﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Max_cz (2016-03-18 17:31:05)
Running from C:\Users\Max_cz\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-21 03:42:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-529706889-675040250-4031740840-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-529706889-675040250-4031740840-503 - Limited - Disabled)
Guest (S-1-5-21-529706889-675040250-4031740840-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-529706889-675040250-4031740840-1007 - Limited - Enabled)
Max_cz (S-1-5-21-529706889-675040250-4031740840-1000 - Administrator - Enabled) => C:\Users\Max_cz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio FREE v.1.12.0 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.1-291 - House of Life)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
cURL (HKLM\...\{2B0E3B1A-674D-4C23-8E04-E63BCD246383}) (Version: 7.43.0 - Confused by Code)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
FileZilla Client 3.16.0 (HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.37 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Integrated Camera Driver Installer Package Ver.1.2.1.18 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.18 - RICOH)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
K-Lite Mega Codec Pack 11.8.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version:  - KMP) <==== ATTENTION
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.4.6 - PandoraTV)
Kolor Autopano Giga 3.0 (HKLM\...\AutopanoGiga3.0) (Version: V3.0.8 - Kolor)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.13.0 - Lenovo)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.17 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 7.12.20 - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ovládací panel NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
ProFact 3.0 (HKLM-x32\...\ProFact 3.0_is1) (Version:  - eXmind)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
PTGui Pro 9.0 (HKLM-x32\...\PTGui) (Version:  - New House Internet Services B.V.)
QIP 2012 4.0.7221 (HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\QIP 2012) (Version: 4.0.7221 - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RescuePRO Deluxe 5.2.5.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.2.5.6 - LC Technology International, Inc.)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Software Intel® PROSet/Wireless WiFi (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.27 - Synaptics Incorporated)
Syncrosoft's License Control (HKLM-x32\...\Syncrosoft's License Control) (Version:  - SIA Syncrosoft)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden
Ulož.to File Manager verze 1.6 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.6 - Nodus Technologies s.r.o.)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Quick View (HKLM-x32\...\{CBB36DCC-7276-429F-9B58-4CFDC147D467}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{D344733D-3F0C-4257-9201-6259D90B441E}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{e72369b3-306a-4d10-a766-3433a65e8dc2}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YTD Video Downloader 4.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL) <==== ATTENTION
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-529706889-675040250-4031740840-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Max_cz\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0824AE65-731C-4A7D-8915-1C7A028C82CA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {08317534-E39E-415C-AB07-A5DA3EAD9E94} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0F626639-4A67-4D25-A6F5-3CEA26085189} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {1B16B4D7-72F0-4782-B69F-AFDFBA119369} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {20061696-2358-4525-8C5F-52700D015045} - System32\Tasks\AdobeAAMUpdater-1.0-Max_cz-PC-Max_cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-11-27] (Adobe Systems Incorporated)
Task: {24FB79D7-A19D-469C-BF99-D8DEB79CFFF8} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {38A0FCCB-B9E8-4686-897D-F869C4F4ECD2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-06] (COMODO)
Task: {3E8FB326-2D74-4579-998C-128839CC89AD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {47F51313-B5B1-4C49-BE4A-CAECD298A15E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {49E36E2D-2D12-4C8B-B5D4-5E07E543098B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {546A1E49-7E58-4CBA-8950-831D12EC777A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {58FC388E-7323-411B-8A5C-134D8845CD75} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-06] (COMODO)
Task: {599B3357-E6E7-4E49-9E84-37B6BD6CCCCF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {5D2CD294-C9FA-435D-B36B-34F4AF93902A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {61CC5CA4-2B94-43F3-AD4F-56B61FDE41C5} - \{CD3808AF-CB98-A8A7-E796-21741D041C14} -> No File <==== ATTENTION
Task: {67B0247E-05AB-4330-AD97-965BECCBEB0D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {6B1A349F-4182-448B-B7B6-56351267D8C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6ED6D666-EE9F-4EDC-955F-BDA79B2D9EA0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {71502CB5-FD6A-46C7-8622-F4B9FFAFF476} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {71F9E2E0-08F2-4101-8D5B-24C464A8257A} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {725B4D96-8D56-4BF1-8951-985345537FE7} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {7576A9E7-6815-47BE-920A-FBB62F63B59E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7ECB275A-2E6D-42F1-9D67-5D896955F165} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {86549C45-D827-49FD-9EAB-B3DF56509EC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8D9F55DD-3220-4CCB-BC3C-460781E21462} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {B0F21B7A-0D0A-4A8C-A60A-1C1238C21609} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {B143A0AC-E78A-48F6-A790-12195FA84D68} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B20329CD-715E-4B87-B10B-BDE482902090} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4FCF385-A3DF-424E-8104-F00284964A50} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {B94683B9-9BA0-428B-883A-D97BD3BA242C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {CD0B8E76-DBE4-45B4-BAFC-2DDA3D7D5D12} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D00D34EF-5FD2-4337-8AC5-8FF8A6DF2989} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-01-12] (Adobe Systems Incorporated)
Task: {D26B5181-46A2-4015-918F-53F79F363B83} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {DFC459CA-8DC8-439A-87D6-1E699D8FF651} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {EC834E13-F08C-47FE-B5A7-C47599926A7F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {EE672CCB-DA7B-44F1-9D9F-D40C320C45C1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F1F7CC13-3633-450C-B60C-D2EDF81DE859} - System32\Tasks\CCleanerSkipUAC => C:\Windows.old\Program Files\CCleaner\CCleaner.exe [2015-09-19] (Piriform Ltd)
Task: {F7C63C45-6B28-442B-8D61-8D4705D2E7B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128
Task: {FC88355B-3085-40B0-9BB1-2399E94AEB3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FDD779C8-4320-4A04-954F-D15EEB2333C5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-21 10:49 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-01-31 16:29 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-21 10:49 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-07-23 04:02 - 2016-03-14 15:44 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-02-21 04:09 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-04 19:20 - 2016-03-04 19:20 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 19:20 - 2016-03-04 19:20 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-29 11:23 - 2016-02-29 11:23 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-02-21 03:56 - 2016-02-21 03:56 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-04 19:20 - 2016-03-04 19:20 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-21 03:55 - 2016-02-21 03:55 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-21 03:55 - 2016-02-21 03:55 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-21 03:55 - 2016-02-21 03:55 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-21 03:55 - 2016-02-21 03:55 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-02-21 04:08 - 2010-10-26 12:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-08-24 19:28 - 2015-08-24 19:28 - 00047104 _____ () C:\Windows.old\Program Files\CCleaner\lang\lang-1029.dll
2016-03-16 21:29 - 2016-03-16 04:41 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.37\libglesv2.dll
2016-03-16 21:29 - 2016-03-16 04:41 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.37\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system\fltr106.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ac3acm.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppointmentActivation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxAllUserStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxSip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AuthBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\C3DHPExt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CallHistoryClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CMCPLEXT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CMEFFECTAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\configurationclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CoreUIComponents.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CSpkExt64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CX64BP16.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CxPageMaster64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dafBth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\deviceaccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceEnroller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DisplayManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\domgmt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dosvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\enterprisecsps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExSMime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExtrasXmlParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FirewallAPI.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\flvprophandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\fontdrvhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fwbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hkcmd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxpers.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxsrvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxtray.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputLocaleManager.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ipnathlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\irmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\localspl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MBMediaManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MDEServer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MDMAppInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfasfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSFlacDecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netlogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngckeyenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngcsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvd3dumx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435362.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6436175.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6436191.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6436451.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435362.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6436175.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6436191.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6436451.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvinitx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglshim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvwgf2umx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ole32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhoneCallHistoryApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenanceClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\POSyncServices.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\profext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provpackageapidll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\psmsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\QuickActionsDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\scapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SecConfig.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SharedStartModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sharemediacpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shell32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SMSRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SmsRouterSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sqmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRHInproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\srpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storewuauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StorSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SyncController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\taskschd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TimeBrokerClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TimeBrokerServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UCI64A96.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uDWM.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataAccountApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataLanguageUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataTimeUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataTypeHelperUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vaultcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WiFiConfigSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WiFiDisplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifiprofilessettinghandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Windows.AccountsControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Data.Pdf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Devices.Scanners.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.MediaControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanmsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvcpal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpninprc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsqmcons.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WSService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wuuhext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x264vfw64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblGameSave.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xvidvfw.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ac3acm.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentActivation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxAllUserStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxSip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atmfd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atmlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CallHistoryClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreUIComponents.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\deviceaccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DisplayManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExSMime.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ff_vfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FirewallAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fontdrvhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fontsub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fwbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ieframe.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InstallAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCRecvSrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc42loc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSFlacDecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netlogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvd3dum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvinit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglshim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvumdshim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvwgf2um.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ole32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\POSyncServices.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\profext.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shell32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sqmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRHInproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SyncController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynsoLChk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Synsopos.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\taskschd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\thumbcache.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TimeBrokerClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataAccountApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wermgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\werui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfapigp.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WiFiDisplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\windows.storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x264vfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\acpi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\appid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bridge.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthenum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BTHUSB.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CHDRT64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CM10664.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CMUAC.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\InputFilter_FlexDef2b.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rfcomm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBHUB3.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xboxgip.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xinputhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\synUSB64.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]
AlternateDataStreams: C:\Users\Max_cz\Desktop\1914226_10204642006043972_5525917226391008696_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\FRSTLauncher.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\FRSTLauncher.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\IMG_20160206_214429.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\LM.bat:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\mbam-setup-2.1.4.1018.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\mbam-setup-2.1.4.1018.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\mbar-1.09.3.1001.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\mbar-1.09.3.1001.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\OTM.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Desktop\OTM.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\template_53917_jRBty7okCRi862kQR62Z.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Desktop\wordpress-4.1-cs_CZ.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Downloads\C818.tmp:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Downloads\dfsetup220.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Downloads\dfsetup220.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Downloads\FileZilla_3.16.0_win64-setup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Max_cz\Downloads\spsetup129.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Downloads\spsetup129.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\AppData\Local\MSGBOX.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Users\Max_cz\Documents\110720133161.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Documents\210320132693.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Max_cz\Documents\291120133663.jpg:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-03-16 22:40 - 00000200 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-529706889-675040250-4031740840-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Max_cz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{9a0d1d5d-09da-4a77-b23b-24506ff7124c}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-529706889-675040250-4031740840-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{22441C0E-F175-493A-8979-5392ACC7614D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3A5310A9-2EAD-4849-9423-7B0D481C08D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C7FDFDB-5F73-47A0-833B-7BED444524A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{08FE0AF0-B296-4A51-9D05-4722D84329CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8718BF8A-E7E1-41D4-A496-2F3B7F8E8888}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{93C13353-5172-4C40-90D3-F919E65FA034}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EB351EC0-383A-4343-A967-06E8D7A9BC60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B1648164-2DB2-41A4-8DE3-B5A7496C1A3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D18F0B3E-44BC-4538-B324-8A4996E57A02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7174D47E-6ED4-4379-AB89-B4EA1AE638AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B86A1E3-75DD-422E-BB91-DC7B9E508074}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{8E716B54-0B3E-4D33-8C02-5804CB274B38}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [TCP Query User{6A8FA7E0-35E7-49B0-97C8-7C2938C5E99B}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [TCP Query User{BE14BD9F-1FFF-4C61-9D53-87202022C595}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{0419FFCC-EB75-4892-8D0D-30131BEA1F7B}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe
FirewallRules: [{501F3EC6-2AAF-45D1-832C-F98AA15B4A69}] => (Allow) LPort=3306
FirewallRules: [{143A322E-708B-442A-9B04-992577E02040}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{5EA0F6AF-9314-4796-9323-278E7B19346C}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{8943DC9C-8BB3-4FE4-8938-D0CE8AE2755C}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{7B6889EE-3231-4798-8896-1226E51DE13A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{5272ABE7-9934-442C-ACFF-16EC8A29661B}] => (Allow) C:\Users\Max_cz\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{26830562-36A6-4324-B06D-38C982EA1B8D}] => (Allow) C:\Users\Max_cz\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{84AD0F9E-D48E-43D0-ADEB-454DF7839F2D}] => (Allow) D:\Program\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{14040D47-5C7D-4B2B-98CA-32C4E1CC7BBF}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [UDP Query User{E7E060EB-2099-4812-B8CA-2A8C432CD265}C:\program files (x86)\bitlord\bitlord.exe] => (Allow) C:\program files (x86)\bitlord\bitlord.exe
FirewallRules: [{2EEAE5DB-8E8D-4C24-A818-9311F39159B5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Windows\SysWOW64\msiexec.exe] => Generic Host Process
StandardProfile\AuthorizedApplications: [C:\Windows\SysWOW64\svchost.exe] => Generic Host Process
StandardProfile\AuthorizedApplications: [C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe] => Enabled:Windows Messanger

==================== Restore Points =========================

17-03-2016 21:27:07 Removed Java 8 Update 45

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2016 09:30:02 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/17/2016 09:27:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/16/2016 11:24:16 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/16/2016 04:23:18 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/15/2016 09:47:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/15/2016 12:37:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Max_cz-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/14/2016 04:29:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcplui.exe, verze: 8.1.810.0, časové razítko: 0x56de71e1
Název chybujícího modulu: nvcplui.exe, verze: 8.1.810.0, časové razítko: 0x56de71e1
Kód výjimky: 0x40000015
Posun chyby: 0x00000000001cb819
ID chybujícího procesu: 0xd84
Čas spuštění chybující aplikace: 0xnvcplui.exe0
Cesta k chybující aplikaci: nvcplui.exe1
Cesta k chybujícímu modulu: nvcplui.exe2
ID zprávy: nvcplui.exe3
Úplný název chybujícího balíčku: nvcplui.exe4
ID aplikace související s chybujícím balíčkem: nvcplui.exe5

Error: (03/14/2016 04:22:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GFExperience.exe, verze: 2.10.2.40, časové razítko: 0x56c2f91a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0xd80
Čas spuštění chybující aplikace: 0xGFExperience.exe0
Cesta k chybující aplikaci: GFExperience.exe1
Cesta k chybujícímu modulu: GFExperience.exe2
ID zprávy: GFExperience.exe3
Úplný název chybujícího balíčku: GFExperience.exe4
ID aplikace související s chybujícím balíčkem: GFExperience.exe5

Error: (03/14/2016 04:22:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GFExperience.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00000000

Error: (03/14/2016 04:09:10 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


System errors:
=============
Error: (03/18/2016 04:54:21 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/17/2016 11:19:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_844bc byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/17/2016 09:53:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetPipeActivator neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (03/17/2016 09:53:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NetPipeActivator bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2016 09:52:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby: 
%%2

Error: (03/17/2016 09:52:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby: 
%%1058

Error: (03/17/2016 09:52:34 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.

Error: (03/17/2016 09:51:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_1e4f90 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (03/17/2016 09:47:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/17/2016 09:32:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetMsmqActivator neuspěla při spuštění v důsledku následující chyby: 
%%1053


CodeIntegrity:
===================================
  Date: 2016-03-18 17:28:05.997
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 23:13:59.519
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:53:04.202
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:46:00.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:20:47.428
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:06:54.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 21:53:06.632
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-03-17 21:52:35.456
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-03-17 21:52:33.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 21:52:29.375
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 27%
Total physical RAM: 11877.44 MB
Available physical RAM: 8662.99 MB
Total Virtual: 24165.44 MB
Available Virtual: 20584.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.78 GB) (Free:23.68 GB) NTFS
Drive d: (HDD) (Fixed) (Total:368.1 GB) (Free:180.48 GB) NTFS
Drive f: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
Drive h: (WD) (Fixed) (Total:1396.61 GB) (Free:572.29 GB) NTFS
Drive i: (NIKON D7100) (Removable) (Total:14.83 GB) (Free:14.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2558AF52)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=96.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=797 MB) - (Type=27)
Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 1396.6 GB) (Disk ID: F8041501)
Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================