altrok píše:
Jake jsou na PC aktualne problemy?
Dejte logy FRST.txt a Addition.txt -
http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
PC jede bez potíží
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016
Ran by galle_000 (administrator) on MICHAL (14-05-2016 15:21:22)
Running from C:\Users\galle_000\Desktop
Loaded Profiles: galle_000 (Available Profiles: galle_000)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2015-03-14] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-13] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [153392 2015-12-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-13] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-09-06]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2014-11-24]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{5DDDC5A4-A02B-4705-A3DF-93C05637D0ED}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{D972D681-7BD1-4F63-845C-A7C7C2D5D80F}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/
HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {068A29DA-508A-4548-B871-0B4609046F15} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {068A29DA-508A-4548-B871-0B4609046F15} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> DefaultScope {23677A46-DF68-48AD-9CC8-5CC464DDCBC7} URL = hxxps://
www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {068A29DA-508A-4548-B871-0B4609046F15} URL = hxxp://
www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {0D681DC1-BC27-4738-AC42-583DC9B1FCB8} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {23677A46-DF68-48AD-9CC8-5CC464DDCBC7} URL = hxxps://
www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {5D0D471D-DFB4-48D7-826E-4232E33A62A7} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {71986F48-3360-4806-8640-C9C8A0451BB4} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {87ECE523-68EF-4D28-8B21-6E38508B89FA} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {8ED2635A-B1E8-4CB1-AFFA-CCD600CB4C13} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {999D6819-DA5A-4911-9AB1-AE73DAF7BB47} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {B70FB3C8-579B-4358-8D36-EDB323019768} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {C9707F71-A2D3-452B-AF95-3584605A6F3C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002 -> {D2B7E887-F201-43F9-940D-B17ED62FBCD7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST Software)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-02-07] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-13]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://
www.google.com/search?sourceid=ie7&q={s ... cs___CZ332
CHR DefaultSearchKeyword: Default -> google.com__
CHR Profile: C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-13]
CHR Extension: (Dokumenty Google) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-13]
CHR Extension: (Disk Google) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-11]
CHR Extension: (music budík) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bemjohfcnicipdlhgkfjdaoehadapcdl [2016-05-11]
CHR Extension: (YouTube) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-11]
CHR Extension: (Tabulky Google) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (Avast Online Security) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-13]
CHR Extension: (Předpověď počasí; Kalendář) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpnndfjpecikiigijhhahfphpkhkjmg [2016-05-11]
CHR Extension: (Website Logon) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2016-05-13]
CHR Extension: (Norton Identity Safe) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-05-11]
CHR Extension: (RadarEU) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjnikbakkeibgjanhllfmjmioboancb [2016-05-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-13]
CHR Extension: (Bubble Shooter Classic) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcibeclmeegnbhfpfggeihlehnkdciln [2016-05-11]
CHR Extension: (Weather Underground) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-05-11]
CHR Extension: (Gmail) - C:\Users\galle_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-05-13] (AVAST Software)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [668984 2013-02-07] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2015-03-14] (IDT, Inc.) [File not signed]
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-13] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-05-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-13] (AVAST Software)
U3 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-12-12] (Intel Corporation)
S3 iscFlash; c:\SWSetup\SP73289\iscflashx64.sys [66760 2014-10-23] (Insyde Software)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2016-02-11] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2015-03-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-03-15] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-05-14] ()
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-14 15:21 - 2016-05-14 15:21 - 00025123 _____ C:\Users\galle_000\Desktop\FRST.txt
2016-05-14 15:17 - 2016-05-14 15:21 - 00000000 ____D C:\FRST
2016-05-14 15:01 - 2016-05-14 15:01 - 02382336 _____ (Farbar) C:\Users\galle_000\Desktop\FRST64.exe
2016-05-14 13:44 - 2016-05-14 13:44 - 00000000 ____D C:\_OTM
2016-05-14 13:15 - 2016-05-14 13:15 - 00522240 _____ (OldTimer Tools) C:\Users\galle_000\Desktop\OTM.exe
2016-05-14 10:47 - 2016-05-14 10:47 - 360508680 _____ (NVIDIA Corporation) C:\Users\galle_000\Downloads\365.19-notebook-win8-win7-64bit-international-whql.exe
2016-05-14 10:42 - 2016-05-14 10:42 - 01222144 _____ C:\Users\galle_000\Desktop\RSITx64.exe
2016-05-14 10:39 - 2016-05-14 14:49 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-14 10:39 - 2016-05-14 13:46 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-14 10:39 - 2016-05-14 10:44 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-14 10:39 - 2016-05-14 10:44 - 00003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-14 10:39 - 2016-05-14 10:39 - 00987728 _____ (Google Inc.) C:\Users\galle_000\Downloads\ChromeSetup.exe
2016-05-14 10:39 - 2016-05-14 10:39 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-14 10:39 - 2016-05-14 10:39 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 16:46 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-13 16:46 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-13 16:46 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-13 16:46 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-13 16:46 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-13 16:46 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-13 16:46 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-13 16:46 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-13 16:46 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-05-13 16:46 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-13 16:46 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-13 16:46 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-05-13 16:46 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-05-13 16:46 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-05-13 16:46 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-05-13 16:46 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-05-13 16:46 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-13 16:46 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-05-13 16:46 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-13 16:46 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-05-13 16:46 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-13 16:46 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-05-13 16:46 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-05-13 16:46 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-05-13 16:46 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-13 16:46 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-05-13 16:46 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-05-13 16:46 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-13 16:46 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-05-13 16:46 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-13 16:46 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-13 16:46 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-05-13 16:46 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-05-13 16:46 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-05-13 16:46 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-05-13 16:46 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-05-13 16:46 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-05-13 16:46 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-05-13 16:46 - 2016-02-08 19:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-13 16:45 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-13 16:45 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-13 16:45 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-13 16:45 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-13 16:45 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-13 16:45 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-05-13 16:45 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-05-13 16:45 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-13 16:45 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-13 16:45 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-05-13 16:45 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-05-13 16:45 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-13 16:45 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-13 16:45 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-05-13 16:45 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-13 16:45 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-13 16:45 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-13 16:45 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-05-13 16:45 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-13 16:45 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-13 16:45 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-13 16:45 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-05-13 16:45 - 2016-02-11 16:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-05-13 16:45 - 2016-02-11 16:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-05-13 16:45 - 2016-02-11 16:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-05-13 16:45 - 2016-02-11 16:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-05-13 16:45 - 2016-02-05 16:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-13 16:45 - 2016-02-05 16:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-13 16:45 - 2016-02-05 16:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-05-13 16:45 - 2016-02-05 16:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-05-13 16:44 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2016-05-13 16:44 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-13 16:44 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-13 16:44 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-13 16:44 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-13 16:44 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-13 16:44 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-13 16:44 - 2016-02-12 21:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-13 16:44 - 2016-02-12 17:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-13 16:44 - 2016-02-12 16:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-05-13 16:44 - 2016-02-12 16:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-05-13 16:44 - 2016-02-12 16:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-05-13 16:44 - 2016-02-12 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-05-13 16:44 - 2016-02-12 16:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-05-13 16:44 - 2016-02-12 16:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-05-13 16:44 - 2016-02-12 16:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-05-13 16:44 - 2016-02-12 16:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-05-13 16:44 - 2016-02-12 16:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-13 16:44 - 2016-02-12 16:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-13 16:44 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-13 16:44 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-13 16:44 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-13 16:44 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-13 16:44 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-13 16:44 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-13 16:44 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-05-13 16:44 - 2016-02-06 20:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-13 16:44 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-05-13 16:44 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-05-13 16:44 - 2016-02-05 17:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-13 16:44 - 2016-02-05 17:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-05-13 16:44 - 2016-02-04 20:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-13 16:44 - 2016-02-04 20:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-13 16:44 - 2016-02-04 19:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-05-13 16:44 - 2016-02-04 19:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-05-13 16:44 - 2016-02-04 19:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-13 16:44 - 2016-02-04 19:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-05-13 16:44 - 2016-02-03 17:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-05-13 16:44 - 2016-02-03 17:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-13 16:44 - 2016-02-03 17:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-05-13 16:44 - 2016-01-31 21:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-13 16:43 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-05-13 16:43 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-13 15:11 - 2016-05-13 15:11 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-05-13 15:11 - 2016-05-13 15:11 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-05-13 09:16 - 2016-05-13 09:20 - 00000000 ____D C:\AdwCleaner
2016-05-13 08:48 - 2016-05-13 08:49 - 00000000 ____D C:\rsit
2016-05-13 08:48 - 2016-05-13 08:49 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-05-12 07:32 - 2016-05-12 07:32 - 00000531 _____ C:\DelFix.txt
2016-05-11 19:50 - 2016-05-13 15:05 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-10 19:13 - 2016-05-14 10:10 - 00209920 ___SH C:\Users\galle_000\Desktop\Thumbs.db
2016-05-10 14:00 - 2016-05-10 14:01 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-05-10 13:22 - 2016-05-13 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-05-10 13:22 - 2016-05-11 12:53 - 00000000 ____D C:\Users\galle_000\AppData\Local\VS Revo Group
2016-05-10 13:22 - 2016-05-11 12:52 - 00000000 ____D C:\Program Files\VS Revo Group
2016-05-09 19:14 - 2016-05-09 20:08 - 00000000 _____ C:\Users\galle_000\Downloads\Linka 657.avi
2016-05-06 18:45 - 2016-05-06 19:48 - 891780312 _____ C:\Users\galle_000\Downloads\oloo1.avi
2016-05-05 10:04 - 2016-05-05 10:04 - 00349221 _____ C:\Users\galle_000\Downloads\IR250 1V3.pdf
2016-05-04 14:26 - 2016-05-10 13:28 - 00000000 ____D C:\Users\galle_000\Desktop\hudb
2016-05-04 13:25 - 2016-05-04 13:25 - 07911481 _____ C:\Users\galle_000\Downloads\Aaiveta_Milaček_ICE.vcf
2016-05-04 13:07 - 2016-05-04 13:07 - 00068303 _____ C:\Users\galle_000\Downloads\sendAll.vcf
2016-05-03 19:43 - 2016-05-04 14:19 - 00000000 ____D C:\Users\galle_000\Desktop\Kontakty
2016-04-29 14:22 - 2016-04-29 14:22 - 00000000 ____D C:\Users\galle_000\AppData\Local\CEF
2016-04-27 17:22 - 2016-04-27 17:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-23 16:07 - 2016-05-13 17:35 - 00003886 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461420425
2016-04-23 16:07 - 2016-05-13 17:35 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-23 16:07 - 2016-04-23 16:07 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-23 16:06 - 2016-05-13 15:11 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00536312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-04-23 16:04 - 2016-05-13 15:11 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-23 16:04 - 2016-05-13 15:09 - 00001945 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-04-23 16:04 - 2016-05-13 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-23 16:03 - 2016-04-23 16:03 - 05139176 _____ (AVAST Software) C:\Users\galle_000\Downloads\avast_internet_security_setup_online.exe
2016-04-23 15:28 - 2016-04-23 15:28 - 00001790 _____ C:\Users\galle_000\Downloads\license.avastlic
2016-04-21 20:07 - 2016-04-21 20:08 - 73163448 _____ (myWOTmods.com ) C:\Users\galle_000\Downloads\webium-WOT-0.9.14-modpack-installer-v9.14.17.exe
2016-04-20 22:18 - 2016-04-20 22:18 - 00276480 _____ C:\Users\galle_000\Documents\Bečán PRAHA 2016.4.xls
2016-04-20 22:15 - 2016-04-20 22:15 - 00277504 _____ C:\Users\galle_000\Downloads\Bečán Jevany 2015 (1).xls
2016-04-20 22:13 - 2016-04-20 22:13 - 00277504 _____ C:\Users\galle_000\Downloads\Bečán Jevany 2015.xls
2016-04-20 22:10 - 2016-04-20 23:03 - 760951708 _____ C:\Users\galle_000\Downloads\ist1.avi
2016-04-18 16:07 - 2016-04-18 17:09 - 914570832 _____ C:\Users\galle_000\Downloads\otem1.avi
2016-04-18 13:33 - 2016-04-18 13:33 - 00060499 _____ C:\Users\galle_000\Downloads\rechnung.pdf
2016-04-14 08:37 - 2016-05-14 15:02 - 00003184 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForgalle_000
2016-04-14 08:37 - 2016-05-14 15:02 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForgalle_000.job
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-14 15:19 - 2016-01-21 18:17 - 00000000 ____D C:\Users\galle_000\AppData\Roaming\TS3Client
2016-05-14 13:52 - 2014-03-18 17:33 - 00471886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-14 13:52 - 2014-03-18 16:54 - 01839990 _____ C:\WINDOWS\system32\perfh005.dat
2016-05-14 13:52 - 2014-03-18 16:54 - 00517830 _____ C:\WINDOWS\system32\perfc005.dat
2016-05-14 13:52 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-14 13:47 - 2015-02-22 19:25 - 00000000 ____D C:\Users\galle_000\Documents\Youcam
2016-05-14 13:46 - 2016-02-10 11:08 - 00003290 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2016-05-14 13:46 - 2016-01-21 22:00 - 00000000 ____D C:\Users\galle_000\AppData\Local\CrashDumps
2016-05-14 13:46 - 2014-07-09 18:54 - 00000000 ___DO C:\Users\galle_000\OneDrive
2016-05-14 13:46 - 2014-07-09 15:50 - 00000000 ____D C:\Users\galle_000\AppData\LocalLow\AuthenTec
2016-05-14 13:46 - 2013-09-06 10:00 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2016-05-14 13:46 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-14 13:46 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-14 12:42 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 12:33 - 2014-07-09 15:57 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3396484246-1754920453-1593871313-1002
2016-05-14 12:14 - 2014-07-09 18:54 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1D51E694-D4A4-474C-84DD-D3BA2047FACF}
2016-05-14 10:39 - 2016-01-21 14:24 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-14 10:36 - 2016-01-21 14:24 - 00000000 ____D C:\Users\galle_000\AppData\Local\Deployment
2016-05-14 10:22 - 2016-04-01 10:46 - 00000000 ____D C:\Users\galle_000\AppData\Roaming\Seznam.cz
2016-05-13 17:34 - 2013-08-22 16:44 - 00503336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-13 17:20 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-13 17:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-13 16:53 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 16:52 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 16:51 - 2014-07-09 16:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-13 16:47 - 2014-07-09 16:44 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-13 16:45 - 2016-01-19 11:42 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-05-13 15:08 - 2014-07-09 18:43 - 00000000 ____D C:\Users\galle_000
2016-05-13 15:06 - 2016-04-07 15:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-05-13 15:06 - 2016-04-01 16:56 - 00000000 ____D C:\Users\galle_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 15:06 - 2015-09-13 20:02 - 00000000 ____D C:\Users\galle_000\AppData\Roaming\vlc
2016-05-13 15:06 - 2015-04-25 14:24 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-13 15:06 - 2015-03-19 16:38 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-13 15:06 - 2014-11-24 22:27 - 00000000 ____D C:\Users\galle_000\AppData\Roaming\ArcSoft
2016-05-13 15:06 - 2014-03-18 17:10 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SystemResources
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-13 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Globalization
2016-05-13 15:06 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-13 15:06 - 2013-05-27 15:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-05-13 15:06 - 2013-05-27 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-05-13 15:06 - 2013-05-27 15:12 - 00000000 ____D C:\Program Files\7-Zip
2016-05-13 15:05 - 2016-04-01 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 15:05 - 2016-04-01 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passware
2016-05-13 15:05 - 2016-03-21 08:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-05-13 15:05 - 2016-02-23 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2016-05-13 15:05 - 2016-02-02 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-05-13 15:05 - 2016-01-21 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-13 15:05 - 2016-01-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2016-05-13 15:05 - 2016-01-21 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-05-13 15:05 - 2014-11-24 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia 3.5
2016-05-13 15:05 - 2014-11-24 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2016-05-13 15:05 - 2014-07-09 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-13 15:05 - 2014-07-09 15:52 - 00000000 ____D C:\Users\galle_000\AppData\Local\Hewlett-Packard
2016-05-13 15:05 - 2013-09-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-13 15:05 - 2013-09-06 10:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-05-13 15:05 - 2013-09-06 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-05-13 15:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-13 15:05 - 2013-05-27 15:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-05-13 15:05 - 2013-05-27 15:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-05-13 15:05 - 2013-05-27 15:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-05-13 15:05 - 2013-05-27 15:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-05-13 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-05-13 14:56 - 2016-01-21 14:24 - 00000000 ____D C:\Users\galle_000\AppData\Local\Google
2016-05-13 14:52 - 2016-01-21 15:07 - 00000000 ____D C:\Games
2016-05-12 16:55 - 2016-02-23 19:07 - 00000000 ____D C:\Users\galle_000\Downloads\VODAFON
2016-05-12 16:55 - 2014-12-29 21:55 - 00000000 ____D C:\Users\galle_000\Desktop\Iveta
2016-05-10 19:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(64)
2016-05-10 19:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(63)
2016-05-10 18:49 - 2014-07-09 21:30 - 00129424 _____ C:\Users\galle_000\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-03 03:15 - 2015-10-19 12:33 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-03 03:15 - 2015-10-19 12:33 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-27 21:04 - 2015-03-14 21:29 - 00000000 ____D C:\KMPlayer
2016-04-27 15:16 - 2016-01-22 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-04-27 15:16 - 2016-01-22 00:50 - 00000000 ____D C:\WINDOWS\system32\NV
2016-04-23 16:09 - 2013-09-06 10:10 - 00000000 ____D C:\ProgramData\Norton
2016-04-23 16:08 - 2016-01-21 21:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-04-23 16:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-23 16:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(68)
2016-04-23 16:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(317)
2016-04-23 16:08 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-23 15:31 - 2016-04-07 15:31 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-23 12:45 - 2013-09-06 10:04 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2016-04-21 20:09 - 2016-01-21 18:19 - 00001761 _____ C:\Users\Public\Desktop\Webium's Modpack.lnk
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-09 13:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-05-2016
Ran by galle_000 (2016-05-14 15:22:02)
Running from C:\Users\galle_000\Desktop
Windows 8.1 (X64) (2014-07-09 16:52:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3396484246-1754920453-1593871313-500 - Administrator - Disabled)
galle_000 (S-1-5-21-3396484246-1754920453-1593871313-1002 - Administrator - Enabled) => C:\Users\galle_000
Guest (S-1-5-21-3396484246-1754920453-1593871313-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3396484246-1754920453-1593871313-1008 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aktualizace NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{2E0DEF55-D1D3-493C-8673-D4B30F12B9CE}) (Version: 2.51.0 - Kovid Goyal)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON PX650 Series Printer Uninstall (HKLM\...\EPSON PX650 Series) (Version: - SEIKO EPSON Corporation)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{0FEE0C28-850D-4AC0-92E7-57D214134102}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.2.8.17 - HP)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{F971B444-C3D5-4AFD-A891-32B9DF79EBC7}) (Version: 4.0.41.2072 - Intel)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.134 - PandoraTV)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mediatek Bluetooth (HKLM\...\{904C579C-9366-D3B7-7F31-4879401DBD4A}) (Version: 11.0.756.0 - Mediatek)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
webiums modpack 0.9.14.1 v9.14.17 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: 9.14.17 - myWOTmods.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks - Common Test (HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3396484246-1754920453-1593871313-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07AD4446-E847-4C8B-8996-8D5AED601FA0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {20300F2C-130A-4459-AB1E-1F4D70425137} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {25A496F2-1DCA-4881-B4CF-29E8D13C43F1} - System32\Tasks\SafeZone scheduled Autoupdate 1461420425 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {30624E43-67C4-4B47-A400-DEC33B9DA07A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)
Task: {307DF8B3-639A-4CE9-85BA-CE8F983A13D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {36445DB8-381F-47FA-8662-D3FCC8C540D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)
Task: {52C361C4-D657-4466-B43E-C4A138357212} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {5AFE86BE-1322-4559-BA08-2AEE89E28D15} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-13] (AVAST Software)
Task: {6159CB6E-90BB-4C13-84D7-B859B1577278} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-02-07] (Intel)
Task: {9140CA6B-A800-4F23-A38F-42AF46453C4C} - System32\Tasks\HPCeeScheduleForgalle_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {AC580F3B-29AA-4B3E-925A-6A5399FD021F} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.)
Task: {B5C8032E-B474-489B-8F0D-387C84F4A1A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D9E9A65C-3806-4670-B366-ED62904735F1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-07] (AVAST Software)
Task: {EB358383-00CF-413B-9DF5-0EBAEF9EA4C9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-15] (Synaptics Incorporated)
Task: {FC0FCF8E-44DE-4254-BB0E-A91136DA17C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForgalle_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-09-06 09:52 - 2015-12-16 16:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-13 10:35 - 2013-02-13 10:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 10:35 - 2013-02-13 10:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2016-02-28 18:34 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-01-21 22:02 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-28 18:34 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-03-19 14:21 - 2013-03-19 14:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-22 13:21 - 2015-10-22 13:21 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-22 13:21 - 2015-10-22 13:21 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2016-05-13 15:11 - 2016-05-13 15:11 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-13 15:11 - 2016-05-13 15:11 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-13 23:46 - 2016-05-13 23:46 - 02906112 _____ () C:\Program Files\AVAST Software\Avast\defs\16051301\algo.dll
2016-05-14 13:46 - 2016-05-14 13:46 - 02906112 _____ () C:\Program Files\AVAST Software\Avast\defs\16051401\algo.dll
2016-05-13 15:11 - 2016-05-13 15:11 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-13 15:11 - 2016-05-13 15:11 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-11-24 22:27 - 2007-04-19 10:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
2016-04-23 16:04 - 2016-04-23 16:04 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-14 10:39 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-14 10:39 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-03-10 20:59 - 2016-02-29 19:59 - 00044544 _____ () C:\Games\World_of_Tanks\voip.dll
2016-01-21 15:30 - 2014-02-11 13:48 - 00323568 _____ () C:\Games\World_of_Tanks\ortp.dll
2013-09-06 09:53 - 2013-02-16 02:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3396484246-1754920453-1593871313-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\galle_000\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7C2487A-EB04-4362-962D-E96A9B884A57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{285F0AFC-3B42-47A1-A01F-F9F60E13F3DA}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{4E0150CA-6B7A-40B2-A9A3-6463D26B5D28}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{1D87D8BE-4F84-4793-AA10-5DBEE9479F10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{450EFE43-8D33-4234-BE52-D9616F8F13FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2D369B67-B3A5-46F1-8E89-7F4226231B5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10FB23D1-E447-498E-ABCF-E25F72DBE088}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35568650-05E8-48CE-8F3E-5CF40D3111B3}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{6BAEC9C2-63B6-4B0D-B152-D38F2D7D65F9}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{35E992B9-D7CC-4350-8F97-D05A639E4D7E}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{5D7086D5-546F-429B-9E6A-3B40D32ECF0F}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{C2A6BCC7-AE3D-4545-88A3-197F30639C13}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{00BBEBC7-5138-4323-AF70-649AAA1F50E2}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{1F18E883-E4EB-4363-A09A-8D418DE2A7E6}] => (Allow) LPort=1900
FirewallRules: [{CFC5F48D-4E2E-4651-8258-564290D7CF12}] => (Allow) LPort=2869
FirewallRules: [{ABC1AB07-A9B6-4287-BB01-8D8CEF659A1C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1723A7A8-8273-4DD3-8A72-0E591A369552}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{6E9B5DE6-7B1E-45BE-BA64-606682D1762F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{ED9334C1-38DA-4BE9-91B1-C5DFC7AC7FE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1B565141-9FF4-4B05-AD27-A3865E295603}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{C44FA47A-DBFC-4E84-AF75-7FD86AE0BF4F}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{2FA85C17-83E7-4590-93A5-1B247435B31C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{A8A837F3-10D7-49D1-AC3A-B2384BE33AF3}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{8541B88E-BE1F-47AA-8D7D-937088660F80}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{EDF65731-DEE9-4C9F-A4CF-65DBD7BAE9A5}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{FAAC8090-932E-4A0B-9789-4944D56288E6}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{B44A3250-8B54-4B04-AD76-4C3CED5519B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A3EE7530-C01A-4D2B-9077-58FB72A96730}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{554969EC-9E6E-4132-810B-BA9D681D417F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D9DDC415-682D-41EB-A25D-69ECAC199679}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB9EF22E-BA15-4A2B-B199-5BB74EABBDC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4A4C20E3-02C6-41A4-9286-4917598E5F8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61C57C82-93AB-4BFA-9CB0-DEB6B1B9B919}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CD7CFF4-B958-40FB-B14D-56C39C8FF0E5}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{CC846638-ED45-43F1-80DF-434F493FD903}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{603B810C-02E8-493A-B181-3F12607125B6}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [{AF0BF39C-3D23-4361-9248-825B9045CF64}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [{1BAE584E-CDFC-4B6C-9EE3-8BD825577362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
11-05-2016 18:07:37 Restore Point Created by FRST
11-05-2016 21:14:26 Revo Uninstaller Pro's restore point - Google Chrome
13-05-2016 14:47:32 Operace obnovení
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/14/2016 01:52:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 22514. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (05/14/2016 01:52:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (05/14/2016 01:49:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 12.8.2.1000, časové razítko: 0x521e7441
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18202, časové razítko: 0x569e72bb
Kód výjimky: 0xe0434352
Posun chyby: 0x00015b68
ID chybujícího procesu: 0x10ac
Čas spuštění chybující aplikace: 0xIAStorDataMgrSvc.exe0
Cesta k chybující aplikaci: IAStorDataMgrSvc.exe1
Cesta k chybujícímu modulu: IAStorDataMgrSvc.exe2
ID zprávy: IAStorDataMgrSvc.exe3
Úplný název chybujícího balíčku: IAStorDataMgrSvc.exe4
ID aplikace související s chybujícím balíčkem: IAStorDataMgrSvc.exe5
Error: (05/14/2016 01:49:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.TypeInitializationException
Zásobník:
na System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.GetSubstituteDataContractType(System.Type, Boolean ByRef)
na System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter+PartInfo..ctor(System.ServiceModel.Description.MessagePartDescription, System.Xml.XmlDictionaryString, System.Xml.XmlDictionaryString, System.Collections.Generic.IList`1<System.Type>, System.ServiceModel.Description.DataContractSerializerOperationBehavior)
na System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.CreatePartInfo(System.ServiceModel.Description.MessagePartDescription, System.ServiceModel.OperationFormatStyle, System.ServiceModel.Description.DataContractSerializerOperationBehavior)
na System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.CreateMessageInfo(System.ServiceModel.DataContractFormatAttribute, System.ServiceModel.Description.MessageDescription, System.ServiceModel.Description.DataContractSerializerOperationBehavior)
na System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter..ctor(System.ServiceModel.Description.OperationDescription, System.ServiceModel.DataContractFormatAttribute, System.ServiceModel.Description.DataContractSerializerOperationBehavior)
na System.ServiceModel.Description.DataContractSerializerOperationBehavior.GetFormatter(System.ServiceModel.Description.OperationDescription, Boolean ByRef, Boolean ByRef, Boolean)
na System.ServiceModel.Description.DataContractSerializerOperationBehavior.System.ServiceModel.Description.IOperationBehavior.ApplyDispatchBehavior(System.ServiceModel.Description.OperationDescription, System.ServiceModel.Dispatcher.DispatchOperation)
na System.ServiceModel.Description.DispatcherBuilder.BindOperations(System.ServiceModel.Description.ContractDescription, System.ServiceModel.Dispatcher.ClientRuntime, System.ServiceModel.Dispatcher.DispatchRuntime)
na System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(System.ServiceModel.Description.ServiceDescription, System.ServiceModel.ServiceHostBase)
na System.ServiceModel.ServiceHostBase.InitializeRuntime()
na System.ServiceModel.ServiceHostBase.OnBeginOpen()
na System.ServiceModel.ServiceHostBase.OnOpen(System.TimeSpan)
na System.ServiceModel.Channels.CommunicationObject.Open(System.TimeSpan)
na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (05/14/2016 01:46:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEWebSiteLogon.exe, verze: 6.0.100.272, časové razítko: 0x5113b666
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18202, časové razítko: 0x569e72bb
Kód výjimky: 0xe0434352
Posun chyby: 0x00015b68
ID chybujícího procesu: 0xe88
Čas spuštění chybující aplikace: 0xIEWebSiteLogon.exe0
Cesta k chybující aplikaci: IEWebSiteLogon.exe1
Cesta k chybujícímu modulu: IEWebSiteLogon.exe2
ID zprávy: IEWebSiteLogon.exe3
Úplný název chybujícího balíčku: IEWebSiteLogon.exe4
ID aplikace související s chybujícím balíčkem: IEWebSiteLogon.exe5
Error: (05/14/2016 01:46:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IEWebSiteLogon.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.BadImageFormatException
Zásobník:
na IEWebSiteLogon.Program.AppInstanceExist()
na IEWebSiteLogon.Program.Main()
Error: (05/14/2016 10:45:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gfxv4_0.exe, verze: 8.15.10.3621, časové razítko: 0x5376e28b
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18202, časové razítko: 0x569e7eb1
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000008a5c
ID chybujícího procesu: 0x175c
Čas spuštění chybující aplikace: 0xGfxv4_0.exe0
Cesta k chybující aplikaci: Gfxv4_0.exe1
Cesta k chybujícímu modulu: Gfxv4_0.exe2
ID zprávy: Gfxv4_0.exe3
Úplný název chybujícího balíčku: Gfxv4_0.exe4
ID aplikace související s chybujícím balíčkem: Gfxv4_0.exe5
Error: (05/14/2016 10:45:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Gfxv4_0.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Windows.Markup.XamlParseException
Zásobník:
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na GfxUI.App.Main()
Error: (05/14/2016 10:19:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 22334. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
Error: (05/14/2016 10:19:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (05/14/2016 01:49:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/14/2016 01:44:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueSuiteService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/14/2016 10:15:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/14/2016 10:11:45 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba NVIDIA Streamer Service se po přijetí pokynu pro vypnutí neukončila správně.
Error: (05/14/2016 10:08:23 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume42
Error: (05/14/2016 10:06:56 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.
Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x1100000002a8c2. Název souboru je \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\controls. Poškozený atribut indexu je :$I30:$INDEX_ALLOCATION.
Error: (05/14/2016 10:06:51 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.
Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x40000000302c7. Název souboru je \Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.344_x64__8wekyb3d8bbwe\MSAdvertisingJS\ads. Poškozený atribut indexu je :$I30:$INDEX_ALLOCATION.
Error: (05/14/2016 06:00:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).
Error: (05/13/2016 07:38:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/13/2016 02:43:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:10:42, 13. 5. 2016) bylo neočekávané.
CodeIntegrity:
===================================
Date: 2016-01-21 13:21:01.128
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-21 13:21:00.972
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-07 13:37:36.186
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-19 23:54:16.308
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-28 16:50:23.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-10 17:35:09.146
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-03 11:25:56.082
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-25 10:03:13.235
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-17 09:22:36.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-15 08:55:24.118
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8124.02 MB
Available physical RAM: 4369.16 MB
Total Virtual: 9404.02 MB
Available Virtual: 5043.73 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:911.06 GB) (Free:800.68 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.24 GB) (Free:1.94 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 9BD31F4E)
Partition: GPT.
==================== End of Addition.txt ============================
