﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
Ran by gagin (2015-10-22 16:50:46)
Running from C:\Users\gagin\Desktop
Windows 10 Pro (X64) (2015-09-30 20:16:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-722712101-1838267521-1311700174-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722712101-1838267521-1311700174-503 - Limited - Disabled)
gagin (S-1-5-21-722712101-1838267521-1311700174-1000 - Administrator - Enabled) => C:\Users\gagin
Guest (S-1-5-21-722712101-1838267521-1311700174-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
AkelPad 4.9.6 (HKLM-x32\...\AkelPad) (Version: 4.9.6 - )
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
AutoCAD 2014 – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2014 Language Pack – Čeština (Czech)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
EAGLE 7.1.0 (HKLM-x32\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH)
ESET NOD32 Antivirus (HKLM\...\{AB1AA952-0F66-42B2-B8B0-6B94FC500132}) (Version: 8.0.304.1 - ESET, spol s r. o.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Google Chrome (HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MTK_SN_Write (HKLM-x32\...\{0EEBC2F2-7436-4024-8E3D-FE33041C0AF4}) (Version: 1.0.0 - MediaTek)
NVIDIA Ovladač 3D Vision 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.81 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.81 (Version: 341.81 - NVIDIA Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
TradeManager 2015 (HKLM-x32\...\TradeManager) (Version:  - Alibaba (China) Network Technology Co., Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
微软设备健康助手 (HKLM-x32\...\{2EAC4B0F-6E44-4FF6-AA5E-5D100F2BAA59}) (Version: 1.5.3.1 - Microsoft Corporation)
支付宝安全控件 5.3.0.3807 (HKLM-x32\...\alieditplus) (Version: 5.3.0.3807 - Alipay.com Co., Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\gagin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-722712101-1838267521-1311700174-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\gagin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

13-10-2015 17:24:23 Nainstalováno rozhraní DirectX
20-10-2015 10:14:00 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-10-13 16:15 - 00000854 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1042ECDB-EAB8-44AA-9863-7DAA9C59427E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1155004D-9EA8-4CE4-86BA-ADB59C4131AC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {18EA2A6E-61D3-436F-9CA8-21108BC1556A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {19D5BB15-D28A-4B6E-AB04-7B863B6CAAC3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {20365358-583D-4AC3-922B-61E596C0E98A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {23CE0572-C8B4-49F7-AB49-008F59E7CEC1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {30385C5E-B246-47D5-AF5F-5274E1CFD512} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {3B10C98E-0C98-4DFE-BD93-E5576F05A91F} - System32\Tasks\Driver Booster SkipUAC (gagin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3BDA0104-C154-4468-A334-0C2D33A3178D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {435A35B7-3180-4603-9B36-C0527EF9AC82} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4AA5CDB3-38EC-44B6-A387-0BFA6B639CCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {525BC23E-6398-4758-9C49-84EC00CEB275} - System32\Tasks\微软设备健康助手自动更新 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation)
Task: {57527381-4672-4DAA-A3D1-941E3EC2C350} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {58D30C0A-A53A-4B02-B326-8A44577F82AD} - System32\Tasks\微软设备健康助手设备检查 => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exe [2015-01-30] (Microsoft Corporation)
Task: {7E48F3D5-7917-4DD6-B411-DC307B4FBEED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {87F659D0-9BF2-4EE5-BF6F-860EA9AD436D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {89CC392B-AB8B-4E00-8F3A-A296CAB9D15A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {91761F79-BFC3-4187-A9F0-006DC5720488} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {95B4AB15-0BE7-4385-B8DD-38F656D863C0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {96ADCE15-6A32-4001-BD9D-AE0DB730E9D6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A2F99580-E0F7-48B3-BDAB-2E4B8FF8C82F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A5408746-90A5-4F53-94CD-38E198A9C40D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722712101-1838267521-1311700174-1000Core => C:\Users\gagin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {BCCA3A1E-3C53-4ECF-9D77-F67884348C77} - System32\Tasks\微软设备健康助手开机检测 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation)
Task: {C4C19434-3526-4837-80D7-2D5D935D1FAF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D698AE60-F396-42FE-BB61-2213B6FC0323} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D95E6475-3E0F-443E-B46B-B689F909EC03} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {EC45CA7C-C6E5-4C3D-8FD9-AE62C84FD038} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F02E8257-98CE-4481-B7E0-87379ED743D4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F366BF29-A2E4-4637-BE1F-0E9891C93562} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F59733C1-C59B-409E-8234-15BEF14E7002} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722712101-1838267521-1311700174-1000UA => C:\Users\gagin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-30] (Google Inc.)
Task: {FED56923-6E1B-4A8A-A7EC-3842DA9AC64E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-722712101-1838267521-1311700174-1000Core.job => C:\Users\gagin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-722712101-1838267521-1311700174-1000UA.job => C:\Users\gagin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\微软设备健康助手开机检测.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe
/EnableDHWORKGROUP\GAGIN-PC$HdkűNˇR(uŽN®_oŹľ‹YeP·^©RKb„v¶r`ŔhKmŚTębîO
Y0†Nă‰ôfY˙÷‹ĺg–hxxp:/support.microsoft.com
Task: C:\WINDOWS\Tasks\微软设备健康助手自动更新.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exeWORKGROUP\GAGIN-PC$Zdk
gˇR^\ŽN®_oŹľ‹YeP·^©RKb˙(uŽN·ÖSg°e„vHr,g˙	g©RŽNĐcŘšľ‹YeP·^¦^ĘSÝOś–/eŘN‰[hQ0†Nă‰ôfY˙÷‹ĺg–hxxp:/support.microsoft.com
Task: C:\WINDOWS\Tasks\微软设备健康助手设备检查.job => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exeWORKGROUP\GAGIN-PC$CdkűNˇR(uŽN®_oŹľ‹YeP·^©RKb„vľ‹YŔhĺg0†Nă‰ôfY˙÷‹ĺg–hxxp:/support.microsoft.com

==================== Loaded Modules (Whitelisted) ==============

2015-09-10 07:08 - 2015-09-10 07:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 07:08 - 2015-09-10 07:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-30 22:01 - 2015-08-18 02:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 07:49 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2015-09-06 12:18 - 2015-09-06 12:18 - 00115000 _____ () C:\Program Files (x86)\TradeManager\AliApp.exe
2015-10-01 07:49 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 09:59 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00112440 _____ () C:\Program Files (x86)\TradeManager\rv2log.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00321336 _____ () C:\Program Files (x86)\TradeManager\rv2core.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00279864 _____ () C:\Program Files (x86)\TradeManager\pcre.dll
2015-09-02 10:17 - 2015-09-02 10:17 - 37726520 _____ () C:\Program Files (x86)\TradeManager\aef.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00367928 _____ () C:\Program Files (x86)\TradeManager\rv2archive.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00154424 _____ () C:\Program Files (x86)\TradeManager\PerfTrace.dll
2015-09-02 04:40 - 2015-09-02 04:40 - 01554888 _____ () C:\Program Files (x86)\TradeManager\LIBEAY32.dll
2014-07-03 14:36 - 2014-07-03 14:36 - 00322376 _____ () C:\Program Files (x86)\alipay\aliedit\5.3.0.3807\aliedit.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00588088 _____ () C:\Program Files (x86)\TradeManager\uacagent.dll
2015-09-02 04:40 - 2015-09-02 04:40 - 00072192 _____ () C:\Program Files (x86)\TradeManager\zlibwapi.dll
2015-09-02 04:38 - 2015-09-02 04:38 - 00437216 _____ () C:\Program Files (x86)\TradeManager\collina.dll
2015-09-02 10:19 - 2015-09-02 10:19 - 00577848 _____ () C:\Program Files (x86)\TradeManager\unifiedconfig.dll
2015-09-02 10:17 - 2015-09-02 10:17 - 00045368 _____ () C:\Program Files (x86)\TradeManager\aliupload.dll
2015-09-02 10:18 - 2015-09-02 10:18 - 00879928 _____ () C:\Program Files (x86)\TradeManager\ffmpegsumo.dll
2015-10-01 10:56 - 2015-10-01 10:56 - 00698152 _____ () C:\Users\gagin\AppData\Roaming\TaobaoProtect\AliBench\AlibenchDLL.dll
2015-10-15 14:29 - 2015-10-09 02:53 - 01532744 _____ () C:\Users\gagin\AppData\Local\Google\Chrome\Application\46.0.2490.71\libglesv2.dll
2015-10-15 14:29 - 2015-10-09 02:53 - 00081224 _____ () C:\Users\gagin\AppData\Local\Google\Chrome\Application\46.0.2490.71\libegl.dll
2015-10-16 09:33 - 2015-10-15 13:20 - 16493256 _____ () C:\Users\gagin\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\.DEFAULT\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\.DEFAULT\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\.DEFAULT\...\taobao.com -> hxxp://taobao.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\taobao.com -> hxxp://taobao.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722712101-1838267521-1311700174-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722712101-1838267521-1311700174-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9A88EAF1-4A70-42E2-81FE-363F443F8444}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EBD500E4-417E-4D63-AEAB-FB9911726501}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{374BC43F-B35F-4DB8-83E5-55C72BEFBB18}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{1001C785-ACD4-4C3E-8B2F-C592755ABA7F}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0F616196-A494-42C8-A5EB-7854374E5FBD}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50EB5C18-8584-4589-899A-9D2B5C7A15A9}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C90EAAC-8739-437F-B4C3-8891027D8F93}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FD0AB7AD-B07D-4187-A4E7-022E108242DD}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F0E26973-C41E-43FF-968E-00C5C0367B47}] => (Allow) C:\Users\gagin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D3D09D73-CE6E-4279-A3D2-DE026ED293CE}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{25024AFB-2E7D-47F3-8EC2-679AA5549203}] => (Allow) C:\Program Files (x86)\TradeManager\AliIM.exe
FirewallRules: [{77FBD485-FF96-4970-88EF-5D8EBF882435}] => (Allow) LPort=50248

==================== Faulty Device Manager Devices =============

Name: Vstupní zařízení pro sběrnici PCI
Description: Vstupní zařízení pro sběrnici PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2015 04:44:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 04:44:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 04:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa5578
Název chybujícího modulu: SearchUI.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa5578
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000159997
ID chybujícího procesu: 0x1050
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5

Error: (10/22/2015 04:44:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa599a
Název chybujícího modulu: ShellExperienceHost.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa599a
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000076127
ID chybujícího procesu: 0x1bc0
Čas spuštění chybující aplikace: 0xShellExperienceHost.exe0
Cesta k chybující aplikaci: ShellExperienceHost.exe1
Cesta k chybujícímu modulu: ShellExperienceHost.exe2
ID zprávy: ShellExperienceHost.exe3
Úplný název chybujícího balíčku: ShellExperienceHost.exe4
ID aplikace související s chybujícím balíčkem: ShellExperienceHost.exe5

Error: (10/22/2015 04:11:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 02:25:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 02:24:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 02:24:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa599a
Název chybujícího modulu: ShellExperienceHost.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa599a
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000076127
ID chybujícího procesu: 0x180c
Čas spuštění chybující aplikace: 0xShellExperienceHost.exe0
Cesta k chybující aplikaci: ShellExperienceHost.exe1
Cesta k chybujícímu modulu: ShellExperienceHost.exe2
ID zprávy: ShellExperienceHost.exe3
Úplný název chybujícího balíčku: ShellExperienceHost.exe4
ID aplikace související s chybujícím balíčkem: ShellExperienceHost.exe5

Error: (10/22/2015 02:24:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: gagin-PC)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/22/2015 02:24:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa5578
Název chybujícího modulu: SearchUI.exe, verze: 10.0.10240.16515, časové razítko: 0x55fa5578
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000159997
ID chybujícího procesu: 0x1914
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5


System errors:
=============
Error: (10/22/2015 04:44:45 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: CortanaUI

Error: (10/22/2015 04:44:36 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: App

Error: (10/22/2015 04:11:43 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (10/22/2015 02:25:04 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: App

Error: (10/22/2015 02:24:58 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: CortanaUI

Error: (10/22/2015 02:24:57 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: App

Error: (10/22/2015 02:24:55 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: App

Error: (10/22/2015 02:04:29 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (10/22/2015 01:13:03 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca

Error: (10/22/2015 01:06:09 PM) (Source: DCOM) (EventID: 10010) (User: gagin-PC)
Description: MicrosoftEdge.AppXg58n4jqcxjfvb6epaz8mmvfjtq8mhj65.mca


CodeIntegrity:
===================================
  Date: 2015-10-17 10:47:27.243
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:27.190
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:27.127
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:27.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:27.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:26.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:24.780
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:47:23.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:44:07.209
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-17 10:44:07.149
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 56%
Total physical RAM: 4094.49 MB
Available physical RAM: 1801.05 MB
Total Virtual: 8190.49 MB
Available Virtual: 5324.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:151.07 GB) (Free:16.27 GB) NTFS
Drive d: () (Fixed) (Total:146.48 GB) (Free:94.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: BBC58B91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=151.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================