Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

FIrefox mi otvára nežiadúce web stránky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#16 Příspěvek od Zanzdm »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 14.01.17
Čas skenování: 8:12
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.5.1299
Verze komponentů: 1.0.43
Aktualizovat verzi balíku komponent: 1.0.1008
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: HF-PC\HF

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 224825
Uplynulý čas: 1 hod, 3 min, 8 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.Kuaizip, HKLM\SOFTWARE\CLASSES\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2}, Smazání při restartu, [1408], [346210],1.0.1008

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 9
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\lang, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\lang, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\sfx, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\data, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\skin, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\ali, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86, V karanténě, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\PROGRAM FILES\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085, Žádná uživatelská akce, [1408], [342516],1.0.1008

Soubor: 43
Adware.Eszjuxuan, C:\ADWCLEANER\QUARANTINE\FILES\OVFSQWDYCIYDTJRSAWQBPNUHAUSMRLUO.BACK, Smazání při restartu, [59], [333631],1.0.1008
PUP.Optional.ChinAd, C:\ADWCLEANER\QUARANTINE\FILES\IIBGPMGVFQMRGSZNFIHZJDVTGEVBRDTS\MININEWSXKTT.EXE, Smazání při restartu, [709], [336896],1.0.1008
PUP.Optional.Kuaizip, C:\ADWCLEANER\QUARANTINE\FILES\IIBGPMGVFQMRGSZNFIHZJDVTGEVBRDTS\KUAIZIPSETUP_ZZLM_013.EXE, Smazání při restartu, [1408], [353144],1.0.1008
PUP.Optional.Kuaizip, C:\PROGRAM FILES\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\KUAIZIPDRIVE.SYS, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\ali\jp.png, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\ali\kzshop.ico, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\data\slimdata.dat, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\skin\disopt.skn, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\lang\Chs_Lang.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\7z.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\KZFormat.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\KZModule.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\Mount.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\MountCore.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X64\SetupHelper.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\lang\Chs_Lang.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\sfx\kzSetup_chs.sfx, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\7z.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\DiskOpt.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\DuiLib.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\finderlib.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\KZFormat.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\KZModule.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\KZTui.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\Mount.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\MountCore.dll, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\SetupHelper.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\Uninst.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\X86\Update.exe, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\7zNew.dat, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\ErrorMsg.xml, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\KzNew.dat, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\readme.txt, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\SLDefault.xml, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\ZipNew.dat, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.Kuaizip, C:\Program Files\\u00c5\u00bc\u00c4\u009b\u00c5\u0083\u00c4\u0085\__-________.URL, Smazání při restartu, [1408], [342516],1.0.1008
PUP.Optional.AdOffer, C:\USERS\HF\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\E3CDW0O6\BITOOL[1].DLL, Žádná uživatelská akce, [11786], [144668],1.0.1008
PUP.Optional.Bundler, C:\USERS\HF\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\XOWCLUFD\FINALINSTALLER_DOTNET4[1].EXE, Žádná uživatelská akce, [222], [8918],1.0.1008
PUP.Optional.Trotux, C:\USERS\HF\APPDATA\ROAMING\PROFILES\ARERNISPWORAGH.DEFAULT\PREFS.JS, Žádná uživatelská akce, [420], [324486],1.0.1008
PUP.Optional.Trotux, C:\USERS\HF\APPDATA\ROAMING\PROFILES\ARERNISPWORAGH.DEFAULT\PREFS.JS, Žádná uživatelská akce, [420], [324486],1.0.1008
PUP.Optional.Trotux, C:\USERS\HF\APPDATA\ROAMING\PROFILES\ARERNISPWORAGH.DEFAULT\PREFS.JS, Žádná uživatelská akce, [420], [324486],1.0.1008
PUP.Optional.Trotux, C:\USERS\HF\APPDATA\ROAMING\PROFILES\ARERNISPWORAGH.DEFAULT\PREFS.JS, Žádná uživatelská akce, [420], [324486],1.0.1008
PUP.Optional.Youndoo, C:\USERS\HF\APPDATA\ROAMING\PROFILES\PLAPSANERNOENT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [766], [324487],1.0.1008

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#17 Příspěvek od Zanzdm »

Všetky zistené hrozby z MBAM som umiestnil do karantény a potom vymazal.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7264
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: FIrefox mi otvára nežiadúce web stránky

#18 Příspěvek od altrok »

Vyborne, dejte prosim nove logy FRST.txt a Addition.txt
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#19 Příspěvek od Zanzdm »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
Ran by HF (administrator) on HF-PC (14-01-2017 15:21:41)
Running from C:\Users\HF\Desktop
Loaded Profiles: HF (Available Profiles: HF & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamtray.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5318992 2015-12-10] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5557584 2015-12-10] (Crawler Group, LLC)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2015-06-28] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2015-06-28] ()
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [HP Deskjet 4620 series (NET)] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3971648 2016-12-20] (GOG.com)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [CCleaner Monitoring] => D:\Program Files (x86)\Ccleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-11-26]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2015-07-10]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{aeaadf67-9893-4422-af13-2bc8efd56a19}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-07-28] (Crawler Group, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-07-28] (Crawler Group, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default [2017-01-14]
FF Session Restore: Mozilla\Firefox\Profiles\fwuohxmc.default -> is enabled.
FF Extension: (Garmin Communicator) - C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-12-29]
FF Extension: (Adblock Plus) - C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF SearchPlugin: C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\searchplugins\google-default.xml [2015-01-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4039880186-1844316042-2073029014-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\HF\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-11-26] () [File not signed]
R2 ClickToRunSvc; C:\PROGRAM FILES\MICROSOFT OFFICE 15\CLIENTX64\OFFICECLICKTORUN.EXE [3042032 2016-11-01] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-12-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-10] (GOG.com)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-20] (Electronic Arts)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [315488 2015-01-02] (Skype Technologies)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3267408 2015-12-10] (Crawler Group, LLC)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 xuzetofy; C:\Program Files (x86)\368b2629-7a03-4729-9ab5-7b52dcab61d01483953004\kns44B7.tmp [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-08-21] (Disc Soft Ltd)
S3 dtscsibus; C:\WINDOWS\System32\DRIVERS\dtscsibus.sys [29864 2015-01-28] (Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-21] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 HWiNFO32; D:\Program Files (x86)\HWiNFO64\HWiNFO64A.SYS [30592 2012-05-10] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-14] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S2 WinDivert1.2; \??\C:\WINDOWS\system32\drivers\WinDivert64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-14 15:21 - 2017-01-14 15:21 - 00000000 ____D C:\Users\HF\Desktop\FRST-OlderVersion
2017-01-14 08:08 - 2017-01-14 08:08 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-14 08:07 - 2017-01-14 09:50 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-14 08:07 - 2017-01-14 09:50 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-14 08:07 - 2017-01-14 09:50 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-14 08:07 - 2017-01-14 08:07 - 00001285 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-14 08:07 - 2017-01-14 08:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-01-14 08:07 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-14 08:05 - 2017-01-14 08:05 - 54199488 _____ (Malwarebytes ) C:\Users\HF\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-14 01:57 - 2017-01-14 01:57 - 00000877 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-01-14 01:44 - 2017-01-14 01:44 - 00000000 ____D C:\Users\HF\AppData\Roaming\KZMount
2017-01-11 00:44 - 2017-01-11 00:45 - 00055619 _____ C:\Users\HF\Desktop\Addition.txt
2017-01-11 00:43 - 2017-01-14 15:22 - 00016418 _____ C:\Users\HF\Desktop\FRST.txt
2017-01-10 19:22 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 19:22 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 19:22 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-10 19:22 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-10 19:22 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-10 19:22 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-10 19:22 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-10 19:22 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 19:22 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 19:22 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-10 19:22 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-10 19:22 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-10 19:22 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-10 19:22 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 19:22 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-10 19:22 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-10 19:22 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-10 19:22 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-10 19:22 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-10 19:22 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-10 19:22 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-10 19:22 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-10 19:22 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 19:22 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-10 19:22 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 19:22 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-10 19:22 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 19:22 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-10 19:22 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-10 19:22 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-10 19:22 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-10 19:22 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 19:22 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 19:22 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 19:22 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-10 19:22 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 19:22 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 19:22 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-10 19:22 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-10 19:22 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-10 19:22 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-10 19:22 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-10 19:22 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 19:22 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-10 19:22 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-10 19:22 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-10 19:22 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-10 19:22 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-10 19:22 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-10 19:22 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-10 19:22 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-10 19:22 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 19:22 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-10 19:22 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 19:22 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 19:22 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-10 19:22 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-10 19:22 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 19:22 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 19:22 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-10 19:22 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-10 19:22 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 19:22 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-10 19:22 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-10 19:22 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 19:22 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-10 19:22 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 19:22 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-10 19:22 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 19:22 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 19:22 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-10 19:22 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-10 19:22 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-10 19:22 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-10 19:22 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-10 19:22 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-10 19:21 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-10 19:21 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-10 19:21 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-10 19:21 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 19:21 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 19:21 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 19:21 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 19:21 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 19:21 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 19:21 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-10 19:21 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 19:21 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-10 19:21 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-10 19:21 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 19:21 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 19:21 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-10 19:21 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-10 19:21 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-10 19:21 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-10 19:21 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-10 19:21 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-10 19:21 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-10 19:21 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-10 19:21 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 19:21 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-10 19:21 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 19:21 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 19:21 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 19:21 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 19:21 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 19:21 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-10 19:21 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 19:21 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 19:21 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 19:21 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 19:21 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 19:21 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 19:21 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 19:21 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 19:21 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-10 19:21 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 19:21 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-10 19:21 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 19:21 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 19:21 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 19:21 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-10 19:21 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 19:21 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 19:21 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 19:21 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 18:58 - 2017-01-14 08:02 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-01-10 18:57 - 2017-01-10 18:57 - 00001587 _____ C:\Users\HF\Desktop\UC浏览器.lnk
2017-01-10 18:57 - 2017-01-10 18:57 - 00000000 ____D C:\Users\HF\AppData\Local\UCBrowser
2017-01-10 18:53 - 2017-01-10 18:57 - 00026452 _____ C:\Users\HF\Desktop\Fixlog.txt
2017-01-10 18:49 - 2017-01-10 18:49 - 00009323 _____ C:\Users\HF\Documents\fixlist.txt
2017-01-10 18:45 - 2017-01-14 09:18 - 00000000 ____D C:\Program Files\żěŃą
2017-01-10 18:45 - 2017-01-10 18:45 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2017-01-10 18:45 - 2017-01-10 18:45 - 00000882 _____ C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-01-10 18:45 - 2017-01-10 18:45 - 00000858 _____ C:\Users\HF\Desktop\żěŃą.lnk
2017-01-10 18:38 - 2017-01-10 18:57 - 00000462 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-01-10 18:38 - 2017-01-10 18:38 - 00001599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2017-01-10 18:38 - 2017-01-10 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-10 18:03 - 2017-01-10 18:04 - 03988944 _____ C:\Users\HF\Downloads\adwcleaner_6.042.exe
2017-01-10 17:46 - 2017-01-10 17:48 - 00061452 _____ C:\Users\HF\Downloads\Addition.txt
2017-01-10 17:45 - 2017-01-14 15:21 - 00000000 ____D C:\FRST
2017-01-10 17:45 - 2017-01-10 17:48 - 00045415 _____ C:\Users\HF\Downloads\FRST.txt
2017-01-10 17:44 - 2017-01-14 15:21 - 02419200 _____ (Farbar) C:\Users\HF\Desktop\FRST64.exe
2017-01-09 13:09 - 2017-01-09 13:10 - 00017346 _____ C:\WINDOWS\ntbtlog.txt
2017-01-09 12:57 - 2017-01-09 12:57 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-01-09 10:06 - 2017-01-10 20:09 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-12-31 17:54 - 2016-12-31 17:54 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Artplant
2016-12-31 17:49 - 2016-12-31 17:51 - 00000000 ____D C:\Users\HF\Documents\GrimmDarkLegacy
2016-12-31 17:49 - 2016-12-31 17:49 - 00000000 ____D C:\Users\HF\Documents\SkidRow
2016-12-28 22:27 - 2016-12-28 22:27 - 00000000 ____D C:\Users\HF\AppData\Roaming\Amanita-Design.Samorost3
2016-12-25 18:51 - 2016-12-25 18:51 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Zadbox Entertainment
2016-12-21 20:53 - 2016-12-21 20:53 - 00024574 _____ C:\Users\HF\Desktop\66907082.jpg
2016-12-16 01:43 - 2016-12-16 01:43 - 00013905 _____ C:\Users\HF\Documents\DM Freestate.docx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-14 15:20 - 2015-05-25 19:21 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-14 15:19 - 2016-11-18 00:44 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Mozilla
2017-01-14 15:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-14 09:49 - 2016-08-07 10:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-14 09:49 - 2016-08-07 10:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-14 09:49 - 2016-06-21 08:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-14 09:48 - 2016-08-07 10:06 - 00000000 ____D C:\Users\HF
2017-01-14 09:48 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-14 08:55 - 2016-08-07 10:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-14 08:07 - 2016-06-21 08:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-14 08:00 - 2015-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2017-01-14 04:45 - 2016-07-19 20:24 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-01-14 01:59 - 2014-12-24 19:02 - 00000000 ____D C:\Users\HF\Documents\My Games
2017-01-14 01:17 - 2014-11-23 21:55 - 00000000 ____D C:\Users\HF\AppData\Roaming\vlc
2017-01-13 22:02 - 2016-06-20 23:40 - 00000000 ____D C:\Users\HF\AppData\Local\Packages
2017-01-13 19:27 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-13 19:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-11 22:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 22:26 - 2016-04-27 07:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 22:17 - 2016-08-07 10:01 - 00341344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 22:17 - 2014-12-12 13:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 12:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 12:17 - 2014-11-22 22:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 12:15 - 2015-12-31 00:15 - 00000000 ____D C:\Users\HF\AppData\Local\CrashDumps
2017-01-11 12:12 - 2014-11-22 22:56 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 01:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 01:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-10 18:09 - 2014-11-22 23:25 - 00000000 ____D C:\ProgramData\Spyware Terminator
2017-01-09 15:25 - 2014-11-29 17:53 - 00000000 ____D C:\Users\HF\AppData\Local\NVIDIA Corporation
2017-01-09 15:25 - 2014-11-22 22:59 - 00000000 ____D C:\Users\HF\AppData\Local\NVIDIA
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-09 13:17 - 2014-11-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-09 12:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Web
2017-01-09 11:16 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-01-09 10:50 - 2016-07-16 12:49 - 00000000 ____D C:\WINDOWS\Setup
2017-01-09 10:32 - 2016-11-04 17:48 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-08 19:08 - 2015-05-20 01:00 - 00000000 ____D C:\Users\HF\Documents\The Witcher 3
2016-12-31 17:54 - 2014-11-22 22:47 - 00000000 ____D C:\Users\HF\AppData\LocalLow
2016-12-28 06:31 - 2016-08-07 10:16 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-28 06:31 - 2016-08-07 10:16 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-20 22:28 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-20 22:27 - 2015-03-28 22:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-20 11:41 - 2015-05-19 22:05 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-12-16 13:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-16 12:48 - 2016-08-07 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch

==================== Files in the root of some directories =======

2016-07-30 13:04 - 2016-07-31 00:36 - 0000134 _____ () C:\Users\HF\AppData\Roaming\CSharpAnalytics-MeasurementQueue
2016-07-30 12:18 - 2016-07-31 00:36 - 0000443 _____ () C:\Users\HF\AppData\Roaming\CSharpAnalytics-MeasurementSession
2014-12-10 00:07 - 2014-12-10 00:07 - 0007605 _____ () C:\Users\HF\AppData\Local\Resmon.ResmonCfg
2015-01-02 22:55 - 2015-01-02 22:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-12 07:53 - 2012-08-31 14:08 - 0024772 _____ () C:\ProgramData\P1100DEF.css
2015-02-12 07:53 - 2015-02-12 07:53 - 0004244 _____ () C:\ProgramData\P1100OS.HTM
2015-02-12 07:53 - 2012-08-31 14:08 - 0002944 _____ () C:\ProgramData\P1100SIG.GIF

Some files in TEMP:
====================
C:\Users\HF\AppData\Local\Temp\Lambda.exe
C:\Users\HF\AppData\Local\Temp\proxy_vole1767528940019708325.dll
C:\Users\HF\AppData\Local\Temp\proxy_vole3116697628239399131.dll
C:\Users\HF\AppData\Local\Temp\proxy_vole7880667531538854534.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-11 01:44

==================== End of FRST.txt ============================
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#20 Příspěvek od Zanzdm »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2017
Ran by HF (14-01-2017 15:23:05)
Running from C:\Users\HF\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-07 09:21:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4039880186-1844316042-2073029014-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4039880186-1844316042-2073029014-503 - Limited - Disabled)
Guest (S-1-5-21-4039880186-1844316042-2073029014-501 - Limited - Disabled)
HF (S-1-5-21-4039880186-1844316042-2073029014-1000 - Administrator - Enabled) => C:\Users\HF

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 13 ActiveX (HKLM-x32\...\{10B037CE-CDF6-4B7F-85DC-057CBE774FB7}) (Version: 13.0.0.258 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácie NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Arcanika (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Arcanika) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Boid (HKLM\...\Steam App 314010) (Version: - Mokus)
Císařský ostrov 2: Pátrání po nové zemi (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Císařský ostrov 2: Pátrání po nové zemi) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Císařský ostrov 3: Expanze (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Císařský ostrov 3: Expanze) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0445 - Disc Soft Ltd)
Deathtrap (HKLM-x32\...\Deathtrap_is1) (Version: - NeocoreGames)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Elasto Mania (HKLM-x32\...\Elasto Mania) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fahrenheit Indigo Prophecy Remastered (HKLM-x32\...\Fahrenheit Indigo Prophecy Remastered_is1) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grey Goo (HKLM-x32\...\Grey Goo_is1) (Version: - )
HP Deskjet 4620 series Basic Device Software (HKLM\...\{6D790D6C-EF5F-40AC-A9BF-2ADF638C02AD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 4620 series Help (HKLM-x32\...\{5773FBCB-BA2C-4F3E-9904-48247BF752FC}) (Version: 6.0.0 - Hewlett Packard)
HP Deskjet 4620 series Product Improvement Study (HKLM\...\{8703F965-1B1F-491F-ACCF-2B0626732065}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HWiNFO64 Version 4.02 (HKLM\...\HWiNFO64_is1) (Version: 4.02 - Martin Malík - REALiX)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
INSIDE Demo (HKLM\...\Steam App 530210) (Version: - Playdead)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Legend of Grimrock 2 (HKLM-x32\...\Legend of Grimrock 2) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 sk) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 sk)) (Version: 32.0.3 - Mozilla)
Mozilla Firefox 50.1.0 (x86 sk) (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Mozilla Firefox 50.1.0 (x86 sk)) (Version: 50.1.0 - Mozilla)
NVIDIA 3D Vision radič ovládača 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Grafický ovládač 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 375.70 (Version: 375.70 - NVIDIA Corporation) Hidden
Pneuma Breath of Life (HKLM-x32\...\Pneuma Breath of Life_is1) (Version: - )
Quern - Undying Thoughts (HKLM\...\cXVlcm51bmR5aW5ndGhvdWdodHM_is1) (Version: 1 - )
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Rise of the Tomb Raider magyarítás (HKLM-x32\...\Rise of the Tomb Raider magyarítás) (Version: 1.0.1.0 - TombRaiderS.hu)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samorost 3 (HKLM\...\Steam App 421120) (Version: - Amanita Design)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Sigils of Elohim (HKLM\...\Steam App 321480) (Version: - Croteam)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam)
The Treasures of Montezuma 5 (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\The Treasures of Montezuma 5) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.8.2 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witness (HKLM-x32\...\Steam App 210970) (Version: - Thekla, Inc.)
There You Go (HKLM-x32\...\{E6ACA272-5C32-474F-B554-8DC366D6FED2}_is1) (Version: 0.3 - Octogear Games)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Trine 3 The Artifacts of Power (HKLM-x32\...\Trine 3 The Artifacts of Power_is1) (Version: - )
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 23.0 - Ubisoft)
Vampire Setup Tool v2.1.0.2 (CD) (HKLM-x32\...\Vampire Setup Tool_is1) (Version: 2.1.0.2 - LEC s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_is1) (Version: 1.06.329 - Decepticon)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A773F0-84D9-43D7-9018-8B5C63786BBD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0D304B76-C45E-4A99-895D-F9D90914CEC7} - System32\Tasks\CCleanerSkipUAC => D:\Program Files (x86)\Ccleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1C93ACF5-5617-43D3-8A34-F85EFBB32E3F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F2E7B48-7D22-4124-B111-BCFA8CBEBC77} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24761C72-F647-4ABC-B60A-6EAAFC43C31C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {287A7FC3-DC33-4D18-BFC2-7783A986A85F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32E7B271-B149-4507-81CF-66A1C4FD466C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36E4A44F-AA83-402E-AA9A-43F69697F21E} - System32\Tasks\HPCustParticipation HP Deskjet 4620 series => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3939D70D-73C7-4027-A7FF-DA2D18EB6F2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {3D8A0186-694F-4182-8295-87C8C760F48D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {406DD0A8-4734-4A4B-9832-DD8CB0AB77C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {43E7F056-78ED-4C3C-804D-46D9C2B1737B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {567F1894-0129-4E4D-8D38-E47172B3C8DF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {60E29AFC-FB22-47A1-BCB9-D2F89246CEF8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {629D3C01-B168-4B1F-AF9D-5AF1845F9CA9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66FA7D73-8405-46FA-9902-B98DAC77E43E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86610784-72A1-4954-9300-E62295344754} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-07] (Facebook Inc.)
Task: {8D85D839-1537-4C25-B949-A53EC58EB86F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {8FD88B27-4197-482A-B9DE-652BCE5E8963} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {90E84993-AACF-4F97-81DF-F4B5AE3CA496} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {98013681-F06C-429A-A60B-3FA20A156494} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {987DED66-420F-48C6-BF19-35D036F957A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-07] (Facebook Inc.)
Task: {9F16C6EF-6609-4310-A3DC-185F5B59F8B9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1CCB7E4-3D84-46BF-AEB2-56E28F92227D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A201C7BA-426A-4D9A-AC61-C4501248CB47} - System32\Tasks\{18771E40-0FE4-4711-A157-30BA2B2C17D5} => pcalua.exe -a "D:\Firefox Setup 32.0.3.exe" -d C:\Users\HF\Desktop
Task: {C2092512-7397-4E8D-B710-6461B4485801} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8326541-BDAA-4F08-9D02-8FDCFF334A9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D8951481-12FD-459B-9184-990F334DAD9D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {DA19B2DF-B2F6-4FA1-81BC-427CEE207C1E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DD45CD38-D16C-450E-BDD2-64D4D5FBEE7D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E3053430-C536-4879-AD93-C83DA7477DCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {E9745C4D-6BC9-4138-976C-CC0D7DEEFF17} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB310B81-687B-4880-B466-7EE113BD9683} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA749848-22C7-475E-BCF8-CE0190D7CAD0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC6D9907-0981-4F11-A7E0-DF38154758BD} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-01-10] (UC Web Inc.) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-11-23 22:01 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-03-07 20:02 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-29 03:40 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-07 20:02 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2015-03-28 22:18 - 2016-05-24 08:51 - 00116416 _____ () C:\PROGRAM FILES\MICROSOFT OFFICE 15\CLIENTX64\ApiClient.dll
2017-01-14 08:07 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-14 08:07 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\MwacLib.dll
2017-01-14 08:07 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\arwlib.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 22:33 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-07 10:03 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 10:27 - 2016-08-07 10:27 - 00959168 _____ () C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-09-15 00:28 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 19:22 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 19:21 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 19:21 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 21:08 - 2016-12-14 21:08 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-03-30 20:22 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-25 19:23 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-25 19:23 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-25 19:23 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-14 07:42 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-20 17:42 - 2016-09-20 17:42 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 53018112 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00507968 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01076800 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01854528 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00393280 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01589312 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00307776 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00330816 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00104000 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00520768 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00272448 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00157760 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00680000 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00425536 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-05-19 22:05 - 2016-12-20 11:40 - 00152128 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 01738752 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 00078848 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll
2016-12-13 13:04 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-05-25 19:22 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-01-10 18:53 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{A3CCCC52-64C4-461A-85DB-D28ACE0F17CB}] => d:\games\Imperial Island 2 The Search for New Land\F2PHttpDaemon.exe
FirewallRules: [{1040AC2C-DF8A-45FD-9177-993612918BA4}] => d:\games\Arcanika\F2PHttpDaemon.exe
FirewallRules: [{77B8F854-D89E-4854-AEC0-018F166C821C}] => d:\games\Imperial Island 3 Expansion\F2PHttpDaemon.exe
FirewallRules: [{FDC58FA9-CEC2-437C-ACE6-DA6216711CAC}] => d:\games\Imperial Island 3 Expansion\ImperialIsland3.wrp.exe
FirewallRules: [{55A6947F-AA39-4896-80E8-AF90CE3A8ACA}] => d:\games\Imperial Island 3 Expansion\ImperialIsland3.exe
FirewallRules: [{DC10B947-73C6-406B-8EC4-17EBAE625513}] => d:\games\The Treasures of Montezuma 5\F2PHttpDaemon.exe
FirewallRules: [{AB309106-1458-463D-A752-CC38B362D1E8}] => d:\games\The Treasures of Montezuma 5\TheTreasuresOfMontezuma5.exe
FirewallRules: [{CD8E39AA-DACD-41D8-8E2D-0CF73C6D60E6}] => C:\Program Files (x86)\Steam\steamapps\common\Boid\Boid.exe
FirewallRules: [{1C840F8E-2FC4-4F23-A9E0-B67DFCAD1C51}] => C:\Program Files (x86)\Steam\steamapps\common\Boid\Boid.exe
FirewallRules: [{81235BA4-BB06-4672-9C72-561FBF7D331B}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{9A938CC0-545F-4950-8439-995B4E0BE34A}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{9920BEC8-23C3-4B96-80EB-16E2A5749652}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{76824CDF-23AA-4719-990C-29E3BFA7B043}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{232025FA-50B9-4694-AF2C-2686248EB515}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{140D5A6D-7EC3-4AA9-9DE6-636FDAD5BCB0}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2EA22E97-E107-4318-B554-953EB39F3FAC}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{43F8BE30-43DF-4357-88E7-EE4AF8307EEB}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{B4129D2D-072C-4C6D-A977-7FF254235004}] => d:\games\Hero of the Kingdom 2\F2PHttpDaemon.exe
FirewallRules: [{3824CF97-CF5A-4717-A35D-A40305AF3CF0}] => d:\games\Hero of the Kingdom\F2PHttpDaemon.exe
FirewallRules: [{2D95F73B-B705-48E9-B26D-D01A87B6826B}] => d:\games\Rooms The Unsolvable Puzzle\F2PHttpDaemon.exe
FirewallRules: [{0ACA7B47-DBFC-4621-9D6F-690997EA6BD4}] => d:\games\Fables of the Kingdom\F2PHttpDaemon.exe
FirewallRules: [{C7701DCC-1944-4599-99EE-32419C6E9198}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{EFECEBAA-49C0-4011-B5DD-45602D658529}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{1583AE19-87A7-4561-98B8-F50F147E206D}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{53EB5B99-449E-4B44-B172-B6F810EA656D}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{BB8F1B68-585D-4E01-A7F3-75C1CB2BCA25}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E7584D5B-C3A0-4553-9EA1-07F85BD6AEFB}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66F8F096-8165-43EE-B6CE-51BA7180C417}] => C:\Users\HF\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A061188B-7A6F-41D1-844B-FC0619BF6506}] => D:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47DE17CC-3B09-4DF3-914E-83421B83E19B}] => D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{0BE291D3-36EF-44DC-BB31-2B0AA2E55739}] => D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{050E508A-47A1-4837-8D19-3C36A8CD89A8}] => D:\Games\Diablo III\Diablo III.exe
FirewallRules: [{690A8A39-F405-470E-B7ED-9807FD8C65C1}] => D:\Games\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{A72173D9-1FD8-4F71-BE6F-A06E2E64C145}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{7424E903-FD4E-4382-9A31-24EA144095A9}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{A4D1C175-4C86-4FCA-B220-F687CEEFE0EE}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\FaxApplications.exe
FirewallRules: [{374C9B75-9686-40FC-967D-4B3B59ABD8A3}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{85F46697-00C7-45F8-B98C-D1BDE937D2DE}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\SendAFax.exe
FirewallRules: [{48CF650C-8A6E-4F9A-B1EA-46D1BEDB5A7C}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{F579BEBF-526A-48A3-90A9-EFBEC4F5A070}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{84135734-8298-47B6-A332-2EED2B9B6D17}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{ECD4261C-00F3-4E8E-B72D-77CA31239B7B}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{242A9A2E-C8F3-432A-A86C-3413DDA3B1BB}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3E8496EE-E9C1-4378-A92A-164EF985EE3C}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0508203D-61FF-421E-842D-7BF54724115F}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{69ED5FC0-2D58-43FC-9753-38169049FD61}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [UDP Query User{E3CF19B0-4278-481C-AB00-770A014E58CB}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [TCP Query User{A0B49DAC-611C-4BED-B777-DD01C2F47B23}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [UDP Query User{71EBCA1F-900A-421C-A9F8-B3D54E39545A}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [{E06ADFF9-828F-48FF-B2CE-4E562EDF1D40}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9B001EBE-64E1-4457-8E15-70226D389DE7}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{393966E8-61DA-4F62-8807-1A2F78B4A73E}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3286FB9F-E05A-40F9-BB3E-4E845A3F2D1D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{321E0F7A-C783-4C8E-A756-8114F9117230}D:\games\grand theft auto v\gta5.exe] => D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{5B381A68-58A5-4A2D-A975-835BECBA0867}D:\games\grand theft auto v\gta5.exe] => D:\games\grand theft auto v\gta5.exe
FirewallRules: [{3809497D-9FB0-4709-AE88-8B8CB56BD6D9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A77466A-959F-41A0-BE36-26068290C065}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3FA72A56-EC7A-4A6A-BED7-61F865669E13}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2F1702E5-7801-473D-A5D3-D2599379EB8C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ACB068FE-2375-4676-BA18-CD8BA38AE29E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3BAE0FA-A21C-44F9-9E68-6552E649B670}] => C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{9E9594B2-377C-430D-9BFF-203E9AF3280D}] => C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A18DB4B6-820B-4BE2-880A-A852CAA249C8}] => D:\Games\Witness\steamapps\common\The Witness\witness_d3d11.exe
FirewallRules: [{FFD83B95-9276-409E-B251-7307F003D672}] => D:\Games\Witness\steamapps\common\The Witness\witness_d3d11.exe
FirewallRules: [{9F4C87AD-81AD-4B52-A1D1-520FD87C1890}] => D:\Games\Witness\steamapps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{F83387AF-39E3-4B3E-90CF-3CC7B101BB20}] => D:\Games\Witness\steamapps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{ABF26293-3755-410F-AED3-028B84CAC5FD}] => D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F8E6BA3B-5069-4F1A-BE83-398D6301A718}] => D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [TCP Query User{8EF70579-ABE7-4F7B-BE2F-12B505F6FD84}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [UDP Query User{9D5BB297-F749-4485-9378-672EDCA38BCE}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [TCP Query User{9FF636C5-8EDA-4964-B949-84600134A563}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [UDP Query User{E66034E4-6EA8-4E3A-9E77-B7516F372F80}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [{43A83DE8-C5A9-402E-8BFF-09B4CCD79289}] => C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe
FirewallRules: [{7AE411E6-49DD-4789-AA92-BA22BB6FE6A7}] => C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe
FirewallRules: [{2508444E-AB63-4ABB-96E3-A57EECF75E5E}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D10EB411-BBB1-4601-9233-988C8C316E50}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{61B65D66-DA0C-4041-AA80-CDE565C18F51}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{0D2F5EA8-80B4-4133-BAB7-2A0D42C6C849}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{D2410BC8-9C72-4CF1-A3C2-11E48A9F52A8}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{C15F86E3-5E89-42C9-ADF1-F33EF1F7546E}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{359081A5-197C-4895-BD3F-C8537525F0BE}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{6FAE664E-8857-4766-AF8F-0D0B9D555D69}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{3741A21D-D279-4A40-8C5F-D6FE324A6E38}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{8CFF223C-A8FA-4BC7-B435-211BEF6F3617}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{E965B364-4EDE-4779-B80C-FDF2FD36887E}] => C:\Program Files (x86)\Steam\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{BEF8BD3D-CD09-4B3B-81F2-2C1704FC1B46}] => C:\Program Files (x86)\Steam\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{4B925351-DF52-4ED4-B3CA-B9988202B2EE}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{E8DA4194-77EC-493C-886D-ADE80D0D058B}] => C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{DA9E34AD-3FD0-4497-BEA5-350FA0C68816}D:\games\far cry primal\bin\fcprimal.exe] => D:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{7FB228AE-A8C9-466B-ABB3-A889859A0463}D:\games\far cry primal\bin\fcprimal.exe] => D:\games\far cry primal\bin\fcprimal.exe

==================== Restore Points =========================

10-01-2017 18:42:41 Removed Java 8 Update 101

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2017 03:19:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0x14c0
Čas spustenia chybujúcej aplikácie: 0x01d26e714023a24e
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 865884ef-7096-4218-aaad-cf9e7f1c83fc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/14/2017 09:40:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/14/2017 09:25:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/14/2017 08:08:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/14/2017 08:07:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/14/2017 08:02:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: st_rsser64.exe, verzia: 3.0.1.105, časová značka: 0x564d73c5
Názov chybujúceho modulu: st_rsser64.exe, verzia: 3.0.1.105, časová značka: 0x564d73c5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000016ebdf
Identifikácia chybujúceho procesu: 0x888
Čas spustenia chybujúcej aplikácie: 0x01d26e341532b9a9
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
Identifikácia hlásenia: 002139cc-67ca-4b30-af7b-6a3fc250c02e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/14/2017 01:57:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/13/2017 07:28:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/13/2017 07:25:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0xcac
Čas spustenia chybujúcej aplikácie: 0x01d26dca70311b63
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 1779d0fe-0734-4926-ab04-0f6f5f6ac1fe
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/13/2017 01:10:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HF-PC)
Description: Aktivácia aplikácie Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (01/14/2017 03:19:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/14/2017 09:50:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/14/2017 09:49:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/14/2017 09:49:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby xuzetofy zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (01/14/2017 09:49:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WinDivert1.2 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (01/14/2017 08:02:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/14/2017 08:02:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Spyware Terminator 2012 Realtime Shield Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/14/2017 08:01:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby xuzetofy zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (01/14/2017 08:01:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WinDivert1.2 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (01/14/2017 08:01:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


CodeIntegrity:
===================================
Date: 2017-01-12 23:38:29.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:28.586
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:27.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:24.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:22.703
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:35:22.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:35:21.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 8190.05 MB
Available physical RAM: 5598.3 MB
Total Virtual: 16382.05 MB
Available Virtual: 13487.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.22 GB) (Free:45.04 GB) NTFS
Drive d: () (Fixed) (Total:833.76 GB) (Free:23.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A7535621)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=833.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7264
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: FIrefox mi otvára nežiadúce web stránky

#21 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument), kodovani: UTF-8 !!!
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2015-06-28] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2015-06-28] ()
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
S2 xuzetofy; C:\Program Files (x86)\368b2629-7a03-4729-9ab5-7b52dcab61d01483953004\kns44B7.tmp [X]
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S2 WinDivert1.2; \??\C:\WINDOWS\system32\drivers\WinDivert64.sys [X]
2017-01-14 01:44 - 2017-01-14 01:44 - 00000000 ____D C:\Users\HF\AppData\Roaming\KZMount
2017-01-10 18:58 - 2017-01-14 08:02 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-01-10 18:57 - 2017-01-10 18:57 - 00001587 _____ C:\Users\HF\Desktop\UC浏览器.lnk
2017-01-10 18:57 - 2017-01-10 18:57 - 00000000 ____D C:\Users\HF\AppData\Local\UCBrowser
2017-01-10 18:45 - 2017-01-14 09:18 - 00000000 ____D C:\Program Files\żěŃą
2017-01-10 18:45 - 2017-01-10 18:45 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2017-01-10 18:45 - 2017-01-10 18:45 - 00000882 _____ C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-01-10 18:45 - 2017-01-10 18:45 - 00000858 _____ C:\Users\HF\Desktop\żěŃą.lnk
2017-01-10 18:38 - 2017-01-10 18:57 - 00000462 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-01-10 18:38 - 2017-01-10 18:38 - 00001599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2017-01-10 18:38 - 2017-01-10 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-09 10:06 - 2017-01-10 20:09 - 00000000 ____D C:\Program Files (x86)\UCBrowser
Task: {FC6D9907-0981-4F11-A7E0-DF38154758BD} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-01-10] (UC Web Inc.) <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]
FirewallRules: [{4B925351-DF52-4ED4-B3CA-B9988202B2EE}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{E8DA4194-77EC-493C-886D-ADE80D0D058B}] => C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#22 Příspěvek od Zanzdm »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by HF (16-01-2017 15:52:35) Run:2
Running from C:\Users\HF\Desktop
Loaded Profiles: HF (Available Profiles: HF & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2015-06-28] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2015-06-28] ()
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File
S2 xuzetofy; C:\Program Files (x86)\368b2629-7a03-4729-9ab5-7b52dcab61d01483953004\kns44B7.tmp [X]
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION
S2 WinDivert1.2; \??\C:\WINDOWS\system32\drivers\WinDivert64.sys [X]
2017-01-14 01:44 - 2017-01-14 01:44 - 00000000 ____D C:\Users\HF\AppData\Roaming\KZMount
2017-01-10 18:58 - 2017-01-14 08:02 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-01-10 18:57 - 2017-01-10 18:57 - 00001587 _____ C:\Users\HF\Desktop\UC浏览器.lnk
2017-01-10 18:57 - 2017-01-10 18:57 - 00000000 ____D C:\Users\HF\AppData\Local\UCBrowser
2017-01-10 18:45 - 2017-01-14 09:18 - 00000000 ____D C:\Program Files\żěŃą
2017-01-10 18:45 - 2017-01-10 18:45 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2017-01-10 18:45 - 2017-01-10 18:45 - 00000882 _____ C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-01-10 18:45 - 2017-01-10 18:45 - 00000858 _____ C:\Users\HF\Desktop\żěŃą.lnk
2017-01-10 18:38 - 2017-01-10 18:57 - 00000462 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-01-10 18:38 - 2017-01-10 18:38 - 00001599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2017-01-10 18:38 - 2017-01-10 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-09 10:06 - 2017-01-10 20:09 - 00000000 ____D C:\Program Files (x86)\UCBrowser
Task: {FC6D9907-0981-4F11-A7E0-DF38154758BD} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-01-10] (UC Web Inc.) <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA.job => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]
FirewallRules: [{4B925351-DF52-4ED4-B3CA-B9988202B2EE}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{E8DA4194-77EC-493C-886D-ADE80D0D058B}] => C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktopChanges => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => key removed successfully
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => key not found.
HKLM\System\CurrentControlSet\Services\xuzetofy => key removed successfully
xuzetofy => service removed successfully
ucdrv => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ucdrv => key removed successfully
ucdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\WinDivert1.2 => key removed successfully
WinDivert1.2 => service removed successfully
C:\Users\HF\AppData\Roaming\KZMount => moved successfully
C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater => moved successfully
C:\Users\HF\Desktop\UC浏览器.lnk => moved successfully
C:\Users\HF\AppData\Local\UCBrowser => moved successfully
C:\Program Files\żěŃą => moved successfully
"C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys" => not found.
C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk => moved successfully
C:\Users\HF\Desktop\żěŃą.lnk => moved successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 => moved successfully

"C:\Program Files (x86)\UCBrowser" folder move:

Could not move "C:\Program Files (x86)\UCBrowser" => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FC6D9907-0981-4F11-A7E0-DF38154758BD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC6D9907-0981-4F11-A7E0-DF38154758BD} => key removed successfully
C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserSecureUpdater => key removed successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA.job => moved successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => not found.
C:\WINDOWS\system32\drivers => ":ucdrv-x64.sys" ADS removed successfully.
C:\WINDOWS\system32\drivers => ":x64" ADS removed successfully.
C:\WINDOWS\system32\drivers => ":x86" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B925351-DF52-4ED4-B3CA-B9988202B2EE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8DA4194-77EC-493C-886D-ADE80D0D058B} => value removed successfully

========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is B0A3-610A

Directory of C:\PROGRA~1

16. 01. 2017 15:53 <DIR> .
16. 01. 2017 15:53 <DIR> ..
07. 08. 2016 10:08 <DIR> Common Files
23. 11. 2014 21:49 <DIR> DIFX
20. 06. 2016 23:28 <DIR> DVD Maker
07. 08. 2016 10:08 <DIR> HP
11. 01. 2017 13:18 <DIR> Internet Explorer
07. 08. 2016 10:08 <DIR> Microsoft Games
20. 12. 2016 22:27 <DIR> Microsoft Office 15
07. 08. 2016 10:55 <DIR> MSBuild
09. 01. 2017 13:17 <DIR> NVIDIA Corporation
07. 08. 2016 10:55 <DIR> Reference Assemblies
09. 08. 2015 11:55 <DIR> Rockstar Games
07. 08. 2016 10:03 <DIR> VIA
23. 11. 2014 21:49 <DIR> WDCSAM
15. 09. 2016 00:38 <DIR> Windows Defender
12. 10. 2016 22:42 <DIR> Windows Mail
27. 10. 2016 22:32 <DIR> Windows Media Player
16. 07. 2016 12:47 <DIR> Windows Multimedia Platform
16. 07. 2016 12:47 <DIR> Windows NT
12. 10. 2016 22:42 <DIR> Windows Photo Viewer
16. 07. 2016 12:47 <DIR> Windows Portable Devices
16. 07. 2016 12:47 <DIR> WindowsPowerShell
0 File(s) 0 bytes
23 Dir(s) 47˙890˙608˙128 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is B0A3-610A

Directory of C:\PROGRA~2

14. 01. 2017 08:07 <DIR> .
14. 01. 2017 08:07 <DIR> ..
17. 10. 2016 19:23 <DIR> Autodesk
10. 01. 2017 18:43 <DIR> Common Files
20. 12. 2016 11:41 <DIR> GalaxyClient
25. 11. 2016 16:53 <DIR> Google
02. 01. 2015 22:56 <DIR> HP
11. 01. 2017 13:18 <DIR> Internet Explorer
30. 03. 2015 18:18 <DIR> Logitech
14. 01. 2017 08:07 <DIR> Malwarebytes Anti-Malware
02. 01. 2015 22:56 <DIR> Microsoft
24. 01. 2015 16:52 <DIR> Microsoft ASP.NET
28. 03. 2015 22:19 <DIR> Microsoft Office
28. 03. 2015 22:23 <DIR> Microsoft OneDrive
30. 07. 2016 12:18 <DIR> Microsoft XNA
07. 08. 2016 10:08 <DIR> Microsoft.NET
07. 08. 2016 10:55 <DIR> MSBuild
09. 01. 2017 13:17 <DIR> NVIDIA Corporation
20. 09. 2015 13:17 <DIR> Origin
20. 09. 2015 13:19 <DIR> Origin Games
07. 08. 2016 10:55 <DIR> Reference Assemblies
09. 08. 2015 11:55 <DIR> Rockstar Games
30. 08. 2015 20:46 <DIR> SEGA
28. 10. 2016 08:18 <DIR> Skype
11. 12. 2015 00:08 <DIR> Spyware Terminator
16. 01. 2017 14:14 <DIR> Steam
10. 01. 2017 20:09 <DIR> UCBrowser
04. 11. 2016 13:27 <DIR> VulkanRT
20. 09. 2015 13:23 <DIR> WestwoodOnline
15. 09. 2016 00:38 <DIR> Windows Defender
15. 09. 2016 00:38 <DIR> Windows Mail
27. 10. 2016 22:32 <DIR> Windows Media Player
16. 07. 2016 12:47 <DIR> Windows Multimedia Platform
16. 07. 2016 12:47 <DIR> Windows NT
12. 10. 2016 22:42 <DIR> Windows Photo Viewer
16. 07. 2016 12:47 <DIR> Windows Portable Devices
16. 07. 2016 12:47 <DIR> WindowsPowerShell
0 File(s) 0 bytes
37 Dir(s) 47˙890˙546˙688 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is B0A3-610A

Directory of C:\PROGRA~3

05. 11. 2016 18:32 <DIR> Adobe
14. 01. 2017 15:41 <DIR> AlawarWrapper
02. 01. 2015 22:55 57 Ament.ini
10. 10. 2015 16:26 <DIR> Anawiki
24. 12. 2014 19:38 <DIR> Battle.net
24. 12. 2014 19:39 <DIR> Blizzard Entertainment
05. 07. 2015 00:28 <DIR> boost_interprocess
16. 07. 2016 12:47 <DIR> Comms
21. 01. 2015 20:14 <DIR> DAEMON Tools Lite
28. 01. 2015 06:36 <DIR> DAEMON Tools Pro
21. 01. 2015 19:49 <DIR> DAEMON Tools Ult
21. 01. 2015 19:49 <DIR> DAEMON Tools Ultra
20. 09. 2015 13:15 <DIR> Electronic Arts
10. 07. 2015 19:01 <DIR> FloodLightGames
19. 05. 2015 22:05 <DIR> GOG.com
02. 01. 2015 22:55 <DIR> HP
01. 03. 2015 13:46 <DIR> JAGUAR
26. 11. 2014 21:16 <DIR> Macrovision
14. 01. 2017 08:07 <DIR> Malwarebytes
27. 03. 2015 20:26 <DIR> Microsoft Help
07. 08. 2016 10:25 <DIR> Microsoft OneDrive
12. 02. 2015 22:41 <DIR> Microsoft Toolkit
16. 01. 2017 15:53 <DIR> NVIDIA
09. 01. 2017 13:17 <DIR> NVIDIA Corporation
04. 09. 2016 18:25 <DIR> Oracle
28. 01. 2015 06:42 <DIR> Orbit
29. 09. 2015 01:50 <DIR> Origin
31. 08. 2012 14:08 24˙772 P1100DEF.css
12. 02. 2015 07:53 4˙244 P1100OS.HTM
31. 08. 2012 14:08 2˙944 P1100SIG.GIF
04. 10. 2016 21:08 <DIR> Package Cache
20. 12. 2016 22:28 <DIR> regid.1991-06.com.microsoft
26. 12. 2014 22:10 <DIR> RELOADED
30. 03. 2015 18:20 <DIR> Skype
09. 08. 2015 11:56 <DIR> Socialclub
16. 07. 2016 12:47 <DIR> SoftwareDistribution
10. 01. 2017 18:09 <DIR> Spyware Terminator
28. 01. 2015 06:42 <DIR> Steam
11. 07. 2015 20:07 <DIR> TEMP
07. 08. 2016 10:22 <DIR> USOPrivate
07. 08. 2016 10:22 <DIR> USOShared
4 File(s) 32˙017 bytes
37 Dir(s) 47˙890˙485˙248 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is B0A3-610A

Directory of C:\Users\HF\AppData\Local

16. 01. 2017 15:53 <DIR> .
16. 01. 2017 15:53 <DIR> ..
20. 06. 2016 23:42 <DIR> ActiveSync
11. 07. 2015 21:02 <DIR> Adobe
19. 07. 2016 20:24 <DIR> AlawarWrapper
26. 11. 2016 21:15 <DIR> AM2R
10. 01. 2016 09:47 <DIR> Battle.net
24. 12. 2014 19:39 <DIR> Blizzard Entertainment
26. 07. 2015 21:21 <DIR> CEF
13. 12. 2016 13:05 <DIR> Chromium
20. 06. 2016 23:59 <DIR> Comms
07. 08. 2016 20:07 <DIR> ConnectedDevicesPlatform
11. 01. 2017 12:15 <DIR> CrashDumps
01. 02. 2015 15:27 <DIR> Diagnostics
14. 12. 2014 23:01 <DIR> Disc_Soft_Ltd
10. 03. 2015 21:51 <DIR> EMU
01. 12. 2014 14:03 <DIR> Facebook
23. 04. 2016 13:30 <DIR> Fallout4
27. 08. 2015 19:10 <DIR> fantasy_mosaics_10_iwin
09. 10. 2015 20:10 <DIR> fantasy_mosaics_11
22. 08. 2015 23:52 <DIR> fantasy_mosaics_9_iwin
09. 08. 2015 16:56 <DIR> GalaxyCommunicationService
03. 04. 2016 12:55 111˙056 GDIPFONTCACHEV1.DAT
23. 11. 2014 21:05 <DIR> GHISLER
08. 11. 2015 22:01 <DIR> Google
02. 06. 2015 19:18 <DIR> GWX
02. 01. 2015 22:57 <DIR> HP
14. 06. 2015 13:40 <DIR> KiteDemo
18. 09. 2016 21:31 <DIR> LD_31
11. 07. 2016 13:44 <DIR> MacGo
24. 11. 2014 00:49 <DIR> Macromedia
09. 01. 2017 10:11 <DIR> Microsoft
09. 07. 2015 20:34 <DIR> Microsoft Help
21. 06. 2016 09:08 <DIR> MicrosoftEdge
22. 11. 2014 22:52 <DIR> Mozilla
09. 01. 2017 15:25 <DIR> NVIDIA
09. 01. 2017 15:25 <DIR> NVIDIA Corporation
12. 03. 2015 19:54 <DIR> Ori and the Blind Forest
20. 09. 2015 13:25 <DIR> Origin
13. 01. 2017 22:02 <DIR> Packages
25. 11. 2014 23:32 <DIR> Programs
20. 06. 2016 23:41 <DIR> Publishers
10. 12. 2014 00:07 7˙605 Resmon.ResmonCfg
09. 08. 2015 11:57 <DIR> Rockstar Games
24. 12. 2014 19:02 <DIR> SKIDROW
22. 12. 2014 17:57 <DIR> Skype
13. 12. 2016 13:05 <DIR> Steam
16. 01. 2017 15:51 <DIR> Temp
18. 05. 2016 22:09 <DIR> TempTaskUpdateDetection34734CF9-2C16-4A7C-94BD-DE4F2398DDEF
13. 05. 2016 22:25 <DIR> TempTaskUpdateDetection40563C81-6379-4AC6-98EB-0BA2BD7E43C9
15. 05. 2016 09:33 <DIR> TempTaskUpdateDetection6D1533B8-352B-4481-BCE4-885C22B68ED5
17. 05. 2016 16:22 <DIR> TempTaskUpdateDetection73DDEC18-9BFB-4816-B491-8844546D5040
26. 11. 2014 00:07 <DIR> The Witcher 2
13. 03. 2016 00:17 <DIR> ThenightHenryAllenDied
07. 02. 2015 14:53 <DIR> Thinstall
20. 06. 2016 23:40 <DIR> TileDataLayer
04. 09. 2016 18:31 <DIR> TotallyUnbalanced
06. 09. 2015 17:09 <DIR> toy soldiers war chest
05. 10. 2016 20:17 <DIR> Ubisoft
10. 12. 2016 21:41 <DIR> Ubisoft Game Launcher
04. 09. 2016 18:31 <DIR> UnrealEngine
28. 02. 2016 23:14 <DIR> VirtualStore
2 File(s) 118˙661 bytes
60 Dir(s) 47˙890˙427˙904 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is B0A3-610A

Directory of C:\Users\HF\AppData\Roaming

16. 01. 2017 15:53 <DIR> .
16. 01. 2017 15:53 <DIR> ..
29. 11. 2014 14:37 <DIR> Absolutist
05. 11. 2016 18:32 <DIR> Adobe
31. 07. 2016 22:58 <DIR> AlawarEntertainment
28. 12. 2016 22:27 <DIR> Amanita-Design.Samorost3
31. 07. 2016 23:00 <DIR> Arcanika
11. 01. 2015 19:44 <DIR> Artogon
24. 12. 2014 19:44 <DIR> Battle.net
01. 11. 2015 21:58 <DIR> cerasus.media
18. 10. 2016 18:39 <DIR> Crystal Dynamics
31. 07. 2016 00:36 134 CSharpAnalytics-MeasurementQueue
31. 07. 2016 00:36 443 CSharpAnalytics-MeasurementSession
21. 08. 2016 23:20 <DIR> DAEMON Tools iSCSI Target
21. 01. 2015 21:37 <DIR> DAEMON Tools Lite
24. 07. 2016 10:00 <DIR> DAEMON Tools Pro
14. 12. 2014 22:27 <DIR> DAEMON Tools Ult
14. 12. 2014 22:27 <DIR> DAEMON Tools Ultra
01. 05. 2016 11:31 <DIR> dvdcss
19. 03. 2016 20:25 <DIR> Eipix
10. 10. 2015 17:42 <DIR> Elephant Games
03. 01. 2016 21:20 <DIR> ERS G-Studio
10. 07. 2015 19:01 <DIR> FloodLightGames
30. 05. 2015 13:41 <DIR> Garmin
23. 11. 2014 21:33 <DIR> GHISLER
09. 01. 2015 23:24 <DIR> HpUpdate
22. 11. 2014 22:47 <DIR> Identities
25. 07. 2016 20:34 <DIR> Lonely Troops
23. 11. 2014 22:01 <DIR> Macromedia
14. 07. 2009 08:54 <DIR> Media Center Programs
22. 11. 2014 22:52 <DIR> Mozilla
08. 08. 2015 19:22 <DIR> NVIDIA
24. 09. 2015 20:06 <DIR> Origin
19. 07. 2016 20:25 <DIR> OWL Studio
21. 03. 2015 23:41 <DIR> Petroglyph
09. 01. 2017 11:47 <DIR> Profiles
14. 01. 2017 15:41 <DIR> quickclick
03. 04. 2015 14:04 <DIR> Skype
22. 11. 2014 23:25 <DIR> Spyware Terminator
14. 12. 2014 23:05 <DIR> Steam
04. 09. 2016 18:13 <DIR> Sun
12. 08. 2016 21:58 <DIR> Taito Legends
30. 05. 2016 21:44 <DIR> The Witness
07. 02. 2015 14:53 <DIR> Thinstall
22. 08. 2015 21:56 <DIR> Trine3
14. 01. 2017 01:17 <DIR> vlc
07. 02. 2015 14:46 <DIR> WinRAR
13. 01. 2015 21:44 <DIR> Yacht Club Games
2 File(s) 577 bytes
46 Dir(s) 47˙877˙562˙368 bytes free

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 5927448 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11742700 B
Java, Flash, Steam htmlcache => 139570 B
Windows/system/drivers => 3044806 B
Edge => 0 B
Chrome => 0 B
Firefox => 378966067 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 8386 B
HF => 211516768 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 583 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-01-2017 15:55:28)

"C:\Program Files (x86)\UCBrowser" => Could not move

==== End of Fixlog 15:55:32 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7264
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: FIrefox mi otvára nežiadúce web stránky

#23 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
Unlock: C:\Program Files (x86)\UCBrowser
C:\Program Files (x86)\UCBrowser
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#24 Příspěvek od Zanzdm »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by HF (16-01-2017 16:17:53) Run:3
Running from C:\Users\HF\Desktop
Loaded Profiles: HF (Available Profiles: HF & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Unlock: C:\Program Files (x86)\UCBrowser
C:\Program Files (x86)\UCBrowser
C:\Users\HF\AppData\Roaming\quickclick
End
*****************

Restore point was successfully created.
Processes closed successfully.
"C:\Program Files (x86)\UCBrowser" => was unlocked

"C:\Program Files (x86)\UCBrowser" folder move:

Could not move "C:\Program Files (x86)\UCBrowser" => Scheduled to move on reboot.

C:\Users\HF\AppData\Roaming\quickclick => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-01-2017 16:20:19)

"C:\Program Files (x86)\UCBrowser" => Could not move

==== End of Fixlog 16:20:25 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7264
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: FIrefox mi otvára nežiadúce web stránky

#25 Příspěvek od altrok »

Nabootujte do nouzoveho rezimu a pokuste se slozku C:\Program Files (x86)\UCBrowser smazat rucne.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#26 Příspěvek od Zanzdm »

Ok, vyzerá to tak že sa mi adresár podarilo vymazať.
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7264
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: FIrefox mi otvára nežiadúce web stránky

#27 Příspěvek od altrok »

Skvele! Popiste prosim soucasne problemy a dejte nove logy FRST.txt a Addition.txt
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#28 Příspěvek od Zanzdm »

Takže podľa mňa bez viditeľných problémov:
- žiadne nežiaduce www
- HDD viac oddychuje ako pracuje :thumbsup:
- PC pracuje rýchlejšie (aj pri práci s netom)
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#29 Příspěvek od Zanzdm »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
Ran by HF (administrator) on HF-PC (16-01-2017 23:23:02)
Running from C:\Users\HF\Desktop
Loaded Profiles: HF (Available Profiles: HF & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Ghisler Software GmbH) D:\Program Files (x86)\Total Commander 64bit 8.0\TOTALCMD64.EXE
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5318992 2015-12-10] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5557584 2015-12-10] (Crawler Group, LLC)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [HP Deskjet 4620 series (NET)] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3971648 2016-12-20] (GOG.com)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Run: [CCleaner Monitoring] => D:\Program Files (x86)\Ccleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll [2016-08-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-11-26]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\HF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2015-07-10]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{aeaadf67-9893-4422-af13-2bc8efd56a19}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-07-28] (Crawler Group, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-07-28] (Crawler Group, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default [2017-01-16]
FF Session Restore: Mozilla\Firefox\Profiles\fwuohxmc.default -> is enabled.
FF Extension: (Garmin Communicator) - C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-12-29]
FF Extension: (Adblock Plus) - C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF SearchPlugin: C:\Users\HF\AppData\Roaming\Mozilla\Firefox\Profiles\fwuohxmc.default\searchplugins\google-default.xml [2015-01-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4039880186-1844316042-2073029014-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\HF\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2014-11-26] () [File not signed]
R2 ClickToRunSvc; C:\PROGRAM FILES\MICROSOFT OFFICE 15\CLIENTX64\OFFICECLICKTORUN.EXE [3042032 2016-11-01] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-12-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-10] (GOG.com)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-20] (Electronic Arts)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [315488 2015-01-02] (Skype Technologies)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3267408 2015-12-10] (Crawler Group, LLC)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2016-08-21] (Disc Soft Ltd)
S3 dtscsibus; C:\WINDOWS\System32\DRIVERS\dtscsibus.sys [29864 2015-01-28] (Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-21] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 HWiNFO32; D:\Program Files (x86)\HWiNFO64\HWiNFO64A.SYS [30592 2012-05-10] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-14] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-16] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-16] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-16] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-16 15:55 - 2017-01-16 15:55 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-01-14 15:21 - 2017-01-16 15:52 - 00000000 ____D C:\Users\HF\Desktop\FRST-OlderVersion
2017-01-14 08:08 - 2017-01-14 08:08 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-14 08:07 - 2017-01-16 16:30 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-14 08:07 - 2017-01-16 16:30 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-14 08:07 - 2017-01-16 16:30 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-14 08:07 - 2017-01-14 08:07 - 00001285 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-14 08:07 - 2017-01-14 08:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-01-14 08:07 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-14 08:05 - 2017-01-14 08:05 - 54199488 _____ (Malwarebytes ) C:\Users\HF\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-14 01:57 - 2017-01-14 01:57 - 00000877 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-01-11 00:44 - 2017-01-14 15:24 - 00055768 _____ C:\Users\HF\Desktop\Addition.txt
2017-01-11 00:43 - 2017-01-16 23:23 - 00016534 _____ C:\Users\HF\Desktop\FRST.txt
2017-01-10 19:22 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 19:22 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 19:22 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-10 19:22 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-10 19:22 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-10 19:22 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-10 19:22 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-10 19:22 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-10 19:22 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-10 19:22 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 19:22 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 19:22 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-10 19:22 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-10 19:22 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-10 19:22 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-10 19:22 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-10 19:22 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 19:22 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-10 19:22 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-10 19:22 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-10 19:22 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-10 19:22 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-10 19:22 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-10 19:22 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-10 19:22 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-10 19:22 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 19:22 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-10 19:22 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 19:22 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-10 19:22 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 19:22 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-10 19:22 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-10 19:22 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-10 19:22 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-10 19:22 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 19:22 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 19:22 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-10 19:22 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 19:22 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-10 19:22 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 19:22 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 19:22 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-10 19:22 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-10 19:22 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-10 19:22 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-10 19:22 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-10 19:22 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 19:22 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-10 19:22 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-10 19:22 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-10 19:22 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-10 19:22 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-10 19:22 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-10 19:22 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-10 19:22 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-10 19:22 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 19:22 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-10 19:22 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 19:22 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 19:22 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 19:22 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-10 19:22 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-10 19:22 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 19:22 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 19:22 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 19:22 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-10 19:22 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-10 19:22 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-10 19:22 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 19:22 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-10 19:22 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-10 19:22 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 19:22 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 19:22 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-10 19:22 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 19:22 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-10 19:22 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 19:22 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 19:22 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-10 19:22 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-10 19:22 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-10 19:22 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-10 19:22 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-10 19:22 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-10 19:22 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-10 19:21 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-10 19:21 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-10 19:21 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-10 19:21 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 19:21 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 19:21 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 19:21 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 19:21 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 19:21 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 19:21 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 19:21 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-10 19:21 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 19:21 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-10 19:21 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-10 19:21 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 19:21 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 19:21 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-10 19:21 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-10 19:21 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-10 19:21 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-10 19:21 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-10 19:21 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-10 19:21 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-10 19:21 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-10 19:21 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-10 19:21 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-10 19:21 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 19:21 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-10 19:21 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 19:21 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 19:21 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 19:21 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 19:21 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 19:21 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-10 19:21 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 19:21 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 19:21 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 19:21 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 19:21 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 19:21 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 19:21 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 19:21 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 19:21 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-10 19:21 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 19:21 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-10 19:21 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 19:21 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 19:21 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 19:21 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-10 19:21 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 19:21 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 19:21 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 19:21 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 18:53 - 2017-01-16 16:20 - 00001001 _____ C:\Users\HF\Desktop\Fixlog.txt
2017-01-10 18:49 - 2017-01-10 18:49 - 00009323 _____ C:\Users\HF\Documents\fixlist.txt
2017-01-10 18:03 - 2017-01-10 18:04 - 03988944 _____ C:\Users\HF\Downloads\adwcleaner_6.042.exe
2017-01-10 17:46 - 2017-01-10 17:48 - 00061452 _____ C:\Users\HF\Downloads\Addition.txt
2017-01-10 17:45 - 2017-01-16 23:23 - 00000000 ____D C:\FRST
2017-01-10 17:45 - 2017-01-10 17:48 - 00045415 _____ C:\Users\HF\Downloads\FRST.txt
2017-01-10 17:44 - 2017-01-16 15:52 - 02419200 _____ (Farbar) C:\Users\HF\Desktop\FRST64.exe
2017-01-09 13:09 - 2017-01-09 13:10 - 00017346 _____ C:\WINDOWS\ntbtlog.txt
2017-01-09 12:57 - 2017-01-16 16:35 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-12-31 17:54 - 2016-12-31 17:54 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Artplant
2016-12-31 17:49 - 2016-12-31 17:51 - 00000000 ____D C:\Users\HF\Documents\GrimmDarkLegacy
2016-12-31 17:49 - 2016-12-31 17:49 - 00000000 ____D C:\Users\HF\Documents\SkidRow
2016-12-28 22:27 - 2016-12-28 22:27 - 00000000 ____D C:\Users\HF\AppData\Roaming\Amanita-Design.Samorost3
2016-12-25 18:51 - 2016-12-25 18:51 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Zadbox Entertainment
2016-12-21 20:53 - 2016-12-21 20:53 - 00024574 _____ C:\Users\HF\Desktop\66907082.jpg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-16 23:21 - 2016-11-18 00:44 - 00000000 ____D C:\Users\HF\AppData\LocalLow\Mozilla
2017-01-16 23:16 - 2016-08-07 10:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-16 22:45 - 2015-05-25 19:21 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-16 20:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-16 16:55 - 2016-08-07 10:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-16 16:55 - 2016-08-07 10:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-16 16:54 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-16 16:30 - 2016-06-21 08:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-15 02:40 - 2016-08-07 10:06 - 00000000 ____D C:\Users\HF
2017-01-14 21:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 21:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-14 15:41 - 2016-07-19 20:24 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-01-14 08:07 - 2016-06-21 08:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-14 08:00 - 2015-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2017-01-14 01:59 - 2014-12-24 19:02 - 00000000 ____D C:\Users\HF\Documents\My Games
2017-01-14 01:17 - 2014-11-23 21:55 - 00000000 ____D C:\Users\HF\AppData\Roaming\vlc
2017-01-13 22:02 - 2016-06-20 23:40 - 00000000 ____D C:\Users\HF\AppData\Local\Packages
2017-01-13 19:27 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-11 22:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 22:26 - 2016-04-27 07:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 22:17 - 2016-08-07 10:01 - 00341344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 22:17 - 2014-12-12 13:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 13:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 12:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 12:17 - 2014-11-22 22:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 12:15 - 2015-12-31 00:15 - 00000000 ____D C:\Users\HF\AppData\Local\CrashDumps
2017-01-11 12:12 - 2014-11-22 22:56 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 01:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 01:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-10 18:09 - 2014-11-22 23:25 - 00000000 ____D C:\ProgramData\Spyware Terminator
2017-01-09 15:25 - 2014-11-29 17:53 - 00000000 ____D C:\Users\HF\AppData\Local\NVIDIA Corporation
2017-01-09 15:25 - 2014-11-22 22:59 - 00000000 ____D C:\Users\HF\AppData\Local\NVIDIA
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-09 13:17 - 2016-08-07 10:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-09 13:17 - 2014-11-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-09 12:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Web
2017-01-09 11:16 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-01-09 10:50 - 2016-07-16 12:49 - 00000000 ____D C:\WINDOWS\Setup
2017-01-09 10:32 - 2016-11-04 17:48 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-08 19:08 - 2015-05-20 01:00 - 00000000 ____D C:\Users\HF\Documents\The Witcher 3
2016-12-31 17:54 - 2014-11-22 22:47 - 00000000 ____D C:\Users\HF\AppData\LocalLow
2016-12-28 06:31 - 2016-08-07 10:16 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-28 06:31 - 2016-08-07 10:16 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-20 22:28 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-20 22:27 - 2015-03-28 22:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-20 11:41 - 2015-05-19 22:05 - 00000000 ____D C:\Program Files (x86)\GalaxyClient

==================== Files in the root of some directories =======

2016-07-30 13:04 - 2016-07-31 00:36 - 0000134 _____ () C:\Users\HF\AppData\Roaming\CSharpAnalytics-MeasurementQueue
2016-07-30 12:18 - 2016-07-31 00:36 - 0000443 _____ () C:\Users\HF\AppData\Roaming\CSharpAnalytics-MeasurementSession
2014-12-10 00:07 - 2014-12-10 00:07 - 0007605 _____ () C:\Users\HF\AppData\Local\Resmon.ResmonCfg
2015-01-02 22:55 - 2015-01-02 22:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-12 07:53 - 2012-08-31 14:08 - 0024772 _____ () C:\ProgramData\P1100DEF.css
2015-02-12 07:53 - 2015-02-12 07:53 - 0004244 _____ () C:\ProgramData\P1100OS.HTM
2015-02-12 07:53 - 2012-08-31 14:08 - 0002944 _____ () C:\ProgramData\P1100SIG.GIF

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-11 01:44

==================== End of FRST.txt ============================
Nahoru
Zanzdm
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 01 říj 2013 22:59

Re: FIrefox mi otvára nežiadúce web stránky

#30 Příspěvek od Zanzdm »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by HF (16-01-2017 23:24:14)
Running from C:\Users\HF\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-07 09:21:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4039880186-1844316042-2073029014-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4039880186-1844316042-2073029014-503 - Limited - Disabled)
Guest (S-1-5-21-4039880186-1844316042-2073029014-501 - Limited - Disabled)
HF (S-1-5-21-4039880186-1844316042-2073029014-1000 - Administrator - Enabled) => C:\Users\HF

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 13 ActiveX (HKLM-x32\...\{10B037CE-CDF6-4B7F-85DC-057CBE774FB7}) (Version: 13.0.0.258 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Aktualizácie NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Arcanika (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Arcanika) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Boid (HKLM\...\Steam App 314010) (Version: - Mokus)
Císařský ostrov 2: Pátrání po nové zemi (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Císařský ostrov 2: Pátrání po nové zemi) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Císařský ostrov 3: Expanze (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Císařský ostrov 3: Expanze) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0445 - Disc Soft Ltd)
Deathtrap (HKLM-x32\...\Deathtrap_is1) (Version: - NeocoreGames)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Elasto Mania (HKLM-x32\...\Elasto Mania) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fahrenheit Indigo Prophecy Remastered (HKLM-x32\...\Fahrenheit Indigo Prophecy Remastered_is1) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grey Goo (HKLM-x32\...\Grey Goo_is1) (Version: - )
HP Deskjet 4620 series Basic Device Software (HKLM\...\{6D790D6C-EF5F-40AC-A9BF-2ADF638C02AD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 4620 series Help (HKLM-x32\...\{5773FBCB-BA2C-4F3E-9904-48247BF752FC}) (Version: 6.0.0 - Hewlett Packard)
HP Deskjet 4620 series Product Improvement Study (HKLM\...\{8703F965-1B1F-491F-ACCF-2B0626732065}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HWiNFO64 Version 4.02 (HKLM\...\HWiNFO64_is1) (Version: 4.02 - Martin Malík - REALiX)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
INSIDE Demo (HKLM\...\Steam App 530210) (Version: - Playdead)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Legend of Grimrock 2 (HKLM-x32\...\Legend of Grimrock 2) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 sk) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 sk)) (Version: 32.0.3 - Mozilla)
Mozilla Firefox 50.1.0 (x86 sk) (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\Mozilla Firefox 50.1.0 (x86 sk)) (Version: 50.1.0 - Mozilla)
NVIDIA 3D Vision radič ovládača 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Grafický ovládač 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 375.70 (Version: 375.70 - NVIDIA Corporation) Hidden
Pneuma Breath of Life (HKLM-x32\...\Pneuma Breath of Life_is1) (Version: - )
Quern - Undying Thoughts (HKLM\...\cXVlcm51bmR5aW5ndGhvdWdodHM_is1) (Version: 1 - )
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Rise of the Tomb Raider magyarítás (HKLM-x32\...\Rise of the Tomb Raider magyarítás) (Version: 1.0.1.0 - TombRaiderS.hu)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samorost 3 (HKLM\...\Steam App 421120) (Version: - Amanita Design)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Sigils of Elohim (HKLM\...\Steam App 321480) (Version: - Croteam)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam)
The Treasures of Montezuma 5 (HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\...\The Treasures of Montezuma 5) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.8.2 - GOG.com)
The Witcher 3: Wild Hunt - Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witness (HKLM-x32\...\Steam App 210970) (Version: - Thekla, Inc.)
There You Go (HKLM-x32\...\{E6ACA272-5C32-474F-B554-8DC366D6FED2}_is1) (Version: 0.3 - Octogear Games)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Trine 3 The Artifacts of Power (HKLM-x32\...\Trine 3 The Artifacts of Power_is1) (Version: - )
UE4 Prerequisites (x64) (HKLM-x32\...\{9514471f-b41e-41f7-af03-7da1d05b279e}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 23.0 - Ubisoft)
Vampire Setup Tool v2.1.0.2 (CD) (HKLM-x32\...\Vampire Setup Tool_is1) (Version: 2.1.0.2 - LEC s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Watch Dogs (HKLM-x32\...\Watch Dogs_is1) (Version: 1.06.329 - Decepticon)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A773F0-84D9-43D7-9018-8B5C63786BBD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0D304B76-C45E-4A99-895D-F9D90914CEC7} - System32\Tasks\CCleanerSkipUAC => D:\Program Files (x86)\Ccleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {16257E0F-6654-4A5B-9FA4-92407DD71551} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe <==== ATTENTION
Task: {1C93ACF5-5617-43D3-8A34-F85EFBB32E3F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F2E7B48-7D22-4124-B111-BCFA8CBEBC77} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24761C72-F647-4ABC-B60A-6EAAFC43C31C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {287A7FC3-DC33-4D18-BFC2-7783A986A85F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32E7B271-B149-4507-81CF-66A1C4FD466C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36E4A44F-AA83-402E-AA9A-43F69697F21E} - System32\Tasks\HPCustParticipation HP Deskjet 4620 series => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {3939D70D-73C7-4027-A7FF-DA2D18EB6F2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {3D8A0186-694F-4182-8295-87C8C760F48D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {406DD0A8-4734-4A4B-9832-DD8CB0AB77C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {43E7F056-78ED-4C3C-804D-46D9C2B1737B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {567F1894-0129-4E4D-8D38-E47172B3C8DF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {60E29AFC-FB22-47A1-BCB9-D2F89246CEF8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {629D3C01-B168-4B1F-AF9D-5AF1845F9CA9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66FA7D73-8405-46FA-9902-B98DAC77E43E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {86610784-72A1-4954-9300-E62295344754} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000UA => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-07] (Facebook Inc.)
Task: {8D85D839-1537-4C25-B949-A53EC58EB86F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {8FD88B27-4197-482A-B9DE-652BCE5E8963} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {90E84993-AACF-4F97-81DF-F4B5AE3CA496} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {98013681-F06C-429A-A60B-3FA20A156494} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {987DED66-420F-48C6-BF19-35D036F957A1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4039880186-1844316042-2073029014-1000Core => C:\Users\HF\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-07] (Facebook Inc.)
Task: {9F16C6EF-6609-4310-A3DC-185F5B59F8B9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1CCB7E4-3D84-46BF-AEB2-56E28F92227D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A201C7BA-426A-4D9A-AC61-C4501248CB47} - System32\Tasks\{18771E40-0FE4-4711-A157-30BA2B2C17D5} => pcalua.exe -a "D:\Firefox Setup 32.0.3.exe" -d C:\Users\HF\Desktop
Task: {C2092512-7397-4E8D-B710-6461B4485801} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8326541-BDAA-4F08-9D02-8FDCFF334A9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D8951481-12FD-459B-9184-990F334DAD9D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {DA19B2DF-B2F6-4FA1-81BC-427CEE207C1E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DD45CD38-D16C-450E-BDD2-64D4D5FBEE7D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E3053430-C536-4879-AD93-C83DA7477DCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {E9745C4D-6BC9-4138-976C-CC0D7DEEFF17} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB310B81-687B-4880-B466-7EE113BD9683} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA749848-22C7-475E-BCF8-CE0190D7CAD0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-11-23 22:01 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-03-07 20:02 - 2016-06-15 02:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-29 03:40 - 2016-06-15 02:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-07 20:02 - 2016-06-15 02:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-03-28 22:18 - 2016-05-24 08:51 - 00116416 _____ () C:\PROGRAM FILES\MICROSOFT OFFICE 15\CLIENTX64\ApiClient.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 22:33 - 2016-06-15 02:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-07 10:03 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 21:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-07 10:27 - 2016-08-07 10:27 - 00959168 _____ () C:\Users\HF\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-09-15 00:28 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 19:22 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 19:21 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 19:21 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 19:21 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 21:08 - 2016-12-14 21:08 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 21:08 - 2016-12-14 21:08 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-04 13:15 - 2016-06-15 02:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-12-13 13:10 - 2016-12-13 13:10 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-03-30 20:22 - 2016-06-15 02:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-25 19:23 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-25 19:23 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-25 19:22 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-25 19:23 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-25 19:23 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-14 07:42 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-20 17:42 - 2016-09-20 17:42 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 53018112 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00507968 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01076800 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01854528 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00393280 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 01589312 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00307776 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00330816 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00104000 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00520768 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00272448 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00680000 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00425536 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-05-19 22:06 - 2016-12-20 11:40 - 00157760 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-05-19 22:05 - 2016-12-20 11:40 - 00152128 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 01738752 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2015-05-19 22:06 - 2016-09-19 10:59 - 00078848 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll
2016-12-13 13:04 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-05-25 19:23 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-05-25 19:22 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-01-10 18:53 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4039880186-1844316042-2073029014-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{A3CCCC52-64C4-461A-85DB-D28ACE0F17CB}] => d:\games\Imperial Island 2 The Search for New Land\F2PHttpDaemon.exe
FirewallRules: [{1040AC2C-DF8A-45FD-9177-993612918BA4}] => d:\games\Arcanika\F2PHttpDaemon.exe
FirewallRules: [{77B8F854-D89E-4854-AEC0-018F166C821C}] => d:\games\Imperial Island 3 Expansion\F2PHttpDaemon.exe
FirewallRules: [{FDC58FA9-CEC2-437C-ACE6-DA6216711CAC}] => d:\games\Imperial Island 3 Expansion\ImperialIsland3.wrp.exe
FirewallRules: [{55A6947F-AA39-4896-80E8-AF90CE3A8ACA}] => d:\games\Imperial Island 3 Expansion\ImperialIsland3.exe
FirewallRules: [{DC10B947-73C6-406B-8EC4-17EBAE625513}] => d:\games\The Treasures of Montezuma 5\F2PHttpDaemon.exe
FirewallRules: [{AB309106-1458-463D-A752-CC38B362D1E8}] => d:\games\The Treasures of Montezuma 5\TheTreasuresOfMontezuma5.exe
FirewallRules: [{CD8E39AA-DACD-41D8-8E2D-0CF73C6D60E6}] => C:\Program Files (x86)\Steam\steamapps\common\Boid\Boid.exe
FirewallRules: [{1C840F8E-2FC4-4F23-A9E0-B67DFCAD1C51}] => C:\Program Files (x86)\Steam\steamapps\common\Boid\Boid.exe
FirewallRules: [{81235BA4-BB06-4672-9C72-561FBF7D331B}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{9A938CC0-545F-4950-8439-995B4E0BE34A}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{9920BEC8-23C3-4B96-80EB-16E2A5749652}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{76824CDF-23AA-4719-990C-29E3BFA7B043}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{232025FA-50B9-4694-AF2C-2686248EB515}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{140D5A6D-7EC3-4AA9-9DE6-636FDAD5BCB0}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2EA22E97-E107-4318-B554-953EB39F3FAC}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{43F8BE30-43DF-4357-88E7-EE4AF8307EEB}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{B4129D2D-072C-4C6D-A977-7FF254235004}] => d:\games\Hero of the Kingdom 2\F2PHttpDaemon.exe
FirewallRules: [{3824CF97-CF5A-4717-A35D-A40305AF3CF0}] => d:\games\Hero of the Kingdom\F2PHttpDaemon.exe
FirewallRules: [{2D95F73B-B705-48E9-B26D-D01A87B6826B}] => d:\games\Rooms The Unsolvable Puzzle\F2PHttpDaemon.exe
FirewallRules: [{0ACA7B47-DBFC-4621-9D6F-690997EA6BD4}] => d:\games\Fables of the Kingdom\F2PHttpDaemon.exe
FirewallRules: [{C7701DCC-1944-4599-99EE-32419C6E9198}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{EFECEBAA-49C0-4011-B5DD-45602D658529}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{1583AE19-87A7-4561-98B8-F50F147E206D}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{53EB5B99-449E-4B44-B172-B6F810EA656D}] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{BB8F1B68-585D-4E01-A7F3-75C1CB2BCA25}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E7584D5B-C3A0-4553-9EA1-07F85BD6AEFB}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66F8F096-8165-43EE-B6CE-51BA7180C417}] => C:\Users\HF\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A061188B-7A6F-41D1-844B-FC0619BF6506}] => D:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47DE17CC-3B09-4DF3-914E-83421B83E19B}] => D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{0BE291D3-36EF-44DC-BB31-2B0AA2E55739}] => D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{050E508A-47A1-4837-8D19-3C36A8CD89A8}] => D:\Games\Diablo III\Diablo III.exe
FirewallRules: [{690A8A39-F405-470E-B7ED-9807FD8C65C1}] => D:\Games\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{A72173D9-1FD8-4F71-BE6F-A06E2E64C145}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{7424E903-FD4E-4382-9A31-24EA144095A9}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{A4D1C175-4C86-4FCA-B220-F687CEEFE0EE}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\FaxApplications.exe
FirewallRules: [{374C9B75-9686-40FC-967D-4B3B59ABD8A3}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{85F46697-00C7-45F8-B98C-D1BDE937D2DE}] => C:\Program Files\HP\HP Deskjet 4620 series\bin\SendAFax.exe
FirewallRules: [{48CF650C-8A6E-4F9A-B1EA-46D1BEDB5A7C}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{F579BEBF-526A-48A3-90A9-EFBEC4F5A070}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{84135734-8298-47B6-A332-2EED2B9B6D17}] => C:\Program Files\HP\HP Deskjet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{ECD4261C-00F3-4E8E-B72D-77CA31239B7B}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{242A9A2E-C8F3-432A-A86C-3413DDA3B1BB}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3E8496EE-E9C1-4378-A92A-164EF985EE3C}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0508203D-61FF-421E-842D-7BF54724115F}D:\program files (x86)\mozilla firefox\firefox.exe] => D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{69ED5FC0-2D58-43FC-9753-38169049FD61}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [UDP Query User{E3CF19B0-4278-481C-AB00-770A014E58CB}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [TCP Query User{A0B49DAC-611C-4BED-B777-DD01C2F47B23}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [UDP Query User{71EBCA1F-900A-421C-A9F8-B3D54E39545A}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [{E06ADFF9-828F-48FF-B2CE-4E562EDF1D40}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9B001EBE-64E1-4457-8E15-70226D389DE7}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{393966E8-61DA-4F62-8807-1A2F78B4A73E}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3286FB9F-E05A-40F9-BB3E-4E845A3F2D1D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{321E0F7A-C783-4C8E-A756-8114F9117230}D:\games\grand theft auto v\gta5.exe] => D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{5B381A68-58A5-4A2D-A975-835BECBA0867}D:\games\grand theft auto v\gta5.exe] => D:\games\grand theft auto v\gta5.exe
FirewallRules: [{3809497D-9FB0-4709-AE88-8B8CB56BD6D9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A77466A-959F-41A0-BE36-26068290C065}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3FA72A56-EC7A-4A6A-BED7-61F865669E13}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2F1702E5-7801-473D-A5D3-D2599379EB8C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ACB068FE-2375-4676-BA18-CD8BA38AE29E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3BAE0FA-A21C-44F9-9E68-6552E649B670}] => C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{9E9594B2-377C-430D-9BFF-203E9AF3280D}] => C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A18DB4B6-820B-4BE2-880A-A852CAA249C8}] => D:\Games\Witness\steamapps\common\The Witness\witness_d3d11.exe
FirewallRules: [{FFD83B95-9276-409E-B251-7307F003D672}] => D:\Games\Witness\steamapps\common\The Witness\witness_d3d11.exe
FirewallRules: [{9F4C87AD-81AD-4B52-A1D1-520FD87C1890}] => D:\Games\Witness\steamapps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{F83387AF-39E3-4B3E-90CF-3CC7B101BB20}] => D:\Games\Witness\steamapps\common\Sigils of Elohim\Sigils.exe
FirewallRules: [{ABF26293-3755-410F-AED3-028B84CAC5FD}] => D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F8E6BA3B-5069-4F1A-BE83-398D6301A718}] => D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [TCP Query User{8EF70579-ABE7-4F7B-BE2F-12B505F6FD84}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [UDP Query User{9D5BB297-F749-4485-9378-672EDCA38BCE}D:\games\grey goo2\instanceserverg.exe] => D:\games\grey goo2\instanceserverg.exe
FirewallRules: [TCP Query User{9FF636C5-8EDA-4964-B949-84600134A563}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [UDP Query User{E66034E4-6EA8-4E3A-9E77-B7516F372F80}D:\games\grey goo2\goog.exe] => D:\games\grey goo2\goog.exe
FirewallRules: [{43A83DE8-C5A9-402E-8BFF-09B4CCD79289}] => C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe
FirewallRules: [{7AE411E6-49DD-4789-AA92-BA22BB6FE6A7}] => C:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe
FirewallRules: [{2508444E-AB63-4ABB-96E3-A57EECF75E5E}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D10EB411-BBB1-4601-9233-988C8C316E50}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{61B65D66-DA0C-4041-AA80-CDE565C18F51}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{0D2F5EA8-80B4-4133-BAB7-2A0D42C6C849}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{D2410BC8-9C72-4CF1-A3C2-11E48A9F52A8}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{C15F86E3-5E89-42C9-ADF1-F33EF1F7546E}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{359081A5-197C-4895-BD3F-C8537525F0BE}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{6FAE664E-8857-4766-AF8F-0D0B9D555D69}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{3741A21D-D279-4A40-8C5F-D6FE324A6E38}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{8CFF223C-A8FA-4BC7-B435-211BEF6F3617}] => C:\Program Files (x86)\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{E965B364-4EDE-4779-B80C-FDF2FD36887E}] => C:\Program Files (x86)\Steam\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [{BEF8BD3D-CD09-4B3B-81F2-2C1704FC1B46}] => C:\Program Files (x86)\Steam\steamapps\common\Samorost 3\Samorost3.exe
FirewallRules: [TCP Query User{DA9E34AD-3FD0-4497-BEA5-350FA0C68816}D:\games\far cry primal\bin\fcprimal.exe] => D:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{7FB228AE-A8C9-466B-ABB3-A889859A0463}D:\games\far cry primal\bin\fcprimal.exe] => D:\games\far cry primal\bin\fcprimal.exe

==================== Restore Points =========================

10-01-2017 18:42:41 Removed Java 8 Update 101

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2017 10:41:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0x150c
Čas spustenia chybujúcej aplikácie: 0x01d270414c298a05
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 4cde49fb-a2c8-46c0-9438-1326b7e79cf7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/16/2017 10:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0x18c
Čas spustenia chybujúcej aplikácie: 0x01d2704146442e25
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 05cef7d4-a8ec-4d5b-8e6e-b06856e229b1
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/16/2017 10:40:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0x5f4
Čas spustenia chybujúcej aplikácie: 0x01d27041288727c3
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: e2f64442-7af8-4ada-8ac1-87ec8cdceb0b
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/16/2017 08:09:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000030bdd
Identifikácia chybujúceho procesu: 0x1584
Čas spustenia chybujúcej aplikácie: 0x01d2702c164c1b2e
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0688f5ee-a172-4411-8e4e-089a012e537f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/16/2017 04:40:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2017 04:35:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HF-PC)
Description: Aktivácia aplikácie Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca zlyhala pre chybu: -2144927149 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 04:35:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HF-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2147023170 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 04:35:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "D:\Games\Fahrenheit Indigo Prophecy Remastered\Fahrenheit.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/16/2017 04:18:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (01/16/2017 04:18:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (01/16/2017 10:40:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
and APPID
{7006698D-2974-4091-A424-85DD0B909E23}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/16/2017 10:39:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/16/2017 08:09:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/16/2017 04:55:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/16/2017 04:55:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/16/2017 04:40:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/16/2017 04:37:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (01/16/2017 04:35:51 PM) (Source: DCOM) (EventID: 10005) (User: HF-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/16/2017 04:35:49 PM) (Source: DCOM) (EventID: 10005) (User: HF-PC)
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (01/16/2017 04:35:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Network Location Awareness, od ktorej závisí služba Služba zoznamu sietí, zlyhalo kvôli nasledujúcej chybe:
The dependency service or group failed to start.


CodeIntegrity:
===================================
Date: 2017-01-12 23:38:29.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:29.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:28.586
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:27.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:24.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:38:22.703
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:35:22.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-01-12 23:35:21.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
Percentage of memory in use: 28%
Total physical RAM: 8190.05 MB
Available physical RAM: 5856.06 MB
Total Virtual: 16382.05 MB
Available Virtual: 13673.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.22 GB) (Free:44.35 GB) NTFS
Drive d: () (Fixed) (Total:833.76 GB) (Free:32.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A7535621)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=833.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“