ComboFix 16-02-23.01 - Miska 27.02.2016 9:06.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8054.6033 [GMT 1:00]
Spuštěný z: c:\users\Miska\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-27 do 2016-02-27 )))))))))))))))))))))))))))))))
.
.
2016-02-27 08:11 . 2016-02-27 08:11 -------- d-----w- c:\users\oem\AppData\Local\temp
2016-02-27 08:11 . 2016-02-27 08:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-27 06:54 . 2016-02-27 06:54 -------- d-----w- c:\program files\Windows Defender
2016-02-27 06:54 . 2016-02-27 06:54 -------- d-----w- c:\program files (x86)\Windows Defender
2016-02-25 20:45 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55DF4DB4-1193-4F85-A8F2-C072B8E9B65B}\mpengine.dll
2016-02-25 20:21 . 2016-02-25 20:21 -------- d-----w- c:\users\oem\AppData\Local\Diagnostics
2016-02-25 20:00 . 2016-02-25 20:52 -------- d-----w- C:\AdwCleaner
2016-02-24 07:04 . 2016-02-24 07:05 -------- d-----w- c:\program files\paint.net
2016-02-24 07:04 . 2016-02-24 07:06 -------- d-----w- c:\users\Miska\AppData\Local\paint.net
2016-02-23 13:20 . 2016-02-23 14:08 -------- d-----w- c:\users\Miska\AppData\Roaming\.minecraft
2016-02-23 13:18 . 2016-02-25 20:44 -------- d-----w- c:\program files (x86)\Minecraft
2016-02-22 15:10 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-18 05:01 . 2016-02-18 05:01 -------- d-----w- c:\users\Miska\AppData\Roaming\FiraxisLive
2016-02-18 05:00 . 2016-02-18 05:00 -------- d-----w- c:\users\Miska\AppData\Roaming\ModLauncherWPF
2016-02-10 12:09 . 2016-01-22 06:48 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2016-02-10 12:06 . 2016-01-07 17:42 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-02-10 12:05 . 2016-01-16 19:01 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-02-06 12:56 . 2016-02-06 12:58 -------- d-----w- c:\users\Miska\AppData\Roaming\.dreamcraft2
2016-02-05 07:41 . 2015-07-20 17:17 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDFB8F99-0CA7-4B2F-B85B-D4034A78B702}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 20:11 . 2014-11-22 04:01 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-01-27 16:03 . 2014-11-21 23:36 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-01-27 13:27 . 2014-12-25 16:53 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-01-22 06:19 . 2016-02-10 12:05 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-10 12:05 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-10 12:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-16 17:34 . 2015-12-25 08:53 938104 ----a-w- c:\windows\system32\NvFBC64.dll
2015-12-16 17:34 . 2015-12-25 08:53 872056 ----a-w- c:\windows\system32\NvIFR64.dll
2015-12-16 17:34 . 2015-12-25 08:53 734512 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-12-16 17:34 . 2015-12-25 08:53 681592 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-12-16 17:34 . 2015-12-25 08:53 502080 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-12-16 17:34 . 2015-12-25 08:53 469144 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-12-16 17:34 . 2015-12-25 08:53 42977072 ----a-w- c:\windows\system32\nvcompiler.dll
2015-12-16 17:34 . 2015-12-25 08:53 423264 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-12-16 17:34 . 2015-12-25 08:53 416376 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-12-16 17:34 . 2015-12-25 08:53 388560 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-12-16 17:34 . 2015-12-25 08:53 37609080 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-12-16 17:34 . 2015-12-25 08:53 370808 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-12-16 17:34 . 2015-12-25 08:53 3637352 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-16 17:34 . 2015-12-25 08:53 3211760 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-16 17:34 . 2015-12-25 08:53 3168376 ----a-w- c:\windows\system32\nvcuvid.dll
2015-12-16 17:34 . 2015-12-25 08:53 31061624 ----a-w- c:\windows\system32\nvoglv64.dll
2015-12-16 17:34 . 2015-12-25 08:53 2755704 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-12-16 17:34 . 2015-12-25 08:53 24895792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-12-16 17:34 . 2015-12-25 08:53 21122456 ----a-w- c:\windows\system32\nvopencl.dll
2015-12-16 17:34 . 2015-12-25 08:53 20663816 ----a-w- c:\windows\system32\nvcuda.dll
2015-12-16 17:34 . 2015-12-25 08:53 1915696 ----a-w- c:\windows\system32\nvdispco6436143.dll
2015-12-16 17:34 . 2015-12-25 08:53 17561432 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-12-16 17:34 . 2015-12-25 08:53 175368 ----a-w- c:\windows\system32\nvinitx.dll
2015-12-16 17:34 . 2015-12-25 08:53 17156968 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-12-16 17:34 . 2015-12-25 08:53 16981976 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-12-16 17:34 . 2015-12-25 08:53 1564976 ----a-w- c:\windows\system32\nvdispgenco6436143.dll
2015-12-16 17:34 . 2015-12-25 08:53 153392 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-12-16 17:34 . 2015-12-25 08:53 151184 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-12-16 17:34 . 2015-12-25 08:53 14005408 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-16 17:34 . 2015-12-25 08:53 128696 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-12-16 17:34 . 2015-12-25 08:53 12334200 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-12-16 17:34 . 2015-12-25 08:25 18716176 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-16 17:34 . 2015-12-25 08:25 16286888 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-12-16 14:53 . 2015-12-25 08:26 6359672 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-16 14:53 . 2015-12-25 08:26 2985080 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-16 14:53 . 2015-12-25 08:54 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-16 14:53 . 2015-12-25 08:54 523384 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-16 14:53 . 2015-12-25 08:54 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-16 14:53 . 2015-12-25 08:26 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-12-16 14:53 . 2015-12-25 08:26 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-16 14:53 . 2015-12-25 08:26 1256240 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-16 14:49 . 2015-12-25 08:26 6090019 ----a-w- c:\windows\system32\nvcoproc.bin
2015-12-16 14:39 . 2015-12-25 08:54 103032 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-12-09 03:39 . 2010-11-21 03:27 301728 ----a-w- c:\windows\system32\MpSigStub.exe
2015-12-08 21:54 . 2016-01-12 19:59 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 902144 ----a-w- c:\windows\SysWow64\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 739328 ----a-w- c:\windows\SysWow64\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 541184 ----a-w- c:\windows\SysWow64\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 815616 ----a-w- c:\windows\SysWow64\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-12 19:59 740352 ----a-w- c:\windows\SysWow64\wmpmde.dll
2015-12-08 21:54 . 2016-01-12 19:59 665088 ----a-w- c:\windows\SysWow64\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 1568768 ----a-w- c:\windows\SysWow64\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 358400 ----a-w- c:\windows\SysWow64\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-12 19:59 1325056 ----a-w- c:\windows\SysWow64\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-12 19:59 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-12 19:59 154112 ----a-w- c:\windows\SysWow64\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-12 19:59 206848 ----a-w- c:\windows\SysWow64\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-12 19:59 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2015-12-08 21:53 . 2016-01-12 19:59 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-12-08 21:53 . 2016-01-12 19:59 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-12-08 21:53 . 2016-01-12 19:59 206848 ----a-w- c:\windows\SysWow64\qasf.dll
2015-12-08 21:53 . 2016-01-12 19:59 970240 ----a-w- c:\windows\SysWow64\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-12 19:59 829952 ----a-w- c:\windows\SysWow64\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-12 19:59 241152 ----a-w- c:\windows\SysWow64\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-12 19:59 79872 ----a-w- c:\windows\SysWow64\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-12 19:59 415744 ----a-w- c:\windows\SysWow64\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-12 19:59 241152 ----a-w- c:\windows\SysWow64\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-12 19:59 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-12-08 21:53 . 2016-01-12 19:59 609280 ----a-w- c:\windows\SysWow64\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-12 19:59 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-12-08 21:53 . 2016-01-12 19:59 53248 ----a-w- c:\windows\SysWow64\mfvdsp.dll
2015-12-08 21:53 . 2016-01-12 19:59 4608 ----a-w- c:\windows\SysWow64\ksuser.dll
2015-12-08 21:53 . 2016-01-12 19:59 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-12-08 21:53 . 2016-01-12 19:59 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-12-08 21:53 . 2016-01-12 19:59 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2015-12-08 21:53 . 2016-01-12 19:59 153600 ----a-w- c:\windows\SysWow64\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-12 19:59 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-12-08 21:53 . 2016-01-12 19:59 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-12-08 21:53 . 2016-01-12 19:59 193536 ----a-w- c:\windows\SysWow64\ksproxy.ax
2015-12-08 21:52 . 2016-01-12 19:56 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-12-08 21:50 . 2016-01-12 19:59 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2015-12-08 19:07 . 2016-01-12 19:59 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 1232896 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 978944 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 666112 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 1153024 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 19:07 . 2016-01-12 19:59 1955328 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 1026048 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 19:07 . 2016-01-12 19:59 642048 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 447488 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 19:07 . 2016-01-12 19:59 1575424 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 19:07 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 19:07 . 2016-01-12 19:59 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 19:07 . 2016-01-12 19:59 292352 ----a-w- c:\windows\system32\VIDRESZR.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2014-12-22 37152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog64.sys;c:\windows\SYSNATIVE\drivers\AntiLog64.sys [x]
R1 iSafeKrnlMon;YAC Monitor Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
R3 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R3 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-22 07:02]
.
2015-01-09 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2014-12-22 06:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
mDefault_Page_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
TCP: DhcpNameServer = 82.202.120.1 81.19.33.2
FF - ProfilePath - c:\users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\3sygjmgz.default-1456474876523\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b1bd218d} - c:\progra~2\StatFunc\StatFunc.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3830967693-838441426-3976063742-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:be,79,6d,50,c4,07,ae,56,75,8d,4a,b6,21,75,d5,19,7e,e2,90,f7,c3,78,c1,
c4,4d,6d,5e,9e,53,cb,84,65,e8,bf,f6,fe,5c,36,4a,63,d2,97,33,24,70,14,25,f2,\
"??"=hex:e7,21,0e,e9,22,0c,bc,d0,d7,e8,76,fd,83,92,b2,dc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-02-27 09:12:18
ComboFix-quarantined-files.txt 2016-02-27 08:12
ComboFix2.txt 2016-02-27 08:01
.
Před spuštěním: Volných bajtů: 242 346 405 888
Po spuštění: Volných bajtů: 242 273 984 512
.
- - End Of File - - 917640EFCA30C5AA464686D0B09B2717
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
některé programy nejdou spustit,prosím o kontrolu logu. Díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Krasny den Vam preju 
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu.
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Díky za rychlou odpověd, to je právě to co mi nefunguje, jako i některé další programy, firefox mi pokaždé spadne, vůbec nevím co to je:-(
Název chybující aplikace: adwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x450
Čas spuštění chybující aplikace: 0x01d1714814533166
Cesta k chybující aplikaci: C:\Users\Miska\Downloads\adwcleaner_5.036.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\iertutil.dll
ID zprávy: 53122a53-dd3b-11e5-a2a9-74d435137277
tohle mi to vždy píše v prohlížeči událostí.
Název chybující aplikace: adwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x450
Čas spuštění chybující aplikace: 0x01d1714814533166
Cesta k chybující aplikaci: C:\Users\Miska\Downloads\adwcleaner_5.036.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\iertutil.dll
ID zprávy: 53122a53-dd3b-11e5-a2a9-74d435137277
tohle mi to vždy píše v prohlížeči událostí.
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala 
Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Otestujte na virustotal.com C:\Windows\syswow64\iertutil.dll - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy. Od kdy problem pozorujete?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
předevčírem večer mi začal padat firefox a poté i některé další programy
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Miska (2016-02-27 12:14:43)
Running from C:\Users\Miska\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-19 20:01:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3830967693-838441426-3976063742-500 - Administrator - Disabled)
Guest (S-1-5-21-3830967693-838441426-3976063742-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3830967693-838441426-3976063742-1004 - Limited - Enabled)
Miska (S-1-5-21-3830967693-838441426-3976063742-1002 - Administrator - Enabled) => C:\Users\Miska
oem (S-1-5-21-3830967693-838441426-3976063742-1000 - Administrator - Enabled) => C:\Users\oem
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.31 - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BLACKHOLE (HKLM-x32\...\Steam App 322680) (Version: - FiolaSoft Studio)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version: - Arkane Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Don't Starve Together Dedicated Server (HKLM-x32\...\Steam App 343050) (Version: - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.15 (HKLM-x32\...\Glary Utilities 5) (Version: 5.15.0.28 - Glarysoft Ltd)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kingdom (HKLM-x32\...\Steam App 368230) (Version: - Noio)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
LEGO® Jurassic World (HKLM-x32\...\Steam App 352400) (Version: - TT Games Ltd)
Math Problem Solver (HKU\S-1-5-21-3830967693-838441426-3976063742-1002\...\Math Problem Solver) (Version: - ) <==== ATTENTION
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft: Story Mode - A Telltale Games Series (HKLM-x32\...\Steam App 376870) (Version: - Telltale Games)
Mozilla Firefox 44.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 cs)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NoMore Ads (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - NoMore Ads) <==== ATTENTION
NVIDIA Ovladač 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)
Rayman Legends (HKLM-x32\...\{72B119B2-493F-4040-A4A7-69830B0BDDAE}_is1) (Version: 1.3 - Ubisoft Entertainment, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3830967693-838441426-3976063742-1002\...\SeznamInstall) (Version: - Seznam.cz)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
Star Wars Galactic Battlegrounds (HKLM-x32\...\{A202BDBA-753F-41B9-B649-CFB0B45FC03E}) (Version: - )
Star Wars Galactic Battlegrounds: Clone Campaigns (HKLM-x32\...\{0314ED3D-26A7-4F62-86A2-6B23353445E8}) (Version: - )
Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.37822 - Electronic Arts)
StatFunc (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b1bd218d}) (Version: - Software Publisher) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The LEGO® Movie - Videogame (HKLM-x32\...\Steam App 267530) (Version: - TT Fusion)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Tom and Jerry in Fists of Furry (HKLM-x32\...\{52EC4A8F-2C88-11D6-B5A7-0050DA346D4C}) (Version: - )
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WMI Tools (HKLM-x32\...\{25A13826-8E4A-4FBF-AD2B-776447FE9646}) (Version: 1.50.1131.0001 - Microsoft Corporation)
WorldPainter 2.0.2 (HKLM\...\4144-4862-0472-7103) (Version: 2.0.2 - pepsoft.org)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3830967693-838441426-3976063742-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11582BA0-7D9F-44C1-BD1C-B7A9438BADAC} - System32\Tasks\Math Problem Solver GPU => C:\Users\Miska\AppData\Local\Math Problem Solver\gpu\dummysleep.exe [2014-05-11] () <==== ATTENTION
Task: {189D1075-2C56-4B17-96C1-6DC7428BCA7A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-12-22] (Glarysoft Ltd)
Task: {18ED2824-9188-49D6-BE53-CE705293902C} - System32\Tasks\AdobeAAMUpdater-1.0-Miska-PC-Miska => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3954EC76-EFDB-4A15-B86A-C23B241E8470} - System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => pcalua.exe -a F:\5900_csy_win2k_xp.exe -d F:\
Task: {3DC03342-658F-49C9-8D7B-1CBB9D767049} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {45B145A9-4A76-4FC6-8F30-6565A80D8492} - System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => pcalua.exe -a C:\Users\Miska\Desktop\pbsetup.exe -d C:\Users\Miska\Desktop
Task: {4CFC6D10-6A0E-4581-A9DC-40351EFE867E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-23] (Adobe Systems Incorporated)
Task: {71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Miska\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION
Task: {776C398E-15FA-45EF-88A4-EC3DF08C4C4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8FC6647F-037B-49AD-B612-07454369C571} - System32\Tasks\Math Problem Solver CPU => C:\Users\Miska\AppData\Local\Math Problem Solver\cpu\Solve.exe [2014-01-23] () <==== ATTENTION
Task: {94388547-AFB5-40E1-8A31-E5F304F8BA53} - System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => pcalua.exe -a C:\Users\Miska\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {B4E976DC-A7C2-479F-9065-68C733CEF7D8} - System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => pcalua.exe -a C:\Users\Miska\Downloads\jxpiinstall.exe -d C:\Users\Miska\Downloads
Task: {F2B17B7A-CDC4-4AC1-9CA4-1DD5F7407616} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-12-22] (Glarysoft Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-25 09:26 - 2015-12-16 15:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-16 20:06 - 2012-01-16 20:06 - 00577621 _____ () C:\Program Files (x86)\Spyware Terminator\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:E6E3D650
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-02-27 08:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miska\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.202.120.1 - 81.19.33.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Miska\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Miska\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VIAxHCUtl => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C8177782-D817-41EC-AC48-CC7D7A0DEFA3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2C4DAA84-BFAC-4D13-BC33-3596048BBBF4}] => (Allow) svchost.exe
FirewallRules: [{AB5FBBBA-CDE6-4E5A-9F9B-37F38A35EA41}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{83CBF243-CAE4-4BFB-A53D-70567A084937}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17CA5F11-8FFA-44CE-8FD4-E2503B5527F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C987988-490E-4E8E-9113-2EA6FF10790D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8D192007-10A1-42D9-ADF9-36D557FA55EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEECE8D6-B266-468B-BFD8-73A27F4FCC32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{34FF94D3-C4A4-4A3C-B651-132786212A18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E5854AE9-12FB-4341-BE0E-2AF0A1C44E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{ED818647-AA83-4BA0-8C15-DF4CB043CDE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{389DCB67-059B-43B3-81A7-15F15CF9B2ED}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{8438D38A-8FB8-4055-9869-3D65EAC78484}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [TCP Query User{6F4F400D-D475-4954-990E-B0591BEDE866}C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{7CC69DE1-F3CC-4D5B-A8A7-816A4669B96A}C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe
FirewallRules: [{4040B79E-ECE8-4CD6-A741-9A50470FE939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7E00491D-52D6-4822-A854-3F23781E734B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9897E3DD-43DA-462F-9F18-463E4BD6588A}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{DD88C1F4-0F5C-489D-A4C6-2C4124436A5C}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{59A52632-6712-4292-AF4C-8ECF221F8905}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{28C5CB5A-1E37-49C8-B5DD-1A4CFCC44A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4E8B9A3F-8623-4F7B-BD44-522BE9AE367C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E9E35D9C-0D26-4E57-9A21-6D2793B95EB4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FF5A25D8-0649-4E09-877C-D2917D4C838B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{45B38F77-26EE-4515-AC56-9ECA3EC9901D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9D40157C-2F6F-40CC-B44E-CECBCAD6B73A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5B2C5941-AD4F-4B23-B2E0-411521BF82F8}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{429E0797-228E-40D7-A631-D9EBAF278A29}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{6F7110EF-99CF-47EB-AB53-8A8F2E830086}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{3CD8DBD3-B163-48EC-BFF6-BE15D8A2AE64}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{6DF8A00B-FC06-42B6-BBEF-BDAAA73D699C}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{AF571BDD-7CAC-4024-92CB-9640A1EE08BF}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{545EA866-F5CE-4F77-B639-603D930DC64B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{60522D98-7CAC-4296-997B-21343C26840B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{1CBF582F-202C-4FF8-80E2-B6F3C3B95327}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{76711DA2-7A60-4B1F-B0C6-5857C6DD992C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{CA9D105F-8F6F-4E26-B4E3-928C39FAE98B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{871626ED-2C8F-4931-BCC0-21362FA231CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{498E45D9-A7D1-4CE4-80AC-49FB6E350CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{CE617D2B-7EF7-42E7-A081-897ABDFB9AC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{3D571EA0-2675-4982-AB1D-F6641BAB7054}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{C8A79676-BA9A-4EB0-AE87-228588EC7C63}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{82DF800F-47C9-4C66-9431-F2637678538A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CFF1B5A-1F41-46FB-AC46-0E60C43452E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{516D0F52-ABF5-4001-B108-F4B5CF601540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{EBD1CDD1-7691-49D2-B3F1-848B921D95AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{FB7D18F0-55FF-4FD2-97B1-66AFBF91D3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{D331C4D3-CD48-41CC-BC87-26CBEF6EC1A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{F4C8A0F3-9BD3-4C63-8B71-B7B9986C7348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{36A919AB-FB64-4382-ABD6-A21923E0E402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{F2239B96-D11D-431C-8CF7-B9D7CE025CFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{90E9CD53-EAA9-4EBC-A56F-2CE9D8B7ECF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{3FF5E40C-D963-493E-8C5E-E485904A98CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{EBDB506B-D076-4E74-9913-759BA3565109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{E28E9AA3-EF66-4C03-806C-E0D67A61EE35}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9FA99B65-167D-496B-9C72-E0B9AEEDD20B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{53A32412-BBBA-4E42-BC1B-F18063D5D139}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EE0E709F-C295-4D68-ABBA-FD86721F99F4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5F068E6C-FA8A-4D19-BF65-94379923B871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{44DB3FA3-BEFE-43DF-A00A-D813F54AAB1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{60E9CD36-EF61-4E2B-A0E9-5A21DF8FFFB7}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{BBC68F00-E78C-4217-8F62-C587D339E655}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{9378968E-7595-416B-9E7D-7A46BBDD2980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{6448949E-A4C9-46DE-B2B5-C680B3593522}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{741B3ADF-36C4-43F5-AB05-B5066FF770B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{87520492-5E10-4D13-8873-0B65AC15335D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{DC810B0C-FE40-487B-8B30-2B0D14526FA5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat
FirewallRules: [{237FBD1B-CC65-4BC1-81A9-3AABAF834366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{77FA628D-700F-422A-9DA0-6B299C456B1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{BB5792D8-4872-47E7-824C-1BF5CAF6811D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BlackHole.exe
FirewallRules: [{86929DE6-2E4B-4E90-96BD-3305333B66F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BlackHole.exe
FirewallRules: [{9E3069FC-3FF2-40E2-8730-FDCBE5AFE076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{126CA069-FA13-4069-AFBD-D252708FF349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{BD748845-A44D-49FB-89BE-FB80BFB3CF72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{95BA65B2-1E6C-4682-A9B2-3D44C450C6F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{3E0F92A8-2221-493F-8D46-0801557722B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{FF93AE2A-1E1C-4520-940B-BD1050698592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{748E4BEB-1793-439C-AF51-20DEEE666CBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{9FE5C47A-F5EA-4768-ACAB-28131312AC3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{C0F9E972-822D-4B3F-8762-D4EB5E911C9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\Rayman Legends.exe
FirewallRules: [{AE15B03A-F606-471E-8A34-0F737E59A819}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\Rayman Legends.exe
FirewallRules: [{FE55A532-CB96-420D-A1D1-F493216055F1}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\gu.exe
FirewallRules: [{C1C2E418-03E4-4E5E-9BC6-2867887506FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\gu.exe
FirewallRules: [{A85AA68B-8ADE-449B-AA71-883B67B355A9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{CCE1327C-BDED-4921-8CD0-77C98DD7F838}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2CAB294F-91E1-4001-A360-0926AAC95046}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CB17E648-81E1-4719-86D2-FD2E4BBCF241}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{65017AFE-9CA8-4756-89E3-DB0724E3CACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6C8B350F-A146-4670-A6E4-AD6D414EDDA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{BE542F14-994C-45E1-8EF1-FAD95B6EF359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F722B990-B123-4E03-86BB-EDB2B88650BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{14E029DB-11BA-4DED-AA52-5D6A35FCB272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A27747B4-D9DD-4166-984C-EA8FDD5C3CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{A00C9154-0B1E-4976-A40C-531BE03BA8F8}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{C0AADC92-825D-4E33-BC03-C4FDA4521818}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{4CED3AE9-57FC-4094-9F98-0F19AEB387E1}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe
FirewallRules: [UDP Query User{6645CDFD-19FF-4150-BC23-3E10E7B54B5E}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe
FirewallRules: [TCP Query User{B0552A60-65D0-4AB5-8D58-0DFBA27C6E4B}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe
FirewallRules: [UDP Query User{67D317FC-257D-495A-ADEC-C5979EC57F7A}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe
FirewallRules: [{DE16920C-8575-41AF-9EE0-4D98014475D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{9C1AA21E-E43C-477D-AA53-F3BC21878463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{D9E82B7B-9868-4C5D-A153-4E62DD48C10A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{5B4E3034-6366-478B-B95B-43BC0F1DFBBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{05D9CE5E-0E61-48F0-811F-E38D25D62A9D}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{52CA6E2C-76EE-449B-BD2A-1F39339C8F0A}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{8AAF8E28-BF39-4090-A3F6-D1C060A9AFAB}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{84A51F98-F3D3-4248-BAFB-E4D9ACE958BD}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{80AFCDA3-E189-43D3-8EF9-2E65454C40E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{5414B2F8-5154-4A54-A913-6384E62687BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{A69CAEB4-0309-4008-ACC4-89E130645068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{C6FE25FC-6414-4F18-95AC-AFAF087CD297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{DB8E0A87-8026-4A3C-A47A-D9EE3D946762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{C0E2FD14-0C95-49EA-AB4D-AA98296845A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{B452EAB4-4307-4054-89CE-4EB7C709D46B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{4A564995-36BD-4CA5-AF1B-CB2CA479DD8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{AB256E79-236E-4A12-9E18-AA8DB5313136}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2BB21F1A-EE04-4793-9BA9-135A69C2988A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F1AD01-2118-4455-82ED-8A41EEDCFFA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{FC8DD1D3-2A7E-4025-8A60-D1A09899DB1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{07F6CDF2-DBE2-43CD-A569-2EC1C8E49619}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{726C8BFF-DC08-4F27-9BCE-A293225127DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{2C3D26DE-7C7D-4ABB-9F63-FD0325BB3F31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{B79F3322-FE53-4CDB-BF8B-F4EB6444F311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{87157D5E-1DC5-43F6-B5E0-A21995715C73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39142C87-1385-4623-9E60-7A1941DC6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0838506C-1731-4656-A203-B23FD1BAB9F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{A226B4B4-BF82-452E-BE4F-FD0AF0B397F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{719B3551-43D7-4D4A-9136-4C928B71575B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{8B125739-960D-4B92-BB9F-FF383FA2254C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{E79FE5B6-A729-4345-AB1D-ABC6A2EA2541}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{63FDD159-6D90-4F28-81FC-F0220E873A43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F1C59246-4A6C-45F8-B92A-E407C66223FC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{7095ADFA-5B6E-41B7-A534-83DBF912A73C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{D22BD9A8-243E-45FC-83AB-B5E3C3FA4EC0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4416D5FE-FA80-4CA6-8E7F-3ABCBC2B2B24}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0CCAB1A8-4809-41C3-B39A-97B61F25FDEA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{525FED7F-05B6-4B0F-9CD8-788A7B81474C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7A4ECC8B-16D8-4F04-B61B-1EB3C156CD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AB1C7ED9-411E-46EF-935C-445B78A5D8FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{3F20384A-2C32-4205-8552-0CDEF7D75AA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{5B7CA50B-E83E-431A-92EB-FFD28AF40400}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{5291E9CC-5A26-49AE-823B-3B3D9E58260F}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{FE32D79D-F5D3-4D1C-9BFC-897071789A4F}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{90DB6223-A8BC-42D9-AF03-5E642548435D}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{AF0ADAA3-C348-41A6-AD3A-2CD34D41A0C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{F9128BB1-F5C0-49D7-927E-75FF025D4605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{CBC91EFC-4AFA-45AA-A215-C817AB04579A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4F1AF6A0-CE6D-45A9-AC5A-59E24CDFA470}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{167056CD-4AB0-4C70-9022-5C23724A4357}C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{A81EF56E-D4F7-42B2-8BFE-8CB684A67DCC}C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{E4C89C45-8AF8-4177-A4F7-E74079392EDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{6D8CD605-FF60-4DF2-939A-73CEB09C2867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{EAE16D65-519E-4A44-B1B2-AFC093547EF3}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{2B39B1A8-73AF-4FA6-8CB6-5A089AFC4B95}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{D448D6B0-1F4E-42CB-B379-999F09192A4F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B53A9295-2CA0-4183-BD0D-16DB21F79A50}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F3A3BB7A-A4A0-4F50-8B79-932845786923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{DEF6D6A1-8042-4660-A5B4-6E99FF0C1816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{6580D736-6385-4CD7-8B92-4B82E708A4E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{D9D86507-C4F7-499D-9DA1-73E44636CB25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin\dontstarve_dedicated_server_nullrenderer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
22-02-2016 18:07:30 Naplánovaný kontrolní bod
23-02-2016 14:18:04 Installed Minecraft
24-02-2016 07:58:19 Windows Update
24-02-2016 08:04:51 paint.net 4.0.9
24-02-2016 21:00:08 Windows Update
25-02-2016 21:40:18 Operace obnovení
26-02-2016 09:22:40 Windows Update
27-02-2016 11:40:24 Instalováno Realtek Ethernet Controller Driver
==================== Faulty Device Manager Devices =============
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2016 11:17:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x450
Čas spuštění chybující aplikace: 0xadwcleaner_5.036.exe0
Cesta k chybující aplikaci: adwcleaner_5.036.exe1
Cesta k chybujícímu modulu: adwcleaner_5.036.exe2
ID zprávy: adwcleaner_5.036.exe3
Error: (02/27/2016 10:28:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xe48
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 10:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: _iu14D2N.tmp, verze: 51.52.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xff0
Čas spuštění chybující aplikace: 0x_iu14D2N.tmp0
Cesta k chybující aplikaci: _iu14D2N.tmp1
Cesta k chybujícímu modulu: _iu14D2N.tmp2
ID zprávy: _iu14D2N.tmp3
Error: (02/27/2016 10:25:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RegInOut.exe, verze: 4.0.0.1, časové razítko: 0x55c4d3d9
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xe10
Čas spuštění chybující aplikace: 0xRegInOut.exe0
Cesta k chybující aplikaci: RegInOut.exe1
Cesta k chybujícímu modulu: RegInOut.exe2
ID zprávy: RegInOut.exe3
Error: (02/27/2016 10:25:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RegInOut.exe, verze: 4.0.0.1, časové razítko: 0x55c4d3d9
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x93c
Čas spuštění chybující aplikace: 0xRegInOut.exe0
Cesta k chybující aplikaci: RegInOut.exe1
Cesta k chybujícímu modulu: RegInOut.exe2
ID zprávy: RegInOut.exe3
Error: (02/27/2016 10:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xfc4
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 10:10:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CrashReport.exe, verze: 5.0.0.4, časové razítko: 0x53ba16f3
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xCrashReport.exe0
Cesta k chybující aplikaci: CrashReport.exe1
Cesta k chybujícímu modulu: CrashReport.exe2
ID zprávy: CrashReport.exe3
Error: (02/27/2016 10:09:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xf94
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 09:14:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.18205, časové razítko: 0x56a1b6f6
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fcabe
ID chybujícího procesu: 0xe2c
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Error: (02/27/2016 08:45:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbea
ID chybujícího procesu: 0xfc0
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
System errors:
=============
Error: (02/27/2016 09:43:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
iSafeKrnlMon
Error: (02/27/2016 09:11:15 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 09:09:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 09:06:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/27/2016 08:59:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 08:59:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (02/27/2016 08:56:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.35.0.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.7036.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.7036.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
CodeIntegrity:
===================================
Date: 2016-02-27 08:59:13.827
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-27 08:59:13.796
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 27%
Total physical RAM: 8053.94 MB
Available physical RAM: 5829.11 MB
Total Virtual: 16106.08 MB
Available Virtual: 13749 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:225.18 GB) NTFS
Drive f: () (Fixed) (Total:465.75 GB) (Free:2.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78CC7FFF)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1BEF1BEE)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Miska (2016-02-27 12:14:43)
Running from C:\Users\Miska\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-19 20:01:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3830967693-838441426-3976063742-500 - Administrator - Disabled)
Guest (S-1-5-21-3830967693-838441426-3976063742-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3830967693-838441426-3976063742-1004 - Limited - Enabled)
Miska (S-1-5-21-3830967693-838441426-3976063742-1002 - Administrator - Enabled) => C:\Users\Miska
oem (S-1-5-21-3830967693-838441426-3976063742-1000 - Administrator - Enabled) => C:\Users\oem
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.31 - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BLACKHOLE (HKLM-x32\...\Steam App 322680) (Version: - FiolaSoft Studio)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version: - Arkane Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Don't Starve Together Dedicated Server (HKLM-x32\...\Steam App 343050) (Version: - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.15 (HKLM-x32\...\Glary Utilities 5) (Version: 5.15.0.28 - Glarysoft Ltd)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kingdom (HKLM-x32\...\Steam App 368230) (Version: - Noio)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
LEGO® Jurassic World (HKLM-x32\...\Steam App 352400) (Version: - TT Games Ltd)
Math Problem Solver (HKU\S-1-5-21-3830967693-838441426-3976063742-1002\...\Math Problem Solver) (Version: - ) <==== ATTENTION
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft: Story Mode - A Telltale Games Series (HKLM-x32\...\Steam App 376870) (Version: - Telltale Games)
Mozilla Firefox 44.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 cs)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
NoMore Ads (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - NoMore Ads) <==== ATTENTION
NVIDIA Ovladač 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)
Rayman Legends (HKLM-x32\...\{72B119B2-493F-4040-A4A7-69830B0BDDAE}_is1) (Version: 1.3 - Ubisoft Entertainment, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3830967693-838441426-3976063742-1002\...\SeznamInstall) (Version: - Seznam.cz)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
Star Wars Galactic Battlegrounds (HKLM-x32\...\{A202BDBA-753F-41B9-B649-CFB0B45FC03E}) (Version: - )
Star Wars Galactic Battlegrounds: Clone Campaigns (HKLM-x32\...\{0314ED3D-26A7-4F62-86A2-6B23353445E8}) (Version: - )
Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.37822 - Electronic Arts)
StatFunc (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b1bd218d}) (Version: - Software Publisher) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Steam App 264710) (Version: - Unknown Worlds Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The LEGO® Movie - Videogame (HKLM-x32\...\Steam App 267530) (Version: - TT Fusion)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Tom and Jerry in Fists of Furry (HKLM-x32\...\{52EC4A8F-2C88-11D6-B5A7-0050DA346D4C}) (Version: - )
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WMI Tools (HKLM-x32\...\{25A13826-8E4A-4FBF-AD2B-776447FE9646}) (Version: 1.50.1131.0001 - Microsoft Corporation)
WorldPainter 2.0.2 (HKLM\...\4144-4862-0472-7103) (Version: 2.0.2 - pepsoft.org)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version: - Firaxis)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3830967693-838441426-3976063742-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11582BA0-7D9F-44C1-BD1C-B7A9438BADAC} - System32\Tasks\Math Problem Solver GPU => C:\Users\Miska\AppData\Local\Math Problem Solver\gpu\dummysleep.exe [2014-05-11] () <==== ATTENTION
Task: {189D1075-2C56-4B17-96C1-6DC7428BCA7A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-12-22] (Glarysoft Ltd)
Task: {18ED2824-9188-49D6-BE53-CE705293902C} - System32\Tasks\AdobeAAMUpdater-1.0-Miska-PC-Miska => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3954EC76-EFDB-4A15-B86A-C23B241E8470} - System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => pcalua.exe -a F:\5900_csy_win2k_xp.exe -d F:\
Task: {3DC03342-658F-49C9-8D7B-1CBB9D767049} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {45B145A9-4A76-4FC6-8F30-6565A80D8492} - System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => pcalua.exe -a C:\Users\Miska\Desktop\pbsetup.exe -d C:\Users\Miska\Desktop
Task: {4CFC6D10-6A0E-4581-A9DC-40351EFE867E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-23] (Adobe Systems Incorporated)
Task: {71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Miska\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION
Task: {776C398E-15FA-45EF-88A4-EC3DF08C4C4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8FC6647F-037B-49AD-B612-07454369C571} - System32\Tasks\Math Problem Solver CPU => C:\Users\Miska\AppData\Local\Math Problem Solver\cpu\Solve.exe [2014-01-23] () <==== ATTENTION
Task: {94388547-AFB5-40E1-8A31-E5F304F8BA53} - System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => pcalua.exe -a C:\Users\Miska\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {B4E976DC-A7C2-479F-9065-68C733CEF7D8} - System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => pcalua.exe -a C:\Users\Miska\Downloads\jxpiinstall.exe -d C:\Users\Miska\Downloads
Task: {F2B17B7A-CDC4-4AC1-9CA4-1DD5F7407616} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-12-22] (Glarysoft Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-25 09:26 - 2015-12-16 15:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-16 20:06 - 2012-01-16 20:06 - 00577621 _____ () C:\Program Files (x86)\Spyware Terminator\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:E6E3D650
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-02-27 08:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Miska\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.202.120.1 - 81.19.33.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Miska\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Miska\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VIAxHCUtl => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C8177782-D817-41EC-AC48-CC7D7A0DEFA3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2C4DAA84-BFAC-4D13-BC33-3596048BBBF4}] => (Allow) svchost.exe
FirewallRules: [{AB5FBBBA-CDE6-4E5A-9F9B-37F38A35EA41}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{83CBF243-CAE4-4BFB-A53D-70567A084937}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17CA5F11-8FFA-44CE-8FD4-E2503B5527F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C987988-490E-4E8E-9113-2EA6FF10790D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8D192007-10A1-42D9-ADF9-36D557FA55EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEECE8D6-B266-468B-BFD8-73A27F4FCC32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{34FF94D3-C4A4-4A3C-B651-132786212A18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E5854AE9-12FB-4341-BE0E-2AF0A1C44E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{ED818647-AA83-4BA0-8C15-DF4CB043CDE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{389DCB67-059B-43B3-81A7-15F15CF9B2ED}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{8438D38A-8FB8-4055-9869-3D65EAC78484}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [TCP Query User{6F4F400D-D475-4954-990E-B0591BEDE866}C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{7CC69DE1-F3CC-4D5B-A8A7-816A4669B96A}C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\origin games\crysis 2\bin32\crysis2.exe
FirewallRules: [{4040B79E-ECE8-4CD6-A741-9A50470FE939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7E00491D-52D6-4822-A854-3F23781E734B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9897E3DD-43DA-462F-9F18-463E4BD6588A}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{DD88C1F4-0F5C-489D-A4C6-2C4124436A5C}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{59A52632-6712-4292-AF4C-8ECF221F8905}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{28C5CB5A-1E37-49C8-B5DD-1A4CFCC44A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4E8B9A3F-8623-4F7B-BD44-522BE9AE367C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E9E35D9C-0D26-4E57-9A21-6D2793B95EB4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FF5A25D8-0649-4E09-877C-D2917D4C838B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{45B38F77-26EE-4515-AC56-9ECA3EC9901D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9D40157C-2F6F-40CC-B44E-CECBCAD6B73A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5B2C5941-AD4F-4B23-B2E0-411521BF82F8}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{429E0797-228E-40D7-A631-D9EBAF278A29}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{6F7110EF-99CF-47EB-AB53-8A8F2E830086}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{3CD8DBD3-B163-48EC-BFF6-BE15D8A2AE64}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{6DF8A00B-FC06-42B6-BBEF-BDAAA73D699C}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{AF571BDD-7CAC-4024-92CB-9640A1EE08BF}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{545EA866-F5CE-4F77-B639-603D930DC64B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{60522D98-7CAC-4296-997B-21343C26840B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{1CBF582F-202C-4FF8-80E2-B6F3C3B95327}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{76711DA2-7A60-4B1F-B0C6-5857C6DD992C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{CA9D105F-8F6F-4E26-B4E3-928C39FAE98B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{871626ED-2C8F-4931-BCC0-21362FA231CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{498E45D9-A7D1-4CE4-80AC-49FB6E350CAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{CE617D2B-7EF7-42E7-A081-897ABDFB9AC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{3D571EA0-2675-4982-AB1D-F6641BAB7054}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{C8A79676-BA9A-4EB0-AE87-228588EC7C63}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{82DF800F-47C9-4C66-9431-F2637678538A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CFF1B5A-1F41-46FB-AC46-0E60C43452E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{516D0F52-ABF5-4001-B108-F4B5CF601540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{EBD1CDD1-7691-49D2-B3F1-848B921D95AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe
FirewallRules: [{FB7D18F0-55FF-4FD2-97B1-66AFBF91D3F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{D331C4D3-CD48-41CC-BC87-26CBEF6EC1A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe
FirewallRules: [{F4C8A0F3-9BD3-4C63-8B71-B7B9986C7348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{36A919AB-FB64-4382-ABD6-A21923E0E402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aliens vs Predator\AvP.exe
FirewallRules: [{F2239B96-D11D-431C-8CF7-B9D7CE025CFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{90E9CD53-EAA9-4EBC-A56F-2CE9D8B7ECF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage.exe
FirewallRules: [{3FF5E40C-D963-493E-8C5E-E485904A98CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{EBDB506B-D076-4E74-9913-759BA3565109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{E28E9AA3-EF66-4C03-806C-E0D67A61EE35}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9FA99B65-167D-496B-9C72-E0B9AEEDD20B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{53A32412-BBBA-4E42-BC1B-F18063D5D139}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EE0E709F-C295-4D68-ABBA-FD86721F99F4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5F068E6C-FA8A-4D19-BF65-94379923B871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{44DB3FA3-BEFE-43DF-A00A-D813F54AAB1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{60E9CD36-EF61-4E2B-A0E9-5A21DF8FFFB7}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{BBC68F00-E78C-4217-8F62-C587D339E655}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{9378968E-7595-416B-9E7D-7A46BBDD2980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{6448949E-A4C9-46DE-B2B5-C680B3593522}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{741B3ADF-36C4-43F5-AB05-B5066FF770B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{87520492-5E10-4D13-8873-0B65AC15335D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{DC810B0C-FE40-487B-8B30-2B0D14526FA5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat
FirewallRules: [{237FBD1B-CC65-4BC1-81A9-3AABAF834366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{77FA628D-700F-422A-9DA0-6B299C456B1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{BB5792D8-4872-47E7-824C-1BF5CAF6811D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BlackHole.exe
FirewallRules: [{86929DE6-2E4B-4E90-96BD-3305333B66F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BLACKHOLE\BlackHole.exe
FirewallRules: [{9E3069FC-3FF2-40E2-8730-FDCBE5AFE076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{126CA069-FA13-4069-AFBD-D252708FF349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{BD748845-A44D-49FB-89BE-FB80BFB3CF72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{95BA65B2-1E6C-4682-A9B2-3D44C450C6F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{3E0F92A8-2221-493F-8D46-0801557722B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{FF93AE2A-1E1C-4520-940B-BD1050698592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{748E4BEB-1793-439C-AF51-20DEEE666CBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{9FE5C47A-F5EA-4768-ACAB-28131312AC3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{C0F9E972-822D-4B3F-8762-D4EB5E911C9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\Rayman Legends.exe
FirewallRules: [{AE15B03A-F606-471E-8A34-0F737E59A819}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\Rayman Legends.exe
FirewallRules: [{FE55A532-CB96-420D-A1D1-F493216055F1}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\gu.exe
FirewallRules: [{C1C2E418-03E4-4E5E-9BC6-2867887506FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Legends\gu.exe
FirewallRules: [{A85AA68B-8ADE-449B-AA71-883B67B355A9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{CCE1327C-BDED-4921-8CD0-77C98DD7F838}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2CAB294F-91E1-4001-A360-0926AAC95046}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CB17E648-81E1-4719-86D2-FD2E4BBCF241}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{65017AFE-9CA8-4756-89E3-DB0724E3CACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6C8B350F-A146-4670-A6E4-AD6D414EDDA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{BE542F14-994C-45E1-8EF1-FAD95B6EF359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F722B990-B123-4E03-86BB-EDB2B88650BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{14E029DB-11BA-4DED-AA52-5D6A35FCB272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A27747B4-D9DD-4166-984C-EA8FDD5C3CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{A00C9154-0B1E-4976-A40C-531BE03BA8F8}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{C0AADC92-825D-4E33-BC03-C4FDA4521818}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [TCP Query User{4CED3AE9-57FC-4094-9F98-0F19AEB387E1}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe
FirewallRules: [UDP Query User{6645CDFD-19FF-4150-BC23-3E10E7B54B5E}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds.exe
FirewallRules: [TCP Query User{B0552A60-65D0-4AB5-8D58-0DFBA27C6E4B}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe
FirewallRules: [UDP Query User{67D317FC-257D-495A-ADEC-C5979EC57F7A}C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe] => (Allow) C:\program files (x86)\lucasarts\star wars galactic battlegrounds\game\battlegrounds_x1.exe
FirewallRules: [{DE16920C-8575-41AF-9EE0-4D98014475D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{9C1AA21E-E43C-477D-AA53-F3BC21878463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{D9E82B7B-9868-4C5D-A153-4E62DD48C10A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{5B4E3034-6366-478B-B95B-43BC0F1DFBBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{05D9CE5E-0E61-48F0-811F-E38D25D62A9D}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{52CA6E2C-76EE-449B-BD2A-1F39339C8F0A}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{8AAF8E28-BF39-4090-A3F6-D1C060A9AFAB}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{84A51F98-F3D3-4248-BAFB-E4D9ACE958BD}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{80AFCDA3-E189-43D3-8EF9-2E65454C40E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{5414B2F8-5154-4A54-A913-6384E62687BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{A69CAEB4-0309-4008-ACC4-89E130645068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{C6FE25FC-6414-4F18-95AC-AFAF087CD297}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{DB8E0A87-8026-4A3C-A47A-D9EE3D946762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{C0E2FD14-0C95-49EA-AB4D-AA98296845A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{B452EAB4-4307-4054-89CE-4EB7C709D46B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{4A564995-36BD-4CA5-AF1B-CB2CA479DD8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{AB256E79-236E-4A12-9E18-AA8DB5313136}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2BB21F1A-EE04-4793-9BA9-135A69C2988A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F1AD01-2118-4455-82ED-8A41EEDCFFA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{FC8DD1D3-2A7E-4025-8A60-D1A09899DB1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{07F6CDF2-DBE2-43CD-A569-2EC1C8E49619}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{726C8BFF-DC08-4F27-9BCE-A293225127DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{2C3D26DE-7C7D-4ABB-9F63-FD0325BB3F31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{B79F3322-FE53-4CDB-BF8B-F4EB6444F311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kingdom\Kingdom.exe
FirewallRules: [{87157D5E-1DC5-43F6-B5E0-A21995715C73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39142C87-1385-4623-9E60-7A1941DC6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0838506C-1731-4656-A203-B23FD1BAB9F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{A226B4B4-BF82-452E-BE4F-FD0AF0B397F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{719B3551-43D7-4D4A-9136-4C928B71575B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{8B125739-960D-4B92-BB9F-FF383FA2254C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{E79FE5B6-A729-4345-AB1D-ABC6A2EA2541}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{63FDD159-6D90-4F28-81FC-F0220E873A43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F1C59246-4A6C-45F8-B92A-E407C66223FC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{7095ADFA-5B6E-41B7-A534-83DBF912A73C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{D22BD9A8-243E-45FC-83AB-B5E3C3FA4EC0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4416D5FE-FA80-4CA6-8E7F-3ABCBC2B2B24}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0CCAB1A8-4809-41C3-B39A-97B61F25FDEA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{525FED7F-05B6-4B0F-9CD8-788A7B81474C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7A4ECC8B-16D8-4F04-B61B-1EB3C156CD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AB1C7ED9-411E-46EF-935C-445B78A5D8FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{3F20384A-2C32-4205-8552-0CDEF7D75AA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{5B7CA50B-E83E-431A-92EB-FFD28AF40400}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{5291E9CC-5A26-49AE-823B-3B3D9E58260F}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{FE32D79D-F5D3-4D1C-9BFC-897071789A4F}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{90DB6223-A8BC-42D9-AF03-5E642548435D}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{AF0ADAA3-C348-41A6-AD3A-2CD34D41A0C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{F9128BB1-F5C0-49D7-927E-75FF025D4605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{CBC91EFC-4AFA-45AA-A215-C817AB04579A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4F1AF6A0-CE6D-45A9-AC5A-59E24CDFA470}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{167056CD-4AB0-4C70-9022-5C23724A4357}C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{A81EF56E-D4F7-42B2-8BFE-8CB684A67DCC}C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together beta\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{E4C89C45-8AF8-4177-A4F7-E74079392EDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{6D8CD605-FF60-4DF2-939A-73CEB09C2867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{EAE16D65-519E-4A44-B1B2-AFC093547EF3}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{2B39B1A8-73AF-4FA6-8CB6-5A089AFC4B95}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{D448D6B0-1F4E-42CB-B379-999F09192A4F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B53A9295-2CA0-4183-BD0D-16DB21F79A50}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F3A3BB7A-A4A0-4F50-8B79-932845786923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{DEF6D6A1-8042-4660-A5B4-6E99FF0C1816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{6580D736-6385-4CD7-8B92-4B82E708A4E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{D9D86507-C4F7-499D-9DA1-73E44636CB25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Dedicated Server\bin\dontstarve_dedicated_server_nullrenderer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
22-02-2016 18:07:30 Naplánovaný kontrolní bod
23-02-2016 14:18:04 Installed Minecraft
24-02-2016 07:58:19 Windows Update
24-02-2016 08:04:51 paint.net 4.0.9
24-02-2016 21:00:08 Windows Update
25-02-2016 21:40:18 Operace obnovení
26-02-2016 09:22:40 Windows Update
27-02-2016 11:40:24 Instalováno Realtek Ethernet Controller Driver
==================== Faulty Device Manager Devices =============
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2016 11:17:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x450
Čas spuštění chybující aplikace: 0xadwcleaner_5.036.exe0
Cesta k chybující aplikaci: adwcleaner_5.036.exe1
Cesta k chybujícímu modulu: adwcleaner_5.036.exe2
ID zprávy: adwcleaner_5.036.exe3
Error: (02/27/2016 10:28:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xe48
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 10:27:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: _iu14D2N.tmp, verze: 51.52.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xff0
Čas spuštění chybující aplikace: 0x_iu14D2N.tmp0
Cesta k chybující aplikaci: _iu14D2N.tmp1
Cesta k chybujícímu modulu: _iu14D2N.tmp2
ID zprávy: _iu14D2N.tmp3
Error: (02/27/2016 10:25:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RegInOut.exe, verze: 4.0.0.1, časové razítko: 0x55c4d3d9
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xe10
Čas spuštění chybující aplikace: 0xRegInOut.exe0
Cesta k chybující aplikaci: RegInOut.exe1
Cesta k chybujícímu modulu: RegInOut.exe2
ID zprávy: RegInOut.exe3
Error: (02/27/2016 10:25:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RegInOut.exe, verze: 4.0.0.1, časové razítko: 0x55c4d3d9
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0x93c
Čas spuštění chybující aplikace: 0xRegInOut.exe0
Cesta k chybující aplikaci: RegInOut.exe1
Cesta k chybujícímu modulu: RegInOut.exe2
ID zprávy: RegInOut.exe3
Error: (02/27/2016 10:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xfc4
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 10:10:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CrashReport.exe, verze: 5.0.0.4, časové razítko: 0x53ba16f3
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xCrashReport.exe0
Cesta k chybující aplikaci: CrashReport.exe1
Cesta k chybujícímu modulu: CrashReport.exe2
ID zprávy: CrashReport.exe3
Error: (02/27/2016 10:09:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbe8
ID chybujícího procesu: 0xf94
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
Error: (02/27/2016 09:14:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.18205, časové razítko: 0x56a1b6f6
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fcabe
ID chybujícího procesu: 0xe2c
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Error: (02/27/2016 08:45:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc0000005
Posun chyby: 0x000fdbea
ID chybujícího procesu: 0xfc0
Čas spuštění chybující aplikace: 0xsetupadwcleaner_5.036.exe0
Cesta k chybující aplikaci: setupadwcleaner_5.036.exe1
Cesta k chybujícímu modulu: setupadwcleaner_5.036.exe2
ID zprávy: setupadwcleaner_5.036.exe3
System errors:
=============
Error: (02/27/2016 09:43:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
iSafeKrnlMon
Error: (02/27/2016 09:11:15 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 09:09:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 09:06:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/27/2016 08:59:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 08:59:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
Error: (02/27/2016 08:56:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.35.0.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.7036.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
Error: (02/27/2016 08:35:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.213.7036.0
Zdroj aktualizace: %NT AUTHORITY51
Fáze aktualizace: 4.9.0218.00
Zdrojová cesta: 4.9.0218.01
Typ podpisu: %NT AUTHORITY602
Typ aktualizace: %NT AUTHORITY604
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: %NT AUTHORITY605
Předchozí verze modulu: %NT AUTHORITY606
Kód chyby: %NT AUTHORITY607
Popis chyby: %NT AUTHORITY608
CodeIntegrity:
===================================
Date: 2016-02-27 08:59:13.827
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-27 08:59:13.796
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 27%
Total physical RAM: 8053.94 MB
Available physical RAM: 5829.11 MB
Total Virtual: 16106.08 MB
Available Virtual: 13749 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:225.18 GB) NTFS
Drive f: () (Fixed) (Total:465.75 GB) (Free:2.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78CC7FFF)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1BEF1BEE)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
tady posílám FRST
- Přílohy
-
- FRST.zip
- (16.45 KiB) Staženo 122 x
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: File: C:\Users\Miska\Desktop\bm.class File: C:\Users\Miska\Desktop\pack.mcmeta File: C:\Users\Miska\Desktop\bfr.class Task: {11582BA0-7D9F-44C1-BD1C-B7A9438BADAC} - System32\Tasks\Math Problem Solver GPU => C:\Users\Miska\AppData\Local\Math Problem Solver\gpu\dummysleep.exe [2014-05-11] () <==== ATTENTION Task: {3954EC76-EFDB-4A15-B86A-C23B241E8470} - System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => pcalua.exe -a F:\5900_csy_win2k_xp.exe -d F:\ Task: {45B145A9-4A76-4FC6-8F30-6565A80D8492} - System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => pcalua.exe -a C:\Users\Miska\Desktop\pbsetup.exe -d C:\Users\Miska\Desktop Task: {71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Miska\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION Task: {8FC6647F-037B-49AD-B612-07454369C571} - System32\Tasks\Math Problem Solver CPU => C:\Users\Miska\AppData\Local\Math Problem Solver\cpu\Solve.exe [2014-01-23] () <==== ATTENTION Task: {94388547-AFB5-40E1-8A31-E5F304F8BA53} - System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => pcalua.exe -a C:\Users\Miska\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 Task: {B4E976DC-A7C2-479F-9065-68C733CEF7D8} - System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => pcalua.exe -a C:\Users\Miska\Downloads\jxpiinstall.exe -d C:\Users\Miska\Downloads Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe AlternateDataStreams: C:\ProgramData\TEMP:E6E3D650 FirewallRules: [TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe BootExecute: autocheck autochk * CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429293355&from=wpc&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3FCRTK52FTK52F&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1429293355&from=wpc&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3FCRTK52FTK52F&q={searchTerms} HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/ SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = Toolbar: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\quick_searchff@gmail.com => not found FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\sweetsearch@gmail.com => not found S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X] S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X] C:\Windows\system32\drivers\AntiLog64.sys C:\Program Files (x86)\Elex-tech\YAC 2016-02-27 12:13 - 2016-02-27 12:14 - 00012726 _____ C:\Users\Miska\Desktop\FRST.txt Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Miska (2016-02-27 15:08:39) Run:1
Running from C:\Users\Miska\Desktop
Loaded Profiles: Miska (Available Profiles: oem & Miska)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Miska\Desktop\bm.class
File: C:\Users\Miska\Desktop\pack.mcmeta
File: C:\Users\Miska\Desktop\bfr.class
Task: {11582BA0-7D9F-44C1-BD1C-B7A9438BADAC} - System32\Tasks\Math Problem Solver GPU => C:\Users\Miska\AppData\Local\Math Problem Solver\gpu\dummysleep.exe [2014-05-11] () <==== ATTENTION
Task: {3954EC76-EFDB-4A15-B86A-C23B241E8470} - System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => pcalua.exe -a F:\5900_csy_win2k_xp.exe -d F:\
Task: {45B145A9-4A76-4FC6-8F30-6565A80D8492} - System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => pcalua.exe -a C:\Users\Miska\Desktop\pbsetup.exe -d C:\Users\Miska\Desktop
Task: {71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Miska\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION
Task: {8FC6647F-037B-49AD-B612-07454369C571} - System32\Tasks\Math Problem Solver CPU => C:\Users\Miska\AppData\Local\Math Problem Solver\cpu\Solve.exe [2014-01-23] () <==== ATTENTION
Task: {94388547-AFB5-40E1-8A31-E5F304F8BA53} - System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => pcalua.exe -a C:\Users\Miska\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {B4E976DC-A7C2-479F-9065-68C733CEF7D8} - System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => pcalua.exe -a C:\Users\Miska\Downloads\jxpiinstall.exe -d C:\Users\Miska\Downloads
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
AlternateDataStreams: C:\ProgramData\TEMP:E6E3D650
FirewallRules: [TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
Toolbar: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\quick_searchff@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\sweetsearch@gmail.com => not found
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
C:\Windows\system32\drivers\AntiLog64.sys
C:\Program Files (x86)\Elex-tech\YAC
2016-02-27 12:13 - 2016-02-27 12:14 - 00012726 _____ C:\Users\Miska\Desktop\FRST.txt
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\Users\Miska\Desktop\bm.class ========================
File not signed
MD5: 11D21594112EFF0B64497FCF3C72D424
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0000064
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Miska\Desktop\pack.mcmeta ========================
File not signed
MD5: EDA07795B5AA48C4F4CE7514CF2B49E8
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0007919
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Miska\Desktop\bfr.class ========================
File not signed
MD5: F59AF6D2267930C7AC37E4C95F21B1C0
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0115770
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11582BA0-7D9F-44C1-BD1C-B7A9438BADAC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11582BA0-7D9F-44C1-BD1C-B7A9438BADAC}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver GPU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver GPU" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3954EC76-EFDB-4A15-B86A-C23B241E8470}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3954EC76-EFDB-4A15-B86A-C23B241E8470}" => key removed successfully
C:\Windows\System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45B145A9-4A76-4FC6-8F30-6565A80D8492}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45B145A9-4A76-4FC6-8F30-6565A80D8492}" => key removed successfully
C:\Windows\System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E681635C-C818-4751-AF71-D8FDF759BB1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver Optimize => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver Optimize" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FC6647F-037B-49AD-B612-07454369C571}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FC6647F-037B-49AD-B612-07454369C571}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver CPU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver CPU" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94388547-AFB5-40E1-8A31-E5F304F8BA53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94388547-AFB5-40E1-8A31-E5F304F8BA53}" => key removed successfully
C:\Windows\System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4E976DC-A7C2-479F-9065-68C733CEF7D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4E976DC-A7C2-479F-9065-68C733CEF7D8}" => key removed successfully
C:\Windows\System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98012A22-4C2A-4F23-94BB-B8E7269A1850}" => key removed successfully
C:\Windows\Tasks\GlaryInitialize 5.job => moved successfully
C:\ProgramData\TEMP => ":E6E3D650" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => value removed successfully
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} => key not found.
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value removed successfully
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_searchff@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com => value removed successfully
AntiLog32 => service removed successfully
iSafeKrnlMon => service removed successfully
"C:\Windows\system32\drivers\AntiLog64.sys" => not found.
"C:\Program Files (x86)\Elex-tech\YAC" => not found.
C:\Users\Miska\Desktop\FRST.txt => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 141 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 15:09:41 ====
Ran by Miska (2016-02-27 15:08:39) Run:1
Running from C:\Users\Miska\Desktop
Loaded Profiles: Miska (Available Profiles: oem & Miska)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Miska\Desktop\bm.class
File: C:\Users\Miska\Desktop\pack.mcmeta
File: C:\Users\Miska\Desktop\bfr.class
Task: {11582BA0-7D9F-44C1-BD1C-B7A9438BADAC} - System32\Tasks\Math Problem Solver GPU => C:\Users\Miska\AppData\Local\Math Problem Solver\gpu\dummysleep.exe [2014-05-11] () <==== ATTENTION
Task: {3954EC76-EFDB-4A15-B86A-C23B241E8470} - System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => pcalua.exe -a F:\5900_csy_win2k_xp.exe -d F:\
Task: {45B145A9-4A76-4FC6-8F30-6565A80D8492} - System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => pcalua.exe -a C:\Users\Miska\Desktop\pbsetup.exe -d C:\Users\Miska\Desktop
Task: {71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7} - System32\Tasks\Math Problem Solver Optimize => C:\Users\Miska\AppData\Local\Math Problem Solver\Optimize.exe [2014-01-20] () <==== ATTENTION
Task: {8FC6647F-037B-49AD-B612-07454369C571} - System32\Tasks\Math Problem Solver CPU => C:\Users\Miska\AppData\Local\Math Problem Solver\cpu\Solve.exe [2014-01-23] () <==== ATTENTION
Task: {94388547-AFB5-40E1-8A31-E5F304F8BA53} - System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => pcalua.exe -a C:\Users\Miska\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {B4E976DC-A7C2-479F-9065-68C733CEF7D8} - System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => pcalua.exe -a C:\Users\Miska\Downloads\jxpiinstall.exe -d C:\Users\Miska\Downloads
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
AlternateDataStreams: C:\ProgramData\TEMP:E6E3D650
FirewallRules: [TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.gboxapp.com/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
Toolbar: HKU\S-1-5-21-3830967693-838441426-3976063742-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\quick_searchff@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Miska\AppData\Roaming\Mozilla\Firefox\Profiles\smt2q24y.default\extensions\sweetsearch@gmail.com => not found
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
C:\Windows\system32\drivers\AntiLog64.sys
C:\Program Files (x86)\Elex-tech\YAC
2016-02-27 12:13 - 2016-02-27 12:14 - 00012726 _____ C:\Users\Miska\Desktop\FRST.txt
Hosts:
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
========================= File: C:\Users\Miska\Desktop\bm.class ========================
File not signed
MD5: 11D21594112EFF0B64497FCF3C72D424
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0000064
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Miska\Desktop\pack.mcmeta ========================
File not signed
MD5: EDA07795B5AA48C4F4CE7514CF2B49E8
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0007919
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Miska\Desktop\bfr.class ========================
File not signed
MD5: F59AF6D2267930C7AC37E4C95F21B1C0
Creation and modification date: 2016-02-24 08:13 - 2016-01-11 19:33
Size: 0115770
Attributes: ----N
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11582BA0-7D9F-44C1-BD1C-B7A9438BADAC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11582BA0-7D9F-44C1-BD1C-B7A9438BADAC}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver GPU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver GPU" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3954EC76-EFDB-4A15-B86A-C23B241E8470}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3954EC76-EFDB-4A15-B86A-C23B241E8470}" => key removed successfully
C:\Windows\System32\Tasks\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6824AC4D-0ECB-4E66-8C2F-2745BEB66986}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45B145A9-4A76-4FC6-8F30-6565A80D8492}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45B145A9-4A76-4FC6-8F30-6565A80D8492}" => key removed successfully
C:\Windows\System32\Tasks\{E681635C-C818-4751-AF71-D8FDF759BB1F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E681635C-C818-4751-AF71-D8FDF759BB1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71AA4FD3-BC74-4EC6-B5A3-FF6035EDABD7}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver Optimize => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver Optimize" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FC6647F-037B-49AD-B612-07454369C571}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FC6647F-037B-49AD-B612-07454369C571}" => key removed successfully
C:\Windows\System32\Tasks\Math Problem Solver CPU => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Math Problem Solver CPU" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94388547-AFB5-40E1-8A31-E5F304F8BA53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94388547-AFB5-40E1-8A31-E5F304F8BA53}" => key removed successfully
C:\Windows\System32\Tasks\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F115473A-E4FA-4B7A-979E-0B054E2DEDA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4E976DC-A7C2-479F-9065-68C733CEF7D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4E976DC-A7C2-479F-9065-68C733CEF7D8}" => key removed successfully
C:\Windows\System32\Tasks\{98012A22-4C2A-4F23-94BB-B8E7269A1850} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98012A22-4C2A-4F23-94BB-B8E7269A1850}" => key removed successfully
C:\Windows\Tasks\GlaryInitialize 5.job => moved successfully
C:\ProgramData\TEMP => ":E6E3D650" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1E2B7BF0-84C0-45E2-BE4B-0775947D03B8}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB01639E-D0A4-4632-8FD5-35C7D296E13C}C:\users\miska\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe => value removed successfully
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} => key not found.
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3830967693-838441426-3976063742-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value removed successfully
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_searchff@gmail.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com => value removed successfully
AntiLog32 => service removed successfully
iSafeKrnlMon => service removed successfully
"C:\Windows\system32\drivers\AntiLog64.sys" => not found.
"C:\Program Files (x86)\Elex-tech\YAC" => not found.
C:\Users\Miska\Desktop\FRST.txt => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 141 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 15:09:41 ====
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Problem pretrvava? Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Spuste dvojklikem a extrahujte na plochu
- kliknete na Next
- Aktualizujte virovou databazi klikem na Update a pokracujte na Next
- Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
- zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
- kliknete na Cleanup a souhlaste s restartem - Yes
- obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
ano trvá, mozila při stahování padá, ani adwcleaner ani nově stažený mbar se nespustí:-(
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Název protokolu:Application
Zdroj: Application Error
Datum: 27.2.2016 15:43:27
ID události: 1000
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Název chybující aplikace: mbar.exe, verze: 1.9.3.1001, časové razítko: 0x55ca7a8b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000096
Posun chyby: 0x00bbe6b0
ID chybujícího procesu: 0xcd8
Čas spuštění chybující aplikace: 0x01d1716d37c7ca86
Cesta k chybující aplikaci: C:\Users\Miska\Desktop\mbar\mbar.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 758c2329-dd60-11e5-94f2-74d435137277
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-27T14:43:27.000000000Z" />
<EventRecordID>32803</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>mbar.exe</Data>
<Data>1.9.3.1001</Data>
<Data>55ca7a8b</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000096</Data>
<Data>00bbe6b0</Data>
<Data>cd8</Data>
<Data>01d1716d37c7ca86</Data>
<Data>C:\Users\Miska\Desktop\mbar\mbar.exe</Data>
<Data>unknown</Data>
<Data>758c2329-dd60-11e5-94f2-74d435137277</Data>
</EventData>
</Event>
Zdroj: Application Error
Datum: 27.2.2016 15:43:27
ID události: 1000
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Název chybující aplikace: mbar.exe, verze: 1.9.3.1001, časové razítko: 0x55ca7a8b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000096
Posun chyby: 0x00bbe6b0
ID chybujícího procesu: 0xcd8
Čas spuštění chybující aplikace: 0x01d1716d37c7ca86
Cesta k chybující aplikaci: C:\Users\Miska\Desktop\mbar\mbar.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 758c2329-dd60-11e5-94f2-74d435137277
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-27T14:43:27.000000000Z" />
<EventRecordID>32803</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>mbar.exe</Data>
<Data>1.9.3.1001</Data>
<Data>55ca7a8b</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000096</Data>
<Data>00bbe6b0</Data>
<Data>cd8</Data>
<Data>01d1716d37c7ca86</Data>
<Data>C:\Users\Miska\Desktop\mbar\mbar.exe</Data>
<Data>unknown</Data>
<Data>758c2329-dd60-11e5-94f2-74d435137277</Data>
</EventData>
</Event>
Re: některé programy nejdou spustit,prosím o kontrolu logu.
Vyzkousejte AdwCleaner a MBAR v nouzovem rezimu.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
lennycowler
- Návštěvník
- Příspěvky: 29
- Registrován: 27 úno 2016 09:25
Re: některé programy nejdou spustit,prosím o kontrolu logu.
zkusil jsem oba v nouz.režimu, ale bezvýsledně, u adwclean naběhne nabídka ale když jí potvrdím, tak zmizí a nic se nestane, ten druhý program ani neškrtne:-(. V prohlížeči událostí:
Název protokolu:Application
Zdroj: Application Error
Datum: 28.2.2016 7:33:05
ID události: 1005
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém Windows kvůli této chybě ukončil program AdwCleaner.
Program: AdwCleaner
Soubor:
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu. Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2. Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí o pomoc.
Další údaje
Hodnota chyby: 00000000
Typ disku: 0
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="49152">1005</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-28T06:33:05.000000000Z" />
<EventRecordID>32901</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>AdwCleaner</Data>
<Data>00000000</Data>
<Data>0</Data>
</EventData>
</Event>
dále pak i toto:
Název protokolu:Application
Zdroj: Application Error
Datum: 28.2.2016 7:33:05
ID události: 1000
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc000001d
Posun chyby: 0x000fdbe0
ID chybujícího procesu: 0x5cc
Čas spuštění chybující aplikace: 0x01d171f1d89e2696
Cesta k chybující aplikaci: C:\Users\Miska\AppData\Local\Temp\nsqDE5E.tmp\setupadwcleaner_5.036.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\iertutil.dll
ID zprávy: 1f4fa840-dde5-11e5-a4fd-c892d568ee28
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-28T06:33:05.000000000Z" />
<EventRecordID>32900</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>setupadwcleaner_5.036.exe</Data>
<Data>5.0.3.6</Data>
<Data>56caa000</Data>
<Data>iertutil.dll</Data>
<Data>11.0.9600.18212</Data>
<Data>56b5c026</Data>
<Data>c000001d</Data>
<Data>000fdbe0</Data>
<Data>5cc</Data>
<Data>01d171f1d89e2696</Data>
<Data>C:\Users\Miska\AppData\Local\Temp\nsqDE5E.tmp\setupadwcleaner_5.036.exe</Data>
<Data>C:\Windows\syswow64\iertutil.dll</Data>
<Data>1f4fa840-dde5-11e5-a4fd-c892d568ee28</Data>
</EventData>
</Event>
defacto to samé se píše u mbaru.
Název protokolu:Application
Zdroj: Application Error
Datum: 28.2.2016 7:33:05
ID události: 1005
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém Windows kvůli této chybě ukončil program AdwCleaner.
Program: AdwCleaner
Soubor:
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu. Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2. Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti, měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru se žádostí o pomoc.
Další údaje
Hodnota chyby: 00000000
Typ disku: 0
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="49152">1005</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-28T06:33:05.000000000Z" />
<EventRecordID>32901</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>AdwCleaner</Data>
<Data>00000000</Data>
<Data>0</Data>
</EventData>
</Event>
dále pak i toto:
Název protokolu:Application
Zdroj: Application Error
Datum: 28.2.2016 7:33:05
ID události: 1000
Kategorie úlohy:(100)
Úroveň: Chyba
Klíčová slova: Klasické nastavení
Uživatel: Není k dispozici
Počítač: Miska-PC
Popis:
Název chybující aplikace: setupadwcleaner_5.036.exe, verze: 5.0.3.6, časové razítko: 0x56caa000
Název chybujícího modulu: iertutil.dll, verze: 11.0.9600.18212, časové razítko: 0x56b5c026
Kód výjimky: 0xc000001d
Posun chyby: 0x000fdbe0
ID chybujícího procesu: 0x5cc
Čas spuštění chybující aplikace: 0x01d171f1d89e2696
Cesta k chybující aplikaci: C:\Users\Miska\AppData\Local\Temp\nsqDE5E.tmp\setupadwcleaner_5.036.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\iertutil.dll
ID zprávy: 1f4fa840-dde5-11e5-a4fd-c892d568ee28
Kód XML události:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-02-28T06:33:05.000000000Z" />
<EventRecordID>32900</EventRecordID>
<Channel>Application</Channel>
<Computer>Miska-PC</Computer>
<Security />
</System>
<EventData>
<Data>setupadwcleaner_5.036.exe</Data>
<Data>5.0.3.6</Data>
<Data>56caa000</Data>
<Data>iertutil.dll</Data>
<Data>11.0.9600.18212</Data>
<Data>56b5c026</Data>
<Data>c000001d</Data>
<Data>000fdbe0</Data>
<Data>5cc</Data>
<Data>01d171f1d89e2696</Data>
<Data>C:\Users\Miska\AppData\Local\Temp\nsqDE5E.tmp\setupadwcleaner_5.036.exe</Data>
<Data>C:\Windows\syswow64\iertutil.dll</Data>
<Data>1f4fa840-dde5-11e5-a4fd-c892d568ee28</Data>
</EventData>
</Event>
defacto to samé se píše u mbaru.
Přispějete na provoz fóra?