Nelze zapnout Centrum zabezpečení systému Windows

[jakub.oslejsek]

Dobrý den,
rád bych Vás požádal o pomoc se zabezpečením počítače. Poslední týden se mi nepravidelně, nicméně často, zapne počítač s vypnutým Centrem zabezpečení, popřípadě antivirem. Mám obavy, aby se nejednalo o nějakého trojana či rootkit. Nicméně svými silami nejsem s to problém vyřešit. Předem Vám děkuji za pomoc.
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Jakub (administrator) on JAKUB-PC (12-11-2016 22:55:17)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2015-10-26]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{BDDC18FD-7325-4E89-BB77-766A33AF3E9D}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {1BFC78F2-60CC-460F-BD41-770662F0466B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {212C533D-C2F4-40CB-ACDB-EC281B07824A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {5EC57AE7-2C91-4252-990B-218A8BCDAA6E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {60500081-E4A1-44A4-BEF1-C205A07DADA2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {64543327-3C79-4805-9CFF-E68837A1FE26} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... IM_csCZ547
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {CE0C5EEB-2387-459C-90B7-ECBD56239A98} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {E9B40B2D-87C0-460F-892F-DFC09FEB74EB} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {FFE98A27-9FCB-4070-AF5B-5453F69E6196} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 3ly7fyqr.default-1478027371720
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\ikv5t0pz.default-1477421158965 [not found]
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\3ly7fyqr.default-1478027371720 [2016-11-12]
FF Homepage: Mozilla\Firefox\Profiles\3ly7fyqr.default-1478027371720 -> hxxps://www.seznam.cz/
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jakub\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2016-11-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [505648 2014-02-25] (Samsung Electronics Co., Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2015-05-07] (Monet+, a.s.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2015-11-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 22:55 - 2016-11-12 22:56 - 00014409 _____ C:\Users\Jakub\Desktop\FRST.txt
2016-11-01 20:05 - 2016-11-01 20:05 - 00003480 ____N C:\bootsqm.dat
2016-10-29 16:48 - 2016-10-29 16:49 - 03910208 _____ C:\Users\Jakub\Desktop\adwcleaner_6.030.exe
2016-10-29 13:04 - 2016-10-29 13:04 - 00015327 _____ C:\Users\Jakub\Desktop\LM.bat
2016-10-29 13:01 - 2016-11-12 22:55 - 02411520 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2016-10-20 22:46 - 2016-10-21 21:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 22:55 - 2016-01-24 16:40 - 00000000 ____D C:\Users\Jakub\Desktop\FRST-OlderVersion
2016-11-12 22:55 - 2016-01-24 16:40 - 00000000 ____D C:\FRST
2016-11-12 22:53 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-12 22:53 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-12 22:46 - 2015-02-21 19:44 - 00000000 ____D C:\Users\Jakub\AppData\Local\HTC MediaHub
2016-11-12 22:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-12 20:24 - 2014-07-09 10:24 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-10 22:44 - 2016-07-09 23:01 - 00000000 ____D C:\WarThunder
2016-11-10 16:51 - 2015-01-12 19:55 - 00000000 ____D C:\Users\Jakub\Documents\Scan
2016-11-09 21:02 - 2013-07-29 16:37 - 00000000 ____D C:\Users\Jakub\AppData\Local\Google
2016-11-08 22:26 - 2013-07-30 09:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 22:26 - 2013-07-30 09:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 22:26 - 2013-07-30 09:28 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 22:26 - 2013-07-30 09:28 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 22:26 - 2013-07-30 09:28 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 22:19 - 2014-12-23 16:56 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-06 23:14 - 2011-04-12 09:34 - 00668640 _____ C:\Windows\system32\perfh005.dat
2016-11-06 23:14 - 2011-04-12 09:34 - 00141300 _____ C:\Windows\system32\perfc005.dat
2016-11-06 23:14 - 2009-07-14 06:13 - 01583642 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-06 23:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-04 23:02 - 2015-11-08 13:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 20:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-01 20:09 - 2016-02-06 18:49 - 00000000 ____D C:\Users\Jakub\Desktop\Původní data aplikace Firefox
2016-10-29 19:16 - 2013-07-29 16:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-29 16:59 - 2014-10-15 07:51 - 00000000 ____D C:\AdwCleaner
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-27 18:07 - 2015-06-05 13:07 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-27 18:07 - 2015-06-05 13:07 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 21:39 - 2013-07-30 08:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-06-04 15:12 - 2015-06-04 15:12 - 0000024 _____ () C:\Users\Jakub\AppData\Roaming\appdataFr25.bin
2013-07-29 16:39 - 2013-07-29 16:39 - 0000036 _____ () C:\Users\Jakub\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
C:\Users\Jakub\AppData\Local\Temp\atcMedia7601468107068.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-05 19:36

==================== End of FRST.txt ============================

Log Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Jakub (12-11-2016 22:56:34)
Running from C:\Users\Jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-29 15:24:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3706855550-2973812730-1501122498-500 - Administrator - Disabled)
Guest (S-1-5-21-3706855550-2973812730-1501122498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3706855550-2973812730-1501122498-1004 - Limited - Enabled)
Jakub (S-1-5-21-3706855550-2973812730-1501122498-1000 - Administrator - Enabled) => C:\Users\Jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version: - amrtomp3converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DigiTech RP155 Drivers (HKLM-x32\...\DigiTech RP155 Drivers) (Version: 1.0.0 - DigiTech)
DigiTech RP155 Drivers (Version: 1.0.0 - DigiTech) Hidden
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
face2face Second edition Elementary application (HKLM-x32\...\face2faceSecondeditionElementary) (Version: 1.0.1 - Cambridge University Press Holdings Limited)
face2face Second edition Elementary application (x32 Version: 1.0.1 - Cambridge University Press Holdings Limited) Hidden
face2face Second edition Elementary content (HKLM-x32\...\face2face Second edition Elementary content) (Version: 1.0.0.0 - Cambridge University Press)
face2face Second edition Pre-intermediate application (HKLM-x32\...\face2faceSecondeditionPreintermediate) (Version: 1.0.0 - Cambridge University Press Holdings Limited)
face2face Second edition Pre-intermediate application (x32 Version: 1.0.0 - Cambridge University Press Holdings Limited) Hidden
face2face Second edition Pre-intermediate content (HKLM-x32\...\face2face Second edition Pre-intermediate content) (Version: 1.0.0.0 - Cambridge University Press)
Facebook Platinum (HKLM-x32\...\{E9AD2F38-EF9C-B9DA-048A-A92FBC17701E}) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.61.0 - HTC)
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{758AF648-0B6C-4593-BDF1-9BF4CB50A359}) (Version: 1.00.0000 - Ubisoft)
IL-2 Sturmovik 1946 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 cs)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3e071c2a-66d2-4b39-a563-86901688be4c}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Royal Envoy Campaign for the Crown Collector's Edition (HKLM-x32\...\Royal Envoy Campaign for the Crown Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.3.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.3.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.4.2014) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.18 (25.2.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
Unity Web Player (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder Launcher 1.0.1.655 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
X-Edit (HKLM-x32\...\X-Edit) (Version: 2.7.1.1 - DigiTech)
X-Edit (x32 Version: 2.7.1.1 - DigiTech) Hidden
XnView 2.04 (HKLM-x32\...\XnView_is1) (Version: 2.04 - Gougelet Pierre-e)
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Zoo Empire 1.21 (HKLM-x32\...\Zoo Empire_is1) (Version: - HYPERMAX)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{820E0EB4-6274-3DB6-4219-F6B8E6B7D106}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BC53A95-1821-4933-B07F-055631E29DCD} - System32\Tasks\{0DF8112E-6A37-4BE2-AA4B-ADEF3566BA48} => pcalua.exe -a "C:\Instalační data\Sturmovik\UP3\UP_3.0RC_Client.part01.exe" -d "C:\Instalační data\Sturmovik\UP3"
Task: {11402BEB-0EBF-401C-BFE0-245DAD350975} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {45FC44BD-70B0-41B6-8F38-137C769DE419} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {77F732B0-2180-4AB2-9EC5-284491965096} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {99576A65-D5DE-4F04-B403-B50F28B72C89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {9E95FEFA-322A-442E-B313-002E733D828F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {C0072DFF-0EDF-47BA-86A2-AC18EF763858} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {E7052061-64DE-43A1-AD81-57B0E1B73644} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3706855550-2973812730-1501122498-1000

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-12-02 13:52 - 2014-12-02 13:52 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-10-19 10:44 - 2015-10-19 10:44 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-18 15:06 - 2014-12-18 15:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-10-19 10:44 - 2015-10-19 10:44 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 15:08 - 2014-12-18 15:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 15:11 - 2014-12-18 15:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 15:14 - 2014-12-18 15:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-26 21:44 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3620035B-77EC-4E0A-8845-783B95CFEC91}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [UDP Query User{DAFA12FA-4B6A-4A02-9A5E-8230DC0EB11F}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [{C2D6A46B-3DEF-4EEB-B343-7E9A06E2BF80}] => (Allow) C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5CE8695E-3C98-4DE6-AE28-B6C906B1B901}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{3B68B793-D14A-4430-A19C-C4AEF88B6F86}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1F28FBC1-9763-4F54-A2F9-78FE36E2B242}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1BC57C2F-3A27-4FC5-81E2-CA55283BC5E6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A32E3E9D-4919-4FB2-833B-835461440AEF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A3F1EC9B-5B7F-44D5-B408-3D2F706BF011}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{56520C73-F9AA-4E28-BDC4-928C4A94547F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E4D6E01C-CB86-4E8A-808F-2C9725B8DFDB}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{311F3409-5EA4-4837-830B-CB55B5858A4A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{61866A5D-C828-4CBD-A801-E6F50472B26D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{E1C358A4-FDAA-4340-8EE0-6CD8AC0510CA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{701DA247-2A0C-4622-8CBC-024BCC781F43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B0C033A4-6F73-4F7F-95A8-5CF014984B74}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{5DC8B5B5-E9D3-43E5-A87B-4B253297BB16}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{472B6D5D-3AA5-461C-9667-D4A2A63E6BA7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{B9A60B1B-F709-4658-9BC8-85B40DF6303A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F3EACA27-E384-4921-8B2C-A5C5E5965909}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C63323C2-CAD0-458E-8CE3-486FCAF57161}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{75A782DA-66DC-44ED-A776-7B0FDFA98DE0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5D34A1EF-C321-402E-9019-DD8E96ABBBBF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{1E7C6405-69A2-48E4-83C0-E357E707BCB2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{99043E1E-A6AE-4F6E-91C5-E4B46F137809}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{A5FCB337-C804-4A52-A43B-9AFB2E284A00}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{1F2CEBEC-A0D4-4BDA-B719-F5F0AD362BB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{3831F12B-3B22-41E6-AE78-C97806169132}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{C9D19B70-A1CA-415C-B20F-C3843929F4C1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{547EF02A-AA43-44B3-B287-5E541DCAFAF6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{63CDB8BD-DBB3-4E4E-91B9-EF2A0498680C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{8224B70E-564F-461A-9CAB-3C94335EC157}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{5FDF8194-793A-42C7-96B0-70418D30E91D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{C5132329-4241-4318-B960-72CA7FFC4649}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{09465574-29FB-4784-8807-02AA471DDE66}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{321F09A6-F795-494B-98A7-D5789AD813EC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{530FB986-37E6-4A7C-9AC0-7A9AE54EB02B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{6D988726-6532-4CCF-A737-024E8B69639B}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{741D9A12-B29B-45A9-B2C9-E533ED97F3D8}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [{64E8FC51-0A3A-4DB5-A4A7-B9C12266E3FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7B3330B-1004-4BC2-903B-C4539E85D575}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14EFA6B7-22A5-4D2D-84F2-F907A66B1B1B}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7FB38CB6-F1FE-41A3-BA1A-31169A7A064C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D9042D0A-C67B-44EA-B139-DB6DA0032C7B}] => (Allow) LPort=2869
FirewallRules: [{43B18A19-85EA-41B5-8121-94CACF11434A}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{428DEE3C-F5AC-460E-A043-E16433233423}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B30F40D5-F871-48B9-B70D-DCC286481F84}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{327EFF5F-FAA9-4356-9FBB-16BE92A90189}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{0D323E58-FB16-4142-9F4E-5276FCB5280B}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{FEFB99BD-1764-42CC-8E4A-03AEA3490966}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{8D558A2F-DBFF-4FF9-824C-23C76D4919E3}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [TCP Query User{EDF3F10B-E28F-442D-842E-A401DF74FFEC}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{0A2A57C1-D8C3-4689-A99D-50AA5D86E5E8}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [{DE371AA8-8FEB-4754-8CAE-EB176D0E4F65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8C466ADD-01A7-4CC4-923F-6AF51F37C4D3}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{CA3A83AF-EABB-4BCB-8435-893CA328F18E}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{41D19295-E7AE-42F5-98A5-5579D4A4D15D}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{F9100B29-5B90-4633-8FF3-35E7DAB96D0C}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe

==================== Restore Points =========================

06-10-2016 21:37:24 Windows Update
10-10-2016 21:17:19 Windows Update
19-10-2016 19:04:11 Windows Update
23-10-2016 22:00:08 Windows Update
29-10-2016 14:56:31 Windows Update
01-11-2016 19:50:51 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2016 10:45:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/12/2016 05:24:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2016 10:25:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2016 03:45:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2016 11:35:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 49.0.2.6136, časové razítko: 0x5807c043
Název chybujícího modulu: mozglue.dll, verze: 49.0.2.6136, časové razítko: 0x5807b9a7
Kód výjimky: 0x80000003
Posun chyby: 0x0000e83e
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d23ad42a29876d
Cesta k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
ID zprávy: ce70b858-a6cc-11e6-b917-d43d7e9cc0b9

Error: (11/09/2016 10:56:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2016 09:02:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2016 08:04:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/08/2016 10:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/06/2016 11:12:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (11/12/2016 10:46:26 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (11/12/2016 10:44:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/12/2016 08:27:23 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.231.1256.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Vyhledat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.13202.0

Kód chyby: 0x8024001e

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (11/12/2016 05:25:25 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (11/12/2016 05:23:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/11/2016 12:38:12 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.231.1256.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Vyhledat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.13202.0

Kód chyby: 0x8024001e

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (11/10/2016 10:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (11/10/2016 10:24:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/10/2016 03:45:38 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Služba 'WMPNetworkSvc' nebyla spuštěna správně, protože registr nebylo možné aktualizovat v důsledku chyby '0x80070006'. Pokud je to možné, přeinstalujte program Windows Media Player.

Error: (11/10/2016 03:43:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
Date: 2015-10-26 17:18:59.970
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.960
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.950
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.940
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.930
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.920
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.670
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.660
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.650
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.610
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.


==================== Memory info ===========================

Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 6142.18 MB
Available physical RAM: 4091.27 MB
Total Virtual: 12282.54 MB
Available Virtual: 9821.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1655.34 GB) NTFS
Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:1665.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 26CA0C85)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 45D830F4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[JaRon]

Ahoj,
Odinstaluj Microsoft Security Client a nahrad ho AV podla vyberu
Avast-Avira-Bitdefender - verzie free
Prescanuj a vycisti PC

[jakub.oslejsek]

Zdravím,
zeptám se, MS Security Client je totéž co MS Security Essentials?

[JaRon]

Ano, AV od MS