Prosim o kontrolu logu Vyřešeno

[skrat1]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:05:47, on 21.6.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 47.0 (x86 sk)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Martin\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/?gfe_rd=ssl&ei=mo ... GDaMr3v-AN
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 16\Mm8InternetExplorer.dll
O2 - BHO: Google Analytics Opt-out Browser Add-on - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 16\MMReminderService.exe
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Odoslanie do programu OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Send to MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 16\Mm8InternetExplorer.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - Trusted IP range: http://195.28.70.134
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11297 bytes

[Reklama]

[skrat1]

stale mam problem s Firefoxom, urcite stranky nejdu zobrazit. Aj som preinstaloval Firefox aj cistil registre, IE funguje korektne ale je to tazke ho pouzivat na seriozne surfovanie

[Orcus]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[skrat1]

pise mi ze je to nepodporovana verzia

combofix.png (7.31 KiB) Zobrazeno 5081 x

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[skrat1]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Martin (administrator) on HAMPULE (25-06-2016 01:34:56)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & MSSQL$SQLEXPRESS (Available Profiles: Martin & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Windows\System32\nvwmi64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\SpaceAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2168976 2015-11-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 16\MMReminderService.exe [116424 2015-10-08] (Mindjet)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {168ca439-8253-11e5-8285-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {63b2a8f1-6541-11e5-8282-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96ceb-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96d7f-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2016-05-23]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2016-05-23]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11A20608-4C7E-4607-90DD-6554DA32308C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3ACAFFD1-D47E-4D44-87CE-B90ED6C9E265}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/?gfe_rd=ssl&ei=mo ... GDaMr3v-AN
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1859412321-950005283-4130927000-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-21] (Microsoft Corporation)
BHO: Google Analytics Opt-out Browser Add-on -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2014-04-03] (Google, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-06-21] (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 16\Mm8InternetExplorer.dll [2015-10-08] (Mindjet)
BHO-x32: Google Analytics Opt-out Browser Add-on -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-06-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle Corporation)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\jtaqcex0.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-13] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-01-13] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-06-14] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3167168 2016-05-10] ()
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
S3 cmnxusbser; C:\Windows\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-16] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-03-16] (ESET)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46016 2012-08-16] ()
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1148288 2011-07-06] (Creative Technology Ltd.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
R3 rusb3hub; C:\Windows\System32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\system32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2016-06-18] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-06-25] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-25 01:34 - 2016-06-25 01:35 - 00020673 _____ C:\Users\Martin\Desktop\FRST.txt
2016-06-25 01:34 - 2016-06-25 01:34 - 02387456 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-06-25 01:34 - 2016-06-25 01:34 - 00000000 ____D C:\FRST
2016-06-25 01:32 - 2016-06-25 01:32 - 00201728 _____ (OldTimer Tools) C:\Users\Martin\Downloads\OTC.exe
2016-06-23 20:34 - 2016-06-23 20:36 - 00000000 ____D C:\The.Huntsman.Winters.War.2016.HC.1080p.HDRip.X264.AC3-EVO
2016-06-22 21:15 - 2016-06-22 21:15 - 00000000 ____D C:\Users\Martin\AppData\Local\GHISLER
2016-06-21 20:47 - 2016-06-21 20:47 - 00000000 ____D C:\zoek
2016-06-21 20:40 - 2016-06-21 20:48 - 00003317 _____ C:\runcheck.txt
2016-06-21 20:40 - 2016-06-21 20:48 - 00000000 ____D C:\zoek_backup
2016-06-21 19:51 - 2016-06-21 19:51 - 01309184 _____ C:\Users\Martin\Desktop\zoek.exe
2016-06-20 22:43 - 2016-06-20 22:43 - 00007080 _____ C:\Users\Martin\Desktop\rk_6ECB.txt
2016-06-20 22:25 - 2016-06-20 22:25 - 00000000 ____D C:\Users\Martin\AppData\Local\Macromedia
2016-06-20 22:24 - 2016-06-21 18:05 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-20 22:24 - 2016-06-20 22:47 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-20 22:23 - 2016-06-20 22:23 - 00000635 _____ C:\Users\Martin\Desktop\JRT.txt
2016-06-20 21:14 - 2016-06-20 21:15 - 24206920 _____ C:\Users\Martin\Desktop\RogueKillerX64.exe
2016-06-20 21:14 - 2016-06-20 21:14 - 01610816 _____ (Malwarebytes) C:\Users\Martin\Desktop\JRT.exe
2016-06-20 21:00 - 2016-06-20 21:15 - 972591694 _____ C:\Users\Martin\Downloads\Hra.o.truny.Game.of.Thrones.S06E09.HDTV.CZ.Titulky.avi
2016-06-20 09:10 - 2016-06-20 09:10 - 00000000 ____D C:\Users\Martin\AppData\Local\CEF
2016-06-20 09:09 - 2016-06-20 09:10 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-06-19 14:56 - 2016-06-21 22:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-19 14:56 - 2016-06-19 14:56 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-19 14:56 - 2016-06-19 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-19 14:56 - 2016-06-19 14:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-19 14:56 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-19 14:56 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-19 14:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-19 14:55 - 2016-06-19 14:55 - 22851472 _____ (Malwarebytes ) C:\Users\Martin\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-06-19 14:52 - 2016-06-20 21:17 - 00000000 ____D C:\AdwCleaner
2016-06-19 14:52 - 2016-06-19 14:52 - 03703360 _____ C:\Users\Martin\Desktop\adwcleaner_5.200.exe
2016-06-19 14:51 - 2016-06-19 14:51 - 00000000 ____D C:\Users\Martin\AppData\Local\Logitech
2016-06-19 14:48 - 2016-06-19 14:48 - 00448512 _____ (OldTimer Tools) C:\Users\Martin\Downloads\TFC.exe
2016-06-19 14:46 - 2016-06-19 14:46 - 00050688 _____ (Atribune.org) C:\Users\Martin\Downloads\ATF-Cleaner.exe
2016-06-18 23:17 - 2016-06-18 23:17 - 00000788 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2016-06-18 23:17 - 2016-06-18 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-06-18 23:16 - 2016-06-18 23:16 - 00000000 ____D C:\Users\Martin\Downloads\TempBK
2016-06-18 20:45 - 2016-06-18 23:17 - 00000056 _____ C:\Windows\Lic.xxx
2016-06-18 20:45 - 2016-06-18 20:45 - 02708947 _____ (Blizzard Entertainment) C:\Users\Martin\Downloads\Downloader_Warcraft3_Reign_of_Chaos_enGB.exe
2016-06-18 20:44 - 2016-06-18 20:44 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2016-06-18 20:44 - 2016-06-18 20:44 - 00632064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2016-06-18 20:44 - 2016-06-18 20:44 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2016-06-18 20:44 - 2016-06-18 20:44 - 00554240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2016-06-18 20:44 - 2016-06-18 20:44 - 00350160 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-06-18 20:44 - 2016-06-18 20:44 - 00156392 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2016-06-18 20:44 - 2016-06-18 20:44 - 00001056 _____ C:\Users\Martin\Desktop\MWAVSCAN.lnk
2016-06-18 20:44 - 2016-06-18 20:44 - 00000000 ____D C:\ProgramData\MicroWorld
2016-06-18 20:37 - 2016-06-18 20:40 - 154422000 _____ C:\Users\Martin\Downloads\mwav.exe
2016-06-18 20:31 - 2016-06-18 20:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martin\Downloads\HijackThis.exe
2016-06-18 02:30 - 2016-06-18 02:30 - 00218473 _____ C:\Users\Martin\Downloads\Chanel Edytor CR 652.rar
2016-06-18 02:30 - 2016-06-18 02:30 - 00000000 ____D C:\Users\Martin\Downloads\Chanel Edytor CR 652
2016-06-18 02:13 - 2016-06-18 02:13 - 00000000 ____D C:\Users\Martin\Downloads\652HD_V1.09.15588_03-02-2016_A_patch
2016-06-18 02:12 - 2016-06-18 02:12 - 04292177 _____ C:\Users\Martin\Downloads\652HD_V1.09.15588_03-02-2016_A_patch.rar
2016-06-14 20:32 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-14 20:32 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 20:32 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 20:32 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 20:32 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-14 20:32 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 20:32 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 20:32 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-14 20:32 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 20:32 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 20:32 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-14 20:32 - 2016-05-12 18:24 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 20:32 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 20:32 - 2016-05-12 18:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 20:32 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 20:32 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 20:32 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 20:32 - 2016-05-12 17:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 20:32 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 20:32 - 2016-05-12 17:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 20:32 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 20:32 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 20:32 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 20:32 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 20:31 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 20:31 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 20:31 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 20:31 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 20:31 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 20:31 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 20:31 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-14 20:31 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-14 20:31 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 20:31 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-14 20:31 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 20:31 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-14 20:31 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-14 20:31 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-14 20:31 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-14 20:31 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-14 20:31 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-14 20:31 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-14 20:31 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 20:31 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-14 20:31 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 20:31 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-14 20:31 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 20:31 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-14 20:31 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-14 20:31 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 20:31 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-14 20:31 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 20:31 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 20:31 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 20:31 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-14 20:31 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 20:31 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-14 20:31 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 20:31 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 20:31 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 20:31 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 20:31 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 20:31 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 20:31 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 20:31 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 20:31 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-14 20:31 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 20:31 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 20:31 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 20:31 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 20:31 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 20:31 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-14 20:31 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 20:31 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 20:31 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-14 20:31 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 20:31 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 20:31 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 20:31 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-14 20:31 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-14 20:31 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 20:31 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 20:31 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-14 20:31 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-14 20:31 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 20:31 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-14 20:31 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-14 20:31 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-14 20:31 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-14 20:30 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 20:30 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-13 20:49 - 2016-06-13 20:49 - 00045109 _____ C:\Users\Martin\Downloads\GameofThronesS06E081080pHDTVx264BATV.srt
2016-06-13 19:43 - 2016-06-13 20:38 - 4052154777 _____ C:\Users\Martin\Downloads\GameofThronesS06E081080pHDTVx264BATV.mkv
2016-06-05 12:59 - 2016-06-21 18:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-05 12:59 - 2016-06-05 13:05 - 00000000 ____D C:\Users\Martin\AppData\Local\Mozilla
2016-06-05 12:59 - 2016-06-05 12:59 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-05 12:59 - 2016-06-05 12:59 - 00001119 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-05 12:59 - 2016-06-05 12:59 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Mozilla
2016-06-05 12:54 - 2016-06-05 12:54 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-05 12:54 - 2016-06-05 12:54 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-05 12:54 - 2016-06-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-05 12:54 - 2016-06-05 12:54 - 00000000 ____D C:\Program Files\CCleaner
2016-06-05 12:53 - 2016-06-05 12:53 - 06893008 _____ (Piriform Ltd) C:\Users\Martin\Downloads\ccsetup518.exe
2016-05-31 18:40 - 2016-05-31 18:40 - 00242344 _____ C:\Users\Martin\Downloads\Firefox Setup Stub 46.0.1 (1).exe
2016-05-30 22:24 - 2016-05-30 22:24 - 00242344 _____ C:\Users\Martin\Downloads\Firefox Setup Stub 46.0.1.exe
2016-05-26 16:34 - 2016-06-11 23:08 - 00000000 ____D C:\Users\Martin\Documents\The Witcher 3

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-25 01:33 - 2016-05-25 19:39 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-25 01:33 - 2016-01-04 18:34 - 00000564 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2016-06-25 01:33 - 2015-03-27 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-25 01:33 - 2015-03-09 22:35 - 00000490 _____ C:\Windows\Tasks\SDMsgUpdate (TE).job
2016-06-25 01:33 - 2015-01-12 23:26 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2016-06-25 01:33 - 2015-01-12 23:26 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2016-06-25 01:33 - 2015-01-12 23:05 - 00000000 __RDO C:\Users\Martin\OneDrive
2016-06-25 01:33 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 01:33 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-06-25 01:29 - 2015-01-13 22:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2016-06-25 01:29 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-25 00:50 - 2015-01-14 22:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-25 00:49 - 2016-05-25 19:39 - 00000960 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-23 20:56 - 2015-02-10 17:10 - 00180808 _____ C:\Windows\system32\perfh01B.dat
2016-06-23 20:56 - 2015-02-10 17:10 - 00064836 _____ C:\Windows\system32\perfc01B.dat
2016-06-23 20:56 - 2014-03-18 12:09 - 01289122 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-22 01:09 - 2016-05-18 05:41 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\uTorrent
2016-06-21 22:40 - 2015-01-12 23:49 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-21 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 22:15 - 2015-01-12 23:02 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2016-06-20 22:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-06-20 20:59 - 2015-01-13 22:09 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Kodi
2016-06-19 19:36 - 2015-01-12 23:08 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1859412321-950005283-4130927000-1001
2016-06-18 20:59 - 2016-02-16 18:42 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-18 20:47 - 2013-08-22 15:25 - 00000508 _____ C:\Windows\win.ini
2016-06-18 17:42 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-18 17:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-18 02:23 - 2015-01-13 22:11 - 00000000 ____D C:\Users\Martin\AppData\Roaming\GHISLER
2016-06-16 23:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-06-16 22:50 - 2015-01-14 22:04 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 22:30 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-15 22:02 - 2015-04-15 18:27 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-15 22:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-15 22:02 - 2013-08-22 16:44 - 05176136 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 21:59 - 2015-01-13 00:22 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 21:57 - 2015-01-13 00:22 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 19:13 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-06 20:00 - 2015-11-08 13:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-05 13:03 - 2015-01-12 23:39 - 00000000 __SHD C:\Users\Martin\AppData\LocalLow\EmieSiteList
2016-06-05 12:56 - 2015-11-19 22:05 - 00000000 ____D C:\Windows\Minidump
2016-06-05 12:56 - 2015-05-23 19:57 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2016-06-05 12:56 - 2015-01-13 05:12 - 00000000 ____D C:\Windows\Panther

==================== Files in the root of some directories =======

2015-03-29 12:01 - 2015-03-29 12:01 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-05-18 19:33 - 2016-05-18 19:33 - 240398848 _____ () C:\Users\Martin\AppData\Roaming\Launcher.dat
2016-05-18 19:33 - 2016-05-18 19:33 - 0000009 _____ () C:\Users\Martin\AppData\Roaming\update.dat
2016-05-18 19:33 - 2016-05-19 19:34 - 0000004 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\notaut.txt
2016-01-30 17:50 - 2016-02-29 22:07 - 0007602 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2009-02-24 13:40 - 2009-02-24 13:40 - 0001026 _____ () C:\ProgramData\cfSB0270.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001026 _____ () C:\ProgramData\cfSB0271.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001302 _____ () C:\ProgramData\cfSB0300.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001282 _____ () C:\ProgramData\cfSB0471.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001208 _____ () C:\ProgramData\cfSB0490.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001027 _____ () C:\ProgramData\cfSB0560.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001352 _____ () C:\ProgramData\cfSB0910.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0000590 _____ () C:\ProgramData\cfSB0950.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001352 _____ () C:\ProgramData\cfSB1090.ini
2009-02-24 13:40 - 2009-02-24 13:40 - 0001346 _____ () C:\ProgramData\cfSB1100.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-23 20:46

==================== End of FRST.txt ============================

[skrat1]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Martin (2016-06-25 01:35:13)
Running from C:\Users\Martin\Desktop
Windows 8.1 Enterprise (Update) (X64) (2015-01-12 21:02:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1859412321-950005283-4130927000-500 - Administrator - Disabled)
Guest (S-1-5-21-1859412321-950005283-4130927000-501 - Limited - Disabled)
Martin (S-1-5-21-1859412321-950005283-4130927000-1001 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.376.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version: - Creative Assembly)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{AFADB5DC-3ABC-421F-9DAD-BDABE511258B}) (Version: 4.0.51117.1 - Microsoft Corporation)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.8 - Arduino LLC)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASRock eXtreme Tuner v0.1.189 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MF Toolbox 4.9.1.1.mf16 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf16 - CANON INC.)
Canon MF4700 Series (HKLM\...\{47A8DB42-4E21-4d55-9931-D4F44CC3F03B}) (Version: 4.1.0.1 - CANON INC.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.47.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
ESET NOD32 Antivirus (HKLM\...\{DBA92123-D2AF-440D-9911-5CD782EB75D3}) (Version: 9.0.351.2 - ESET, spol. s r.o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Analytics Opt-out Browser Add-on (HKLM\...\{82B280A2-521E-4D30-AF15-38CD6D5CB629}) (Version: 0.9.6.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
Kodi (HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Kodi) (Version: - XBMC-Foundation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus - sk-sk (HKLM\...\ProPlusRetail - sk-sk) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{D9C53793-2E6A-4C6D-BA0B-898A17876A5D}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{537203CB-708E-43A3-BA16-3D5C14A587BB}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Mindjet MindManager 2016 (HKLM-x32\...\{3EC82E19-2955-42A0-95F9-E0E77CA5771B}) (Version: 16.0.152 - Mindjet)
Moj CEWE FOTOSVET (HKLM-x32\...\Moj CEWE FOTOSVET) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Mozilla Firefox 47.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 sk)) (Version: 47.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.10000.1.0 - Nero AG)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafický ovládač 362.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.56 - NVIDIA Corporation)
NVIDIA nView 146.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.78 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 362.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 362.56 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA WMI 2.25.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.25.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 362.56 (Version: 362.56 - NVIDIA Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PTGui Pro 9.1.6 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
SmartDraw 2013 (HKLM-x32\...\SmartDraw 2013) (Version: - SmartDraw.com)
SQL Server 2014 Client Tools (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1859412321-950005283-4130927000-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E0023A0-4F75-4AD8-9562-F1E56F8D2ECD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {0F2739AE-10EB-4553-BE3A-DCA9120DCAC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)
Task: {136DB713-590E-43BC-8573-B4C8B2FE9D72} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {15F81A8B-0B9B-4F00-8260-231F5AB6804F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {15FDA46C-B7FD-4DDC-93F8-FE92822D21ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {3F06915F-88E6-4CF9-93A1-ACBDC5C014E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {4002E565-3DD0-44D5-9486-B9C22DA8734C} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {61CE5350-DFB8-4CAF-BEC0-F77ED0BF9736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: {6F5C4BD3-DB65-4C84-AAF9-BE0ED8CCA224} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: {7A9F0E6C-91EB-4AA2-8EB7-B21DC9D883C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {901B8CB2-7A13-4EC5-9813-93A820DC1024} - System32\Tasks\SDMsgUpdate (TE) => C:\Program Files (x86)\SmartDraw 2013\Messages\SDNotify.exe [2012-08-13] ()
Task: {E6C6D4D5-9FFA-4AC5-8486-CB42B2B65708} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe
Task: C:\Windows\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe\-PTE -V20000102 -SSDU.ini -A -Mhxxp:/www.smartdraw.com/msgs/messagecheck.asp

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-05-17 16:57 - 2016-05-10 21:30 - 03167168 _____ () C:\Windows\system32\nvwmi64.exe
2016-05-17 16:56 - 2016-05-10 18:24 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-12 23:49 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-08-16 21:36 - 2012-08-16 21:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 21:36 - 2012-08-16 21:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-05-16 17:32 - 2009-11-30 18:54 - 00089088 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2016-05-16 17:32 - 2009-12-08 15:52 - 00230912 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2016-06-01 20:15 - 2016-06-01 20:15 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2015-03-31 16:17 - 2015-10-12 05:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-19 22:11 - 2016-02-19 22:11 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\katasterportal.sk -> hxxp://www.katasterportal.sk
IE trusted site: HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\katasterportal.sk -> hxxps://www.katasterportal.sk

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-06-21 20:40 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "iSCTsysTray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "MMReminderService"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{901A99C5-71EC-46A0-9236-21034E7FC70E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{0299FD8E-B16C-48AD-AC0D-DA251924D73F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{92289DAC-C1BB-4C43-A9E7-D6EACA0A9674}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{2E8E64E4-DA57-4F83-A7F1-2DB2A8B5BB56}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{66F79405-8F85-45DF-8367-64AFBA1D23D7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C0A8E08E-3420-409F-AD07-0625998BA266}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{8E630550-51D7-4C81-ABCC-7B3AA27BDB2D}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{29517911-3327-4726-8F6B-4D52200513AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82DCCFD2-FB7F-4770-B513-CC2696C30C1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1557C2FD-CCE8-4422-9257-6119F2F921AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AA7247B6-F63D-4035-AD58-A52DEBA56B50}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FA267FC5-63AF-41D8-B1AB-CC6FAEA91515}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AA4DC669-526B-4984-A10F-84C63C55E85E}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{21380226-E435-4226-8929-5B0FCDD426B4}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{24BC3F2A-F805-448D-B180-D6044589B72B}] => (Allow) C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{45EF503E-19A9-46F0-B4F0-E2A70CAC03E6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{925FAD04-224A-4BF0-8B12-0E9D87937123}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{F586047A-54D1-4494-AC71-4B4EBDE9ADAA}F:2\steam\steam.exe] => (Allow) F:2\steam\steam.exe
FirewallRules: [UDP Query User{061C2DAA-24B0-4B06-98C6-D56196C33EF9}F:2\steam\steam.exe] => (Allow) F:2\steam\steam.exe
FirewallRules: [TCP Query User{415E9173-83F2-4006-960C-C4D374C7898B}F:2\steam\steamapps\common\portal 2\portal2.exe] => (Block) F:2\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{B8817F5B-4F46-40ED-B28E-13238872460F}F:2\steam\steamapps\common\portal 2\portal2.exe] => (Block) F:2\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{5517D193-B5F4-43FD-A45B-21756FE43BB9}F:5\steam\steam.exe] => (Allow) F:5\steam\steam.exe
FirewallRules: [UDP Query User{4E7FE2B7-4B09-49A6-A675-38F92918377B}F:5\steam\steam.exe] => (Allow) F:5\steam\steam.exe
FirewallRules: [TCP Query User{1BC31C33-14CB-494D-8E99-1684B383A75E}F:5\steam\steamapps\common\portal 2\portal2.exe] => (Allow) F:5\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{E631766D-2A4E-4E91-ACB7-AD4930E96447}F:5\steam\steamapps\common\portal 2\portal2.exe] => (Allow) F:5\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{EAA04952-6E1E-4423-A2A3-6AD5101E64C7}F:3\steam\steamapps\common\portal 2\portal2.exe] => (Allow) F:3\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{0DDA94DC-19FF-49C4-A799-A366738F021E}F:3\steam\steamapps\common\portal 2\portal2.exe] => (Allow) F:3\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{60F3DB2F-C04C-45A7-BAF6-BEAD313F9A8D}F:8\steam\steam.exe] => (Allow) F:8\steam\steam.exe
FirewallRules: [UDP Query User{2C742228-749E-4682-9BC4-6378A2011741}F:8\steam\steam.exe] => (Allow) F:8\steam\steam.exe
FirewallRules: [TCP Query User{A7DFE266-6CB9-4B09-8DE1-D6F89F3755BD}F:8\steam\steamapps\common\portal 2\portal2.exe] => (Block) F:8\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{EF2CE12E-CA2C-4E45-8058-CB3919CC95F7}F:8\steam\steamapps\common\portal 2\portal2.exe] => (Block) F:8\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{76DBEDB2-3DA1-45C9-A4FA-3141B3EAF53C}F:5\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Block) F:5\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{68036F54-2D6C-4A26-8CDA-F2023FB582C7}F:5\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Block) F:5\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{9E7B2C25-9D16-4B47-9778-4E3C16639FEF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6DE10CCC-4796-4BF9-908F-F2B14E1FBD08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{13DE6594-BD3D-46C6-8126-B41DA1FB9E49}F:1\steam\steam.exe] => (Allow) F:1\steam\steam.exe
FirewallRules: [UDP Query User{F2702B48-1F5C-4686-8772-054C104E67D5}F:1\steam\steam.exe] => (Allow) F:1\steam\steam.exe
FirewallRules: [{242B7545-8404-4BA2-9AB1-7C38C7E83D71}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{550CF8C2-E4BC-4EAE-B8AE-0C97BCAF5C35}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{D68AA891-BFDB-482A-88EA-A707416E3762}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6292CB66-774B-43D5-87B3-C3DB9DB19A42}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E69673E2-92D8-4948-A0B9-ED02F70CB376}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{F1C4740B-B637-4F1C-B874-EB94E519550A}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2DF16EEC-1721-4E3A-AEF5-0374D6ECFB03}] => (Allow) F:\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{171FBDF4-E91E-429B-AFCD-8F36CCD165E3}] => (Allow) F:\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{51D350B1-976F-4FBC-BEB0-038C501543A6}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{9B6990B5-16BB-4F4A-9CE4-6AE25BF4DBD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AAA3A080-6C15-48B3-B220-9AE7A4B7AE4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0D4BF31D-BAF3-4582-B02A-E7AA701D7B97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D1320AF8-87A6-4B38-8454-6E4C35D1A8CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F8261ED-2BC9-47F9-A2E5-B791E5AD845F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2BA41600-D421-40DA-B683-D5211CC3EB2B}] => (Allow) F:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{AD86E2DA-8C02-4672-A705-218A40A82045}] => (Allow) F:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{153DD42B-FB7F-437D-BD29-B64B14517BE5}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{661610BB-BFD9-415E-A67A-86FEB9506EBB}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{613FA0DD-881A-4534-A4CB-F56E321A26CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B7E9E025-CC19-4324-996D-571607C89398}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2919505D-BFCC-463F-BA88-90323DA336FF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{E09C7342-8081-4A36-9B10-344F264F0EA4}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6E362F77-E179-43A1-BAB0-B9A729EE6658}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{350FA283-B959-4349-A145-5B1559BC6D35}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{CFE6C085-7FC7-4F74-87FC-A8D06DB4AB87}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{A4529DDF-BE7D-404C-A82E-606EA2CF8271}F:\blizzard\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe] => (Allow) F:\blizzard\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{082DAA67-DBDB-4874-AB99-FD068B32C244}F:\blizzard\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe] => (Allow) F:\blizzard\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe
FirewallRules: [{CF846DC7-52AF-4264-89F2-DA23F5B12EAB}] => (Allow) F:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F4083AB4-DC0C-4F44-81F6-6F0621FF4A0B}] => (Allow) F:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F9837FB9-2C2E-42EA-BEF0-7ED146B9FB11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2ED297BF-597C-46B0-B475-E8E34E13727C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{737A0A3A-A7F7-4997-854E-AD092B02DC03}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4CFFD15D-027D-401A-AF6D-21D9C8DB4300}] => (Allow) F:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{CC8C5DD5-3BF8-4E2B-9B47-5A3D10F696B1}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{5BD9A72F-13C5-417D-9945-52B12535E78C}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2016 06:22:37 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces prihlásenia systému Windows sa neočakávane ukončil.

Error: (06/22/2016 08:32:46 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces prihlásenia systému Windows sa neočakávane ukončil.

Error: (06/21/2016 05:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RogueKillerX64.exe, verzia: 12.3.3.0, časová značka: 0x575e6a28
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18233, časová značka: 0x56bb4ebb
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000f1b70
Identifikácia chybujúceho procesu: 0xd24
Čas spustenia chybujúcej aplikácie: 0xRogueKillerX64.exe0
Cesta chybujúcej aplikácie: RogueKillerX64.exe1
Cesta chybujúceho modulu: RogueKillerX64.exe2
Identifikácia hlásenia: RogueKillerX64.exe3
Celé meno chybujúceho balíka: RogueKillerX64.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: RogueKillerX64.exe5

Error: (06/20/2016 07:21:06 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces prihlásenia systému Windows sa neočakávane ukončil.

Error: (06/20/2016 01:38:36 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces prihlásenia systému Windows sa neočakávane ukončil.

Error: (06/20/2016 10:03:46 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Proces prihlásenia systému Windows sa neočakávane ukončil.

Error: (06/19/2016 07:36:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/19/2016 03:06:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HAMPULE)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/19/2016 03:06:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HAMPULE)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/19/2016 03:06:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HAMPULE)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (06/25/2016 01:33:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\Windows\system32\Rtlihvs.dll
Kód chyby: 126

Error: (06/25/2016 01:32:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/24/2016 07:57:31 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (06/23/2016 09:45:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/23/2016 09:14:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/23/2016 09:06:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/23/2016 06:36:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/23/2016 03:05:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/23/2016 06:22:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/22/2016 11:01:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
Date: 2016-06-25 01:34:47.443
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:47.276
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:28.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:28.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:23.754
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:23.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:19.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:19.306
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:11.383
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-06-25 01:34:11.212
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8132.02 MB
Available physical RAM: 6082.48 MB
Total Virtual: 9412.02 MB
Available Virtual: 7120.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:11.81 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (Nový zväzok) (Fixed) (Total:1863.01 GB) (Free:880.39 GB) NTFS
Drive h: (RAID) (Fixed) (Total:463.87 GB) (Free:26.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or (Size: 119.2 GB) (Disk ID: 077FD6EB)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or (Size: 1863 GB) (Disk ID: FAD2FAD2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==================== End of Addition.txt ============================

[jaro3]

Odinstaluj:
MWAV


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {168ca439-8253-11e5-8285-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {63b2a8f1-6541-11e5-8282-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96ceb-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96d7f-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1859412321-950005283-4130927000-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2016-06-18] (BitDefender S.R.L.)
C:\Windows\System32\drivers\trufos.sys
Task: {61CE5350-DFB8-4CAF-BEC0-F77ED0BF9736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: {6F5C4BD3-DB65-4C84-AAF9-BE0ED8CCA224} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:119.24 GB) (Free:11.81 GB
máš mít nejméně 15-20% volného místa na syst. disku , něco odinstaluj , smaž! Jinak má windows problémy.

[skrat1]

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Martin (2016-06-25 09:44:00) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & MSSQL$SQLEXPRESS (Available Profiles: Martin & MSSQL$SQLEXPRESS)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {168ca439-8253-11e5-8285-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {63b2a8f1-6541-11e5-8282-bc5ff4ece01c} - "G:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96ceb-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\...\MountPoints2: {7cc96d7f-5888-11e5-8282-bc5ff4ece01c} - "E:\AutoRun.exe"
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1859412321-950005283-4130927000-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2016-06-18] (BitDefender S.R.L.)
C:\Windows\System32\drivers\trufos.sys
Task: {61CE5350-DFB8-4CAF-BEC0-F77ED0BF9736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: {6F5C4BD3-DB65-4C84-AAF9-BE0ED8CCA224} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => value removed successfully
HKU\S-1-5-21-1859412321-950005283-4130927000-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKU\S-1-5-21-1859412321-950005283-4130927000-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{168ca439-8253-11e5-8285-bc5ff4ece01c}" => key removed successfully
HKCR\CLSID\{168ca439-8253-11e5-8285-bc5ff4ece01c} => key not found.
"HKU\S-1-5-21-1859412321-950005283-4130927000-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63b2a8f1-6541-11e5-8282-bc5ff4ece01c}" => key removed successfully
HKCR\CLSID\{63b2a8f1-6541-11e5-8282-bc5ff4ece01c} => key not found.
"HKU\S-1-5-21-1859412321-950005283-4130927000-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cc96ceb-5888-11e5-8282-bc5ff4ece01c}" => key removed successfully
HKCR\CLSID\{7cc96ceb-5888-11e5-8282-bc5ff4ece01c} => key not found.
"HKU\S-1-5-21-1859412321-950005283-4130927000-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cc96d7f-5888-11e5-8282-bc5ff4ece01c}" => key removed successfully
HKCR\CLSID\{7cc96d7f-5888-11e5-8282-bc5ff4ece01c} => key not found.
Could not restore Default URLSearchHook.
"HKU\S-1-5-21-1859412321-950005283-4130927000-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
trufos => service removed successfully
C:\Windows\System32\drivers\trufos.sys => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{61CE5350-DFB8-4CAF-BEC0-F77ED0BF9736}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61CE5350-DFB8-4CAF-BEC0-F77ED0BF9736}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F5C4BD3-DB65-4C84-AAF9-BE0ED8CCA224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5C4BD3-DB65-4C84-AAF9-BE0ED8CCA224}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 104798018 B
Java, Flash, Steam htmlcache => 252981130 B
Windows/system/drivers => 18199034 B
Edge => 0 B
Chrome => 0 B
Firefox => 11729326 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1622 B
NetworkService => 0 B
Martin => 5625951 B
MSSQL$SQLEXPRESS => 0 B

RecycleBin => 202272 B
EmptyTemp: => 375.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:44:02 ====

[skrat1]

Viem o tom ze mam malo miesta na disku. Spravim si poriadok

[jaro3]

Ok , jsou problémy?

[skrat1]

v mozzile proste nejde YouTube. neviem v com to moze byt. Inak vsetko je v poriadku