Zdravim prosim o kontrolu
Napsal: 23 čer 2016 16:49
Zdravim spustal som kontrolu pc a naslo my nejake viry mozem poprosit o kontrolu ci uz to je v ok.
Vdaka
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Marekk (2016-06-23 17:40:12)
Running from C:\Users\Marekk\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-09 17:31:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1350484346-254228946-786380247-500 - Administrator - Disabled)
Guest (S-1-5-21-1350484346-254228946-786380247-501 - Limited - Disabled)
Marekk (S-1-5-21-1350484346-254228946-786380247-1001 - Administrator - Enabled) => C:\Users\Marekk
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKV Player 2.1.22 (HKLM-x32\...\MKV Player_is1) (Version: - )
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Graphics Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{456d8c61-5239-43f5-8e18-5996acfb89e7}) (Version: latest - ppy Pty Ltd)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version: - CD PROJEKT RED)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1350484346-254228946-786380247-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08E74CDB-E8E7-43CC-9FB1-32582731AC23} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-12] (AVAST Software)
Task: {0EF06165-4048-4832-9E23-426206335BD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {1E98BEDC-91AF-4B92-8177-B9905B803C3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3F19C207-E6A7-4A00-ACA5-0D3EB17ACF50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-09] (Adobe Systems Incorporated)
Task: {3F50D75B-4F5E-45B0-A69E-93E9F0DAD87A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-12] (AVAST Software)
Task: {53F9BF2B-42DF-4F53-9B1D-9028C247FF5C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {9EF8F3D9-1B95-42B9-9507-F59100BDE60E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {BF934A35-25EF-47DB-9D46-D8617AA69829} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0cf9772f-5c24-4547-a6f8-c8639e543c6a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C8394468-14A5-46D1-9848-B5F5C82DA695} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8ef55a2b-c9db-4dfb-acf3-48c7fd148074 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D22E94A4-66A3-4268-9794-4DED7BF3CDC2} - System32\Tasks\SafeZone scheduled Autoupdate 1465766526 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0cf9772f-5c24-4547-a6f8-c8639e543c6a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8ef55a2b-c9db-4dfb-acf3-48c7fd148074.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-05-09 19:46 - 2016-04-27 13:51 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-10 15:48 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\28595libfoxloader-x64.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-10 15:48 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-05-10 15:48 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-06-12 23:18 - 2016-06-12 23:18 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-22 20:04 - 2016-06-22 20:04 - 02939392 _____ () C:\Program Files\AVAST Software\Avast\defs\16062202\algo.dll
2016-06-23 17:33 - 2016-06-23 17:33 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062302\algo.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-10 15:48 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\28595libfoxloader.dll
2016-06-18 11:52 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 11:52 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-05-15 21:24 - 2016-04-29 22:10 - 00785920 _____ () D:\Steam\SDL2.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2016-06-20 16:18 - 2016-06-15 02:47 - 02387024 _____ () D:\Steam\video.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-06-20 16:18 - 2016-06-15 02:47 - 00829008 _____ () D:\Steam\bin\chromehtml.DLL
2016-05-15 21:24 - 2016-02-18 00:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2016-05-10 15:48 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-20 16:17 - 2016-06-14 21:14 - 49826080 _____ () D:\Steam\bin\libcef.dll
2016-05-09 19:52 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1350484346-254228946-786380247-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A45AE211-4832-43FB-8196-417DB470F8C8}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{17879749-2EE3-45EB-9CEC-644CEF409C34}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EB582622-6990-49C8-9E5F-A6CCB74705BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{476C1D4E-82ED-46DF-8782-D1C36DF2BCB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9002C6AD-F03E-404B-A421-48F5F68DC41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21B9245E-9B9D-41FE-98B1-88CBAD138922}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B99CE0E0-9934-4ECC-9A84-4FBA91510615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{563D4BD8-12B1-4A81-BF3E-A6C487236243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{290348AB-7539-42F8-A6AE-B20A6CF923FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{797D0098-CB8F-4A23-B4F3-6D9BEB97548A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{A9358063-D7D5-45A8-907C-1F28F9B2F394}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{27A60476-8064-425A-BB68-D5ECCA42D6DB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CB642AC6-7BA6-4E45-A846-8216734E1730}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{4466661B-B07F-497C-9261-8A7AAF16615A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5EFC0A22-7062-44A3-9DEF-AF0FDE1E3D4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{56FF45BD-85B7-4B1D-9244-22A0AE9EA790}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE904FFA-5FD5-49AA-9CE3-DEF23B404A89}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F58C5B01-667E-43E2-A88B-E8B95DFD1545}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5711CBBC-300A-4536-8295-30CB14B478DF}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{804E0D51-1469-4182-9F80-50FACC3C7ECC}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6D9783C8-10A7-4773-8153-50CC88D471B2}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1AA6E48F-C278-44E8-A760-E16C3F399E9C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{62E8788F-1FEC-4146-BCC0-A5DDA7BAA11A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{DF6B122C-F63F-404F-AFBE-D54A6294F290}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{A04845CD-6876-40CE-ADE8-8629C40311A0}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{088BD48D-CF5A-4ADA-979B-85F3F6D8C272}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5A88A1F4-C9FE-4CCF-AFD5-2C6099749EF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A33FC076-EF90-4161-B77A-999C5ACB6E9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C37ADDE8-53E7-4C54-8C1E-B486F737DB5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E22D10C5-CFF2-4B16-9D06-7077727EDBC6}] => (Allow) D:\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{03B08233-E595-43F0-9A7C-0B936C64A342}] => (Allow) D:\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{AC2EF6F5-4BAD-4BCB-904E-73644B8C1D08}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{4A8E76D0-5B0B-4E85-AC68-72BD8347A56F}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{B44E047F-E0E2-48A2-8E8B-3F45FD160237}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{9E62A4B3-B1A8-4C78-9C36-5FEA6C31FD5A}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{2EF95832-C0DF-4CE3-993D-81FC97FE23BC}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{62359145-385A-4A7F-9922-BA2A6915FC32}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{A8AA5909-D939-4113-8554-B26D098419C2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1DE76911-6893-45AC-8AF7-CAE9B30B852B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1623C029-6918-49A4-AF42-2958CC33326E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BB784EF7-073D-48F6-A57B-EE6EB635818D}] => (Allow) LPort=1688
==================== Restore Points =========================
18-06-2016 01:22:05 ASU_MSI_TRAN
==================== Faulty Device Manager Devices =============
Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/23/2016 05:33:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe16350565
Faulting process id: 0xd1c
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/22/2016 08:42:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffef1650565
Faulting process id: 0xbb4
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/22/2016 08:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SUPERAntiSpyware.exe, version: 6.0.0.1220, time stamp: 0x574dce27
Faulting module name: SUPERAntiSpyware.exe, version: 6.0.0.1220, time stamp: 0x574dce27
Exception code: 0xc0000005
Fault offset: 0x000000000008a969
Faulting process id: 0xfd0
Faulting application start time: 0xSUPERAntiSpyware.exe0
Faulting application path: SUPERAntiSpyware.exe1
Faulting module path: SUPERAntiSpyware.exe2
Report Id: SUPERAntiSpyware.exe3
Faulting package full name: SUPERAntiSpyware.exe4
Faulting package-relative application ID: SUPERAntiSpyware.exe5
Error: (06/22/2016 07:03:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 51.0.2704.103, time stamp: 0x57610a1f
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0x13b4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
Error: (06/22/2016 06:17:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffa221e0565
Faulting process id: 0x9ec
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/18/2016 12:49:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.25.0.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1780
Start Time: 01d1c94511089c3e
Termination Time: 1241
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Report Id: 422edaa1-3542-11e6-8266-2089842cb528
Faulting package full name:
Faulting package-relative application ID:
Error: (06/17/2016 09:24:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: d08
Start Time: 01d1c8692c118662
Termination Time: 2
Application Path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Report Id: 8258575a-345c-11e6-8265-2089842cb528
Faulting package full name:
Faulting package-relative application ID:
Error: (06/15/2016 10:53:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jpatch.exe, version: 0.0.0.0, time stamp: 0x5758e7e3
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0x540
Faulting application start time: 0xjpatch.exe0
Faulting application path: jpatch.exe1
Faulting module path: jpatch.exe2
Report Id: jpatch.exe3
Faulting package full name: jpatch.exe4
Faulting package-relative application ID: jpatch.exe5
Error: (06/15/2016 10:51:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jpatch.exe, version: 0.0.0.0, time stamp: 0x5758e7e3
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0xe18
Faulting application start time: 0xjpatch.exe0
Faulting application path: jpatch.exe1
Faulting module path: jpatch.exe2
Report Id: jpatch.exe3
Faulting package full name: jpatch.exe4
Faulting package-relative application ID: jpatch.exe5
Error: (06/14/2016 11:08:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ff946560565
Faulting process id: 0x9d4
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
System errors:
=============
Error: (06/23/2016 05:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (06/23/2016 05:33:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (06/23/2016 05:31:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:20:40 on 22.6.2016 was unexpected.
Error: (06/22/2016 08:42:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (06/22/2016 08:42:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (06/22/2016 08:40:00 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (06/22/2016 08:40:00 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/22/2016 08:39:35 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/22/2016 08:37:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.
Error: (06/22/2016 08:37:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.
CodeIntegrity:
===================================
Date: 2016-06-23 17:33:18.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:42:08.522
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:29:33.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:27:02.492
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:12:40.972
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 19:02:18.993
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 18:43:58.746
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 18:17:05.508
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 17:48:42.769
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 17:46:09.442
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 3998.35 MB
Available physical RAM: 1682.92 MB
Total Virtual: 5214.35 MB
Available Virtual: 2584.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:73.96 GB) (Free:23.56 GB) NTFS
Drive d: () (Fixed) (Total:390.62 GB) (Free:156.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12)
==================== End of Addition.txt ============================
Vdaka
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Marekk (2016-06-23 17:40:12)
Running from C:\Users\Marekk\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-09 17:31:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1350484346-254228946-786380247-500 - Administrator - Disabled)
Guest (S-1-5-21-1350484346-254228946-786380247-501 - Limited - Disabled)
Marekk (S-1-5-21-1350484346-254228946-786380247-1001 - Administrator - Enabled) => C:\Users\Marekk
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKV Player 2.1.22 (HKLM-x32\...\MKV Player_is1) (Version: - )
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Graphics Driver 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
osu! (HKLM-x32\...\{456d8c61-5239-43f5-8e18-5996acfb89e7}) (Version: latest - ppy Pty Ltd)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
The Witcher: Enhanced Edition (HKLM\...\Steam App 20900) (Version: - CD PROJEKT RED)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1350484346-254228946-786380247-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08E74CDB-E8E7-43CC-9FB1-32582731AC23} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-12] (AVAST Software)
Task: {0EF06165-4048-4832-9E23-426206335BD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {1E98BEDC-91AF-4B92-8177-B9905B803C3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3F19C207-E6A7-4A00-ACA5-0D3EB17ACF50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-09] (Adobe Systems Incorporated)
Task: {3F50D75B-4F5E-45B0-A69E-93E9F0DAD87A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-12] (AVAST Software)
Task: {53F9BF2B-42DF-4F53-9B1D-9028C247FF5C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {9EF8F3D9-1B95-42B9-9507-F59100BDE60E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09] (Google Inc.)
Task: {BF934A35-25EF-47DB-9D46-D8617AA69829} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0cf9772f-5c24-4547-a6f8-c8639e543c6a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C8394468-14A5-46D1-9848-B5F5C82DA695} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8ef55a2b-c9db-4dfb-acf3-48c7fd148074 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D22E94A4-66A3-4268-9794-4DED7BF3CDC2} - System32\Tasks\SafeZone scheduled Autoupdate 1465766526 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0cf9772f-5c24-4547-a6f8-c8639e543c6a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8ef55a2b-c9db-4dfb-acf3-48c7fd148074.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-05-09 19:46 - 2016-04-27 13:51 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-10 15:48 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\28595libfoxloader-x64.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-09 20:08 - 2016-04-27 16:35 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-10 15:48 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-05-10 15:48 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-06-12 23:18 - 2016-06-12 23:18 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-22 20:04 - 2016-06-22 20:04 - 02939392 _____ () C:\Program Files\AVAST Software\Avast\defs\16062202\algo.dll
2016-06-23 17:33 - 2016-06-23 17:33 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062302\algo.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-10 15:48 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\28595libfoxloader.dll
2016-06-18 11:52 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 11:52 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-05-15 21:24 - 2016-04-29 22:10 - 00785920 _____ () D:\Steam\SDL2.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2016-06-20 16:18 - 2016-06-15 02:47 - 02387024 _____ () D:\Steam\video.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2016-05-15 21:24 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-05-15 21:24 - 2016-02-09 01:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-06-20 16:18 - 2016-06-15 02:47 - 00829008 _____ () D:\Steam\bin\chromehtml.DLL
2016-05-15 21:24 - 2016-02-18 00:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2016-05-10 15:48 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\Marekk\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-06-12 23:18 - 2016-06-12 23:18 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-20 16:17 - 2016-06-14 21:14 - 49826080 _____ () D:\Steam\bin\libcef.dll
2016-05-09 19:52 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1350484346-254228946-786380247-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1350484346-254228946-786380247-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A45AE211-4832-43FB-8196-417DB470F8C8}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{17879749-2EE3-45EB-9CEC-644CEF409C34}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EB582622-6990-49C8-9E5F-A6CCB74705BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{476C1D4E-82ED-46DF-8782-D1C36DF2BCB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9002C6AD-F03E-404B-A421-48F5F68DC41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21B9245E-9B9D-41FE-98B1-88CBAD138922}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B99CE0E0-9934-4ECC-9A84-4FBA91510615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{563D4BD8-12B1-4A81-BF3E-A6C487236243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{290348AB-7539-42F8-A6AE-B20A6CF923FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{797D0098-CB8F-4A23-B4F3-6D9BEB97548A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{A9358063-D7D5-45A8-907C-1F28F9B2F394}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{27A60476-8064-425A-BB68-D5ECCA42D6DB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CB642AC6-7BA6-4E45-A846-8216734E1730}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{4466661B-B07F-497C-9261-8A7AAF16615A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5EFC0A22-7062-44A3-9DEF-AF0FDE1E3D4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{56FF45BD-85B7-4B1D-9244-22A0AE9EA790}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE904FFA-5FD5-49AA-9CE3-DEF23B404A89}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F58C5B01-667E-43E2-A88B-E8B95DFD1545}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5711CBBC-300A-4536-8295-30CB14B478DF}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{804E0D51-1469-4182-9F80-50FACC3C7ECC}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6D9783C8-10A7-4773-8153-50CC88D471B2}] => (Allow) C:\Users\Marekk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1AA6E48F-C278-44E8-A760-E16C3F399E9C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{62E8788F-1FEC-4146-BCC0-A5DDA7BAA11A}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{DF6B122C-F63F-404F-AFBE-D54A6294F290}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{A04845CD-6876-40CE-ADE8-8629C40311A0}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{088BD48D-CF5A-4ADA-979B-85F3F6D8C272}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5A88A1F4-C9FE-4CCF-AFD5-2C6099749EF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A33FC076-EF90-4161-B77A-999C5ACB6E9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C37ADDE8-53E7-4C54-8C1E-B486F737DB5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E22D10C5-CFF2-4B16-9D06-7077727EDBC6}] => (Allow) D:\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{03B08233-E595-43F0-9A7C-0B936C64A342}] => (Allow) D:\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{AC2EF6F5-4BAD-4BCB-904E-73644B8C1D08}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{4A8E76D0-5B0B-4E85-AC68-72BD8347A56F}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{B44E047F-E0E2-48A2-8E8B-3F45FD160237}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{9E62A4B3-B1A8-4C78-9C36-5FEA6C31FD5A}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{2EF95832-C0DF-4CE3-993D-81FC97FE23BC}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{62359145-385A-4A7F-9922-BA2A6915FC32}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{A8AA5909-D939-4113-8554-B26D098419C2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1DE76911-6893-45AC-8AF7-CAE9B30B852B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1623C029-6918-49A4-AF42-2958CC33326E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BB784EF7-073D-48F6-A57B-EE6EB635818D}] => (Allow) LPort=1688
==================== Restore Points =========================
18-06-2016 01:22:05 ASU_MSI_TRAN
==================== Faulty Device Manager Devices =============
Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/23/2016 05:33:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe16350565
Faulting process id: 0xd1c
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/22/2016 08:42:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffef1650565
Faulting process id: 0xbb4
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/22/2016 08:09:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SUPERAntiSpyware.exe, version: 6.0.0.1220, time stamp: 0x574dce27
Faulting module name: SUPERAntiSpyware.exe, version: 6.0.0.1220, time stamp: 0x574dce27
Exception code: 0xc0000005
Fault offset: 0x000000000008a969
Faulting process id: 0xfd0
Faulting application start time: 0xSUPERAntiSpyware.exe0
Faulting application path: SUPERAntiSpyware.exe1
Faulting module path: SUPERAntiSpyware.exe2
Report Id: SUPERAntiSpyware.exe3
Faulting package full name: SUPERAntiSpyware.exe4
Faulting package-relative application ID: SUPERAntiSpyware.exe5
Error: (06/22/2016 07:03:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 51.0.2704.103, time stamp: 0x57610a1f
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0x13b4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Faulting package full name: chrome.exe4
Faulting package-relative application ID: chrome.exe5
Error: (06/22/2016 06:17:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffa221e0565
Faulting process id: 0x9ec
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (06/18/2016 12:49:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.25.0.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1780
Start Time: 01d1c94511089c3e
Termination Time: 1241
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Report Id: 422edaa1-3542-11e6-8266-2089842cb528
Faulting package full name:
Faulting package-relative application ID:
Error: (06/17/2016 09:24:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: d08
Start Time: 01d1c8692c118662
Termination Time: 2
Application Path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Report Id: 8258575a-345c-11e6-8265-2089842cb528
Faulting package full name:
Faulting package-relative application ID:
Error: (06/15/2016 10:53:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jpatch.exe, version: 0.0.0.0, time stamp: 0x5758e7e3
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0x540
Faulting application start time: 0xjpatch.exe0
Faulting application path: jpatch.exe1
Faulting module path: jpatch.exe2
Report Id: jpatch.exe3
Faulting package full name: jpatch.exe4
Faulting package-relative application ID: jpatch.exe5
Error: (06/15/2016 10:51:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: jpatch.exe, version: 0.0.0.0, time stamp: 0x5758e7e3
Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4e1d
Exception code: 0xc0000018
Fault offset: 0x0009d3c2
Faulting process id: 0xe18
Faulting application start time: 0xjpatch.exe0
Faulting application path: jpatch.exe1
Faulting module path: jpatch.exe2
Report Id: jpatch.exe3
Faulting package full name: jpatch.exe4
Faulting package-relative application ID: jpatch.exe5
Error: (06/14/2016 11:08:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ff946560565
Faulting process id: 0x9d4
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
System errors:
=============
Error: (06/23/2016 05:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (06/23/2016 05:33:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (06/23/2016 05:31:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:20:40 on 22.6.2016 was unexpected.
Error: (06/22/2016 08:42:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (06/22/2016 08:42:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577 = Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Error: (06/22/2016 08:40:00 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (06/22/2016 08:40:00 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/22/2016 08:39:35 PM) (Source: DCOM) (EventID: 10005) (User: marek)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/22/2016 08:37:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.
Error: (06/22/2016 08:37:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.
CodeIntegrity:
===================================
Date: 2016-06-23 17:33:18.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:42:08.522
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:29:33.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:27:02.492
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 20:12:40.972
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 19:02:18.993
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 18:43:58.746
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 18:17:05.508
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 17:48:42.769
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-22 17:46:09.442
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 3998.35 MB
Available physical RAM: 1682.92 MB
Total Virtual: 5214.35 MB
Available Virtual: 2584.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:73.96 GB) (Free:23.56 GB) NTFS
Drive d: () (Fixed) (Total:390.62 GB) (Free:156.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12)
==================== End of Addition.txt ============================
