF54-4BBB-ACD8-C2728386076D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC414DDE-BF54-4BBB-ACD8-C2728386076D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C37C31A9-7B1E-4F79-869F-973E48EC6E7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C37C31A9-7B1E-4F79-869F-973E48EC6E7F}" => key removed successfully
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 139.8 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 16:17:32 ====
Omlouvám se, ale postupoval sem stejně jako poprvé a podle návodu...
Ale soubory/složky, které chceš abych otestoval na Virustotal přes prohlížeč nemůžu najít, ale jinak je normálně najdu.
Ran by pokit_000 (2015-12-05 16:17:15) Run:1
Running from C:\Users\pokit_000\Desktop
Loaded Profiles: pokit_000 (Available Profiles: pokit_000)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CCleanerCloudTray] => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe [2699688 2015-11-20] (Piriform)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638768 2015-12-02] (Electronic Arts)
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin HKU\S-1-5-21-4121437175-3883749224-2057971567-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
C:\autoexec.bat
C:\ProgramData\5e86ac4c-66a1-1
C:\ProgramData\5e86ac4c-4427-0
C:\Windows\LastGood.Tmp
C:\Program Files (x86)\Adobe Arkalis
Task: {529DF83F-2747-4400-9C3F-305DD6756773} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {A9C21273-1DE1-477F-8085-F5948BB06CA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated)
Task: {AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8} - \UpdateAdmin -> No File <==== ATTENTION
Task: {AC414DDE-BF54-4BBB-ACD8-C2728386076D} - \RocketTab -> No File <==== ATTENTION
Task: {C37C31A9-7B1E-4F79-869F-973E48EC6E7F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CCleanerCloudTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64 => value removed successfully
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EADM => value removed successfully
HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
Firefox "newtab" removed successfully
Firefox "homepage" removed successfully
"HKU\S-1-5-21-4121437175-3883749224-2057971567-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\pokit_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\autoexec.bat => moved successfully
C:\ProgramData\5e86ac4c-66a1-1 => moved successfully
C:\ProgramData\5e86ac4c-4427-0 => moved successfully
C:\Windows\LastGood.Tmp => moved successfully
C:\Program Files (x86)\Adobe Arkalis => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{529DF83F-2747-4400-9C3F-305DD6756773}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{529DF83F-2747-4400-9C3F-305DD6756773}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9C21273-1DE1-477F-8085-F5948BB06CA0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9C21273-1DE1-477F-8085-F5948BB06CA0}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAE86E72-0E3D-4E88-AC70-F6D13B6F4ED8}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateAdmin => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC414DDE-BF54-4BBB-ACD8-C2728386076D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC414DDE-BF54-4BBB-ACD8-C2728386076D}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C37C31A9-7B1E-4F79-869F-973E48EC6E7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C37C31A9-7B1E-4F79-869F-973E48EC6E7F}" => key removed successfully
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MicrosoftAccount-pokit@email.cz" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 139.8 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 16:17:32 ====
Omlouvám se, ale postupoval sem stejně jako poprvé a podle návodu...
Ale soubory/složky, které chceš abych otestoval na Virustotal přes prohlížeč nemůžu najít, ale jinak je normálně najdu.
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Adobe Arkalis
Zkopíruj je na plochu a z plochy je otestuj.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Adobe Arkalis
C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf - https://www.virustotal.com/cs/file/e3b0 ... 449331381/
C:\Windows\system32\nvcoproc.bin - https://www.virustotal.com/cs/file/e38f ... 449331435/
C:\ProgramData\regid.1991-06.com.microsoft - https://www.virustotal.com/cs/file/f9a2 ... 449331319/
C:\Windows\system32\nvcoproc.bin - https://www.virustotal.com/cs/file/e38f ... 449331435/
C:\ProgramData\regid.1991-06.com.microsoft - https://www.virustotal.com/cs/file/f9a2 ... 449331319/
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Adobe Arkalis
Ještě se podívej, co je v těch složkách jak jsem posílal.
+
Co problémy?
+
Co problémy?
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Adobe Arkalis
Vypadá to, že problůémy žádné nejdou :) 
jinak tohle je obsah těch složek
jinak tohle je obsah těch složek- Přílohy
-
- lkl.png (10.96 KiB) Zobrazeno 15546 x
-
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Adobe Arkalis
Fajn 
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Adobe Arkalis Vyřešeno
# DelFix v1.011 - Logfile created 05/12/2015 at 22:50:33
# Updated 18/08/2015 by Xplode
# Username : pokit_000 - FILIP-PC
# Operating System : Windows 8.1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\pokit_000\Desktop\Addition.txt
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner.exe
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner[C1].txt
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner[C2].txt
Deleted : C:\Users\pokit_000\Desktop\Fixlog.txt
Deleted : C:\Users\pokit_000\Desktop\FRST.txt
Deleted : C:\Users\pokit_000\Desktop\FRST64.exe
Deleted : C:\Users\pokit_000\Desktop\JRT.exe
Deleted : C:\Users\pokit_000\Desktop\JRT.txt
Deleted : C:\Users\pokit_000\Desktop\hijackthis.exe
Deleted : C:\Users\pokit_000\Desktop\hijackthis.log
Deleted : C:\Users\pokit_000\Desktop\RogueKillerX64.exe
Deleted : C:\Users\pokit_000\Desktop\TFC.exe
Deleted : C:\Users\pokit_000\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #16 [Installed Blender | 11/15/2015 11:18:33]
Deleted : RP #17 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 11/19/2015 16:10:23]
Deleted : RP #18 [Naplánovaný kontrolní bod | 11/27/2015 07:12:57]
Deleted : RP #19 [Installed CCleaner Cloud Installer | 12/04/2015 17:33:05]
Deleted : RP #20 [JRT Pre-Junkware Removal | 12/05/2015 13:46:52]
New restore point created !
########## - EOF - ##########
# Updated 18/08/2015 by Xplode
# Username : pokit_000 - FILIP-PC
# Operating System : Windows 8.1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\pokit_000\Desktop\Addition.txt
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner.exe
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner[C1].txt
Deleted : C:\Users\pokit_000\Desktop\AdwCleaner[C2].txt
Deleted : C:\Users\pokit_000\Desktop\Fixlog.txt
Deleted : C:\Users\pokit_000\Desktop\FRST.txt
Deleted : C:\Users\pokit_000\Desktop\FRST64.exe
Deleted : C:\Users\pokit_000\Desktop\JRT.exe
Deleted : C:\Users\pokit_000\Desktop\JRT.txt
Deleted : C:\Users\pokit_000\Desktop\hijackthis.exe
Deleted : C:\Users\pokit_000\Desktop\hijackthis.log
Deleted : C:\Users\pokit_000\Desktop\RogueKillerX64.exe
Deleted : C:\Users\pokit_000\Desktop\TFC.exe
Deleted : C:\Users\pokit_000\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #16 [Installed Blender | 11/15/2015 11:18:33]
Deleted : RP #17 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 | 11/19/2015 16:10:23]
Deleted : RP #18 [Naplánovaný kontrolní bod | 11/27/2015 07:12:57]
Deleted : RP #19 [Installed CCleaner Cloud Installer | 12/04/2015 17:33:05]
Deleted : RP #20 [JRT Pre-Junkware Removal | 12/05/2015 13:46:52]
New restore point created !
########## - EOF - ##########
Re: Adobe Arkalis
Díky moc! :)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 70 hostů