Vypínání hry po 30ti minutách (notebook)

Zpráva

keyfor4 · #1 Příspěvek od **keyfor4** » 30 kvě 2014 22:30

Dobrý den,
vždy zhruba po třiceti minutách při hraní Gothicu 3 se mi vypne PC. Projel jsem to Ccleanerem a Avastem a koupil jsem i chladicí podložku (hraju na notebooku).
Teploty:
CPU: 63 C
Video karta: 73 C (ale tak je to vždy, i dříve a hry se mi nevypínaly)
harddisk: 44 C

Budu moc rád za pomoc a radu, díky!!!

Log z Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:52, on 30.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\vsnp2uvc.exe
C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe
C:\Users\Keyfor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Keyfor\AppData\Roaming\ACEStream\updater\ace_update.exe
C:\Program Files (x86)\Razer\Razer Game Booster\gbtray.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [mncqtveySrv] C:\Windows\system32\mncqtvey.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AceStream] C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10087 bytes

#2 Příspěvek od **Márty84** » 31 kvě 2014 09:19

Zdravim

Problemy s hrami se zde nezabyvame, nicmene vy mate zavirovano

Nevim, jestli je to pricina problemu s hrou, ale to uvidime po vycisteni.

Nejprve ale dejte log z RSIT http://images.malwareremoval.com/random/RSITx64.exe , jak se pise v tom velkem, barevne odlisenem, obdelniku o kousek vyse. HJT je uz nekolik let nedostacujici.

keyfor4 · #3 Příspěvek od **keyfor4** » 31 kvě 2014 22:27

TADY TO JE, DÍKY ZA POMOC.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Keyfor at 2014-05-31 23:26:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 62 GB (57%) free of 109 GB
Total RAM: 4095 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:26:07, on 31.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\vsnp2uvc.exe
C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Users\Keyfor\AppData\Roaming\ACEStream\updater\ace_update.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Keyfor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [mncqtveySrv] C:\Windows\system32\mncqtvey.vbe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AceStream] C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9870 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1655279435-5181770421798257153-1090931339-8631449781601144167-20365085721853859081
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1196
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\..\updater\ace_update.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-08264454-6a33-4605-8a51-7a7ac7053518 -SystemEventPortName:HostProcess-ac909553-8869-4c93-9a07-e62fe45a0b4b -IoCancelEventPortName:HostProcess-5804f6b7-6537-461b-913d-75e50d623da9 -NonStateChangingEventPortName:HostProcess-765a952e-8573-4380-b077-34d14cc3fede -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:03de3b41-04c4-4d15-8165-ebdc0a6d17bb -DeviceGroupId:WpdFsGroup
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\rundll32.exe C:\Windows\system32\spool\DRIVERS\x64\3\cnmsmat.dll,StatusMonitorEntryPoint CNBJNP_180CACC42B22;Canon MG5300 series Printer;C:\Windows\system32\spool\DRIVERS\x64\3\CNMCPAT.DLL;3
"C:\Users\Keyfor\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default

prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\extensions\
artur.dubovoy@gmail.com
jid1-4P0kohSJxU1qGg@jetpack
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-01 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-01 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2010-01-21 909824]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AceStream"=C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe [2014-04-10 27904]
"SpeedUpMyComputer"=C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mncqtveySrv"=C:\Windows\system32\mncqtvey.vbe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-31 23:21:50 ----D---- C:\rsit
2014-05-31 23:21:50 ----D---- C:\Program Files\trend micro
2014-05-30 23:08:52 ----D---- C:\Program Files\CCleaner
2014-05-30 23:08:27 ----D---- C:\Program Files (x86)\Trend Micro
2014-05-29 21:16:36 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-05-29 21:16:36 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-05-29 21:16:35 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-05-29 21:16:35 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-05-29 21:16:34 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-05-29 21:16:34 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-05-29 21:16:34 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-05-29 21:16:34 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-05-29 21:16:34 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-05-29 21:16:34 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-05-29 21:16:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-05-29 21:16:33 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-05-29 21:16:31 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-05-29 21:16:31 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-05-29 21:16:30 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-05-29 21:16:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-05-29 21:16:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-05-29 21:16:29 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-05-29 21:16:28 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-05-29 21:16:28 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-05-29 21:16:28 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-05-29 21:16:28 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-05-29 21:16:27 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-05-29 21:16:27 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-05-29 21:16:27 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-05-29 21:16:26 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-05-29 21:16:25 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-05-29 21:16:25 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-05-29 21:16:24 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-05-29 21:16:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-05-29 21:16:24 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-05-29 21:16:24 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-05-29 21:16:23 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-05-29 21:16:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-05-29 21:16:23 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-05-29 21:16:23 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-05-29 21:16:22 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-05-29 21:16:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-05-29 21:16:22 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-05-29 21:16:22 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-05-29 21:16:21 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-05-29 21:16:21 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-05-29 21:16:20 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-05-29 21:16:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-05-29 21:16:20 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-05-29 21:16:20 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-05-29 21:16:19 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-05-29 21:16:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-05-29 21:16:19 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-05-29 21:16:19 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-05-29 21:16:18 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-05-29 21:16:18 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-05-29 21:16:18 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-05-29 21:16:18 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-05-29 21:16:17 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-05-29 21:16:17 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-05-29 21:16:16 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-05-29 21:16:16 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-05-29 21:16:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-05-29 21:16:16 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-05-29 21:16:16 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-05-29 21:16:16 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-05-29 21:16:15 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-05-29 21:16:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-05-29 21:16:15 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-05-29 21:16:15 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-05-29 21:16:14 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-05-29 21:16:14 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-05-29 21:16:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-05-29 21:16:13 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-05-29 21:16:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-05-29 21:16:13 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-05-29 21:16:13 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-05-29 21:16:13 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-05-29 21:16:11 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-05-29 21:16:11 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-05-29 21:16:11 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-05-29 21:16:11 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-05-29 21:16:10 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-05-29 21:16:10 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-05-29 21:16:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-05-29 21:16:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-05-29 21:16:09 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-05-29 21:16:09 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-05-29 21:16:08 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-05-29 21:16:08 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-05-29 21:16:07 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-05-29 21:16:07 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-05-29 21:16:06 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-05-29 21:16:06 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-05-29 21:16:05 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-05-29 21:16:05 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-05-29 21:16:05 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-05-29 21:16:05 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-05-29 21:16:04 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-05-29 21:16:04 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-05-29 21:16:03 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-05-29 21:16:03 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-05-29 21:16:02 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-05-29 21:16:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-05-29 21:16:02 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-05-29 21:16:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-05-29 21:16:01 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-05-29 21:16:01 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-05-29 21:15:59 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-05-29 21:15:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-05-29 21:15:59 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-05-29 21:15:59 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-05-29 21:15:58 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-05-29 21:15:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-05-29 21:15:58 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-05-29 21:15:58 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-05-29 21:15:57 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-05-29 21:15:57 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-05-29 21:15:57 ----A---- C:\Windows\system32\xinput1_3.dll
2014-05-29 21:15:57 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-05-29 21:15:56 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-05-29 21:15:56 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-05-29 21:15:55 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-05-29 21:15:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-05-29 21:15:55 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-05-29 21:15:55 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-05-29 21:15:54 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-05-29 21:15:54 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-05-29 21:15:53 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-05-29 21:15:53 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-05-29 21:15:51 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-05-29 21:15:51 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-05-29 21:15:51 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-05-29 21:15:51 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-05-29 21:15:50 ----A---- C:\Windows\system32\d3dx10.dll
2014-05-29 21:13:33 ----D---- C:\Windows\SYSWOW64\directx
2014-05-29 21:05:18 ----D---- C:\Program Files (x86)\VS Revo Group
2014-05-29 20:40:10 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-05-29 20:40:08 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-05-29 20:40:08 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-05-29 20:40:07 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-05-29 20:40:07 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-05-29 20:40:06 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-05-29 20:40:06 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-05-29 20:40:06 ----A---- C:\Windows\system32\xinput1_2.dll
2014-05-29 20:40:06 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-05-29 20:40:05 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-05-29 20:40:05 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-05-29 20:40:05 ----A---- C:\Windows\system32\xinput1_1.dll
2014-05-29 20:40:05 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-05-29 20:40:04 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-05-29 20:40:04 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-05-29 20:39:52 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-05-29 20:39:52 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-05-29 20:39:51 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-05-29 20:39:51 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-05-29 20:39:51 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-05-29 20:39:51 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-05-29 20:39:50 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-05-29 20:39:50 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-05-29 20:39:47 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-05-29 20:39:47 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-05-29 20:39:46 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-05-29 20:39:46 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-05-29 20:39:45 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-05-29 20:39:45 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-05-29 20:39:44 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-05-29 20:39:44 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-05-29 20:39:41 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-05-29 20:39:41 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-05-29 20:24:25 ----D---- C:\ProgramData\Razer
2014-05-29 20:24:25 ----D---- C:\Program Files (x86)\Razer
2014-05-29 20:19:02 ----D---- C:\ProgramData\Malwarebytes
2014-05-29 19:59:08 ----D---- C:\Users\Keyfor\AppData\Roaming\InstallShield
2014-05-25 22:08:50 ----D---- C:\ProgramData\ArcSoft
2014-05-25 22:08:40 ----D---- C:\Users\Keyfor\AppData\Roaming\ArcSoft
2014-05-25 22:08:35 ----A---- C:\Windows\SYSWOW64\drivers\afc.sys
2014-05-25 22:07:44 ----D---- C:\Program Files (x86)\ArcSoft
2014-05-25 22:07:44 ----A---- C:\Windows\SYSWOW64\unicows.dll
2014-05-25 22:07:44 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-05-25 22:07:43 ----RA---- C:\Windows\SYSWOW64\msvcp71.dll
2014-05-25 22:07:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-25 21:56:40 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2014-05-23 20:40:08 ----D---- C:\Users\Keyfor\AppData\Roaming\Skype
2014-05-23 20:39:57 ----RD---- C:\Program Files (x86)\Skype
2014-05-23 20:39:52 ----D---- C:\ProgramData\Skype
2014-05-17 20:08:38 ----D---- C:\Program Files\Theo30
2014-05-17 20:07:22 ----D---- C:\Program Files (x86)\theo30
2014-05-17 19:49:17 ----D---- C:\ProgramData\BlazeVideo
2014-05-17 19:49:17 ----A---- C:\Windows\SYSWOW64\SysInfo_6_6_s.dll
2014-05-17 19:09:13 ----D---- C:\ProgramData\RegClean
2014-05-17 18:06:11 ----HD---- C:\_acestream_cache_
2014-05-17 18:06:06 ----D---- C:\Users\Keyfor\AppData\Roaming\.ACEStream
2014-05-17 18:04:09 ----D---- C:\Users\Keyfor\AppData\Roaming\ACEStream
2014-05-17 11:42:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-16 20:35:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-16 20:35:08 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-16 20:35:08 ----A---- C:\Windows\system32\mshtml.dll
2014-05-16 20:35:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 19:01:51 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 19:01:50 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 19:01:45 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 19:01:43 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 19:01:24 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 19:01:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 19:01:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 19:01:23 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 19:01:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 19:01:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 19:01:22 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 19:01:22 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 19:01:21 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 19:01:21 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 19:01:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 19:01:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 19:01:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 19:01:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 19:01:20 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 19:01:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 19:01:20 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 19:01:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 19:01:19 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 19:01:19 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 19:01:17 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 19:01:17 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 19:01:17 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 19:01:17 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 19:01:17 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 19:01:17 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 19:01:17 ----A---- C:\Windows\system32\credssp.dll
2014-05-15 19:01:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 19:01:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 19:01:16 ----A---- C:\Windows\system32\secur32.dll
2014-05-11 18:33:18 ----D---- C:\Program Files (x86)\Seznam.cz
2014-05-11 18:33:00 ----D---- C:\Users\Keyfor\AppData\Roaming\Seznam.cz
2014-05-11 18:32:48 ----D---- C:\FM Genie Scout 14
2014-05-11 14:45:12 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-05-11 14:45:12 ----A---- C:\Windows\explorer.exe
2014-05-11 14:44:22 ----A---- C:\Windows\system32\spoolsv.exe
2014-05-11 14:44:22 ----A---- C:\Windows\splwow64.exe
2014-05-11 14:26:26 ----SD---- C:\Windows\system32\CompatTel
2014-05-09 23:36:37 ----A---- C:\Windows\system32\wmploc.DLL
2014-05-09 23:36:36 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-05-09 23:36:36 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-05-09 23:36:34 ----A---- C:\Windows\system32\wmp.dll
2014-05-09 23:28:30 ----D---- C:\Windows\Migration
2014-05-09 23:26:38 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-05-09 23:24:14 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\url.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-05-09 23:24:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\wininet.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\urlmon.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-09 23:24:10 ----A---- C:\Windows\system32\msrating.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\msls31.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\msfeedssync.exe
2014-05-09 23:24:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\jsIntl.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\iertutil.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-05-09 23:24:10 ----A---- C:\Windows\system32\elshyph.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\wextract.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\webcheck.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\vbscript.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\url.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\pngfilt.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\occache.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\mshtmler.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\mshta.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\licmgr10.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\jscript9.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\jscript.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\inseng.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\imgutil.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iexpress.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieui.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iesysprep.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iesetup.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iernonce.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iepeers.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieframe.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\iedkcs32.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ieapfltr.dat
2014-05-09 23:24:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-09 23:24:09 ----A---- C:\Windows\system32\icardie.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-09 23:24:09 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-09 20:47:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-08 09:06:54 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-05-08 09:06:54 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-05-08 09:06:52 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-05-08 09:06:52 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-05-08 09:06:50 ----A---- C:\Windows\system32\WUDFx.dll
2014-05-08 09:06:50 ----A---- C:\Windows\system32\WUDFHost.exe
2014-05-08 09:06:50 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-05-08 09:05:09 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-05-08 09:05:09 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-05-08 09:05:05 ----A---- C:\Windows\system32\xmllite.dll
2014-05-08 09:05:05 ----A---- C:\Windows\system32\wwansvc.dll
2014-05-08 09:05:05 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-05-08 09:05:04 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-05-08 09:05:03 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-05-08 09:05:03 ----A---- C:\Windows\system32\msieftp.dll
2014-05-08 09:04:57 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-05-08 09:04:57 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-05-08 09:04:57 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-05-08 09:04:57 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-05-08 09:04:45 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-05-08 09:04:45 ----A---- C:\Windows\system32\ntshrui.dll
2014-05-08 09:04:24 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-05-08 09:04:24 ----A---- C:\Windows\system32\WMPhoto.dll
2014-05-08 09:04:22 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-05-08 09:04:15 ----A---- C:\Windows\system32\tquery.dll
2014-05-08 09:04:14 ----A---- C:\Windows\system32\mssrch.dll
2014-05-08 09:04:13 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2014-05-08 09:04:13 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-05-08 09:04:09 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-05-08 09:04:05 ----A---- C:\Windows\SYSWOW64\tquery.dll
2014-05-08 09:04:03 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2014-05-08 09:04:01 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2014-05-08 09:04:01 ----A---- C:\Windows\SYSWOW64\mssph.dll
2014-05-08 09:04:00 ----A---- C:\Windows\system32\mssph.dll
2014-05-08 09:03:59 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-05-08 09:03:51 ----A---- C:\Windows\system32\mssvp.dll
2014-05-08 03:19:51 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2014-05-08 03:19:51 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2014-05-08 03:19:51 ----A---- C:\Windows\system32\mssphtb.dll
2014-05-08 03:19:51 ----A---- C:\Windows\system32\msscntrs.dll
2014-05-08 03:19:50 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2014-05-08 03:19:50 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2014-05-08 03:19:27 ----A---- C:\Windows\system32\authui.dll
2014-05-08 03:19:21 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-05-08 03:19:20 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-05-08 03:19:20 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-08 03:19:20 ----A---- C:\Windows\system32\credui.dll
2014-05-08 03:19:19 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-05-08 03:19:10 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-05-08 03:19:10 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-05-08 03:19:10 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-05-08 03:19:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-08 03:19:10 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-05-08 03:19:10 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-05-08 03:19:10 ----A---- C:\Windows\system32\RMActivate.exe
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-05-08 03:19:09 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-05-08 03:19:09 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-05-08 03:19:09 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-05-08 03:19:09 ----A---- C:\Windows\system32\secproc_isv.dll
2014-05-08 03:19:09 ----A---- C:\Windows\system32\secproc.dll
2014-05-08 03:19:09 ----A---- C:\Windows\system32\msdrm.dll
2014-05-08 03:19:04 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-05-08 03:19:04 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2014-05-08 03:19:04 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-05-08 03:19:04 ----A---- C:\Windows\system32\nlasvc.dll
2014-05-08 03:19:04 ----A---- C:\Windows\system32\netcorehc.dll
2014-05-08 03:19:04 ----A---- C:\Windows\system32\ncsi.dll
2014-05-08 03:19:04 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-05-08 03:19:03 ----A---- C:\Windows\SYSWOW64\netevent.dll
2014-05-08 03:19:03 ----A---- C:\Windows\system32\nlaapi.dll
2014-05-08 03:19:03 ----A---- C:\Windows\system32\netevent.dll
2014-05-08 03:19:03 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-05-08 03:19:00 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-05-08 03:19:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-05-08 03:18:58 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-05-08 03:18:56 ----A---- C:\Windows\system32\profsvc.dll
2014-05-08 03:18:55 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-05-08 03:18:55 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-05-08 03:18:55 ----A---- C:\Windows\system32\WebClnt.dll
2014-05-08 03:18:55 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-05-08 03:18:55 ----A---- C:\Windows\system32\davclnt.dll
2014-05-08 03:18:54 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-05-08 03:18:54 ----A---- C:\Windows\system32\d3d10warp.dll
2014-05-08 03:18:53 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-05-08 03:18:53 ----A---- C:\Windows\system32\d2d1.dll
2014-05-08 03:18:52 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-05-08 03:18:52 ----A---- C:\Windows\system32\usp10.dll
2014-05-08 03:18:50 ----A---- C:\Windows\system32\mswsock.dll
2014-05-08 03:18:49 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-05-08 03:18:42 ----A---- C:\Windows\system32\Wpc.dll
2014-05-08 03:18:42 ----A---- C:\Windows\system32\gameux.dll
2014-05-08 03:18:41 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-05-08 03:18:41 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-05-08 03:18:15 ----A---- C:\Windows\system32\ntdll.dll
2014-05-08 03:18:15 ----A---- C:\Windows\system32\advapi32.dll
2014-05-08 03:18:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-05-08 03:18:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-05-08 03:18:14 ----A---- C:\Windows\system32\tdh.dll
2014-05-08 03:18:13 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-05-08 03:18:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-05-08 03:18:05 ----A---- C:\Windows\system32\drivers\netio.sys
2014-05-08 03:18:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-05-08 03:18:04 ----A---- C:\Windows\system32\msi.dll
2014-05-08 03:17:21 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-05-08 03:17:21 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-05-08 03:17:19 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-05-08 03:17:19 ----A---- C:\Windows\system32\iologmsg.dll
2014-05-08 03:17:19 ----A---- C:\Windows\system32\drivers\storport.sys
2014-05-08 03:17:19 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-05-08 03:17:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-05-08 03:17:06 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-05-08 03:17:06 ----A---- C:\Windows\system32\cryptdlg.dll
2014-05-08 03:16:42 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-05-08 03:16:42 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-05-08 03:16:42 ----A---- C:\Windows\system32\fsutil.exe
2014-05-08 03:16:42 ----A---- C:\Windows\system32\esent.dll
2014-05-08 03:16:42 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-05-08 03:16:41 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-05-08 03:16:41 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-05-08 03:16:41 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-05-08 03:16:41 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-05-08 03:16:41 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-05-08 03:16:27 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2014-05-08 03:16:27 ----A---- C:\Windows\system32\prevhost.exe
2014-05-08 03:16:26 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-05-08 03:16:25 ----A---- C:\Windows\system32\srcore.dll
2014-05-08 03:16:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-05-08 03:16:23 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-05-08 03:10:20 ----A---- C:\Windows\system32\scavengeui.dll
2014-05-08 00:51:15 ----D---- C:\Program Files (x86)\Lame For Audacity
2014-05-08 00:43:13 ----D---- C:\Users\Keyfor\AppData\Roaming\Audacity
2014-05-08 00:42:56 ----D---- C:\Program Files (x86)\Audacity
2014-05-08 00:10:53 ----D---- C:\Windows\en
2014-05-08 00:10:18 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-05-08 00:09:31 ----DC---- C:\Windows\system32\DRVSTORE
2014-05-08 00:09:31 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2014-05-08 00:09:26 ----D---- C:\Program Files\Windows Live
2014-05-08 00:09:02 ----D---- C:\Program Files (x86)\Windows Live
2014-05-08 00:08:09 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-05-08 00:08:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-05-08 00:08:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-05-08 00:08:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-05-08 00:08:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-05-08 00:08:08 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-05-08 00:07:43 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-05-08 00:07:43 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-05-08 00:06:57 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-05-08 00:06:57 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-05-08 00:06:20 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2014-05-08 00:05:53 ----D---- C:\ProgramData\Microsoft OneDrive
2014-05-03 15:43:08 ----D---- C:\Users\Keyfor\AppData\Roaming\dvdcss
2014-05-03 15:22:56 ----D---- C:\Windows\system32\ms-MY
2014-05-03 15:00:09 ----D---- C:\Program Files\Zune
2014-05-01 22:17:33 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-05-01 22:17:26 ----A---- C:\Windows\avastSS.scr
2014-05-01 13:58:25 ----D---- C:\Users\Keyfor\AppData\Roaming\ABBYY
2014-05-01 12:57:27 ----D---- C:\ProgramData\ABBYY
2014-05-01 12:57:27 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0

======List of files/folders modified in the last 1 month======

2014-05-31 23:26:06 ----D---- C:\Windows\Temp
2014-05-31 23:24:45 ----SHD---- C:\Windows\Installer
2014-05-31 23:24:45 ----SHD---- C:\Config.Msi
2014-05-31 23:24:45 ----SD---- C:\Users\Keyfor\AppData\Roaming\Microsoft
2014-05-31 23:24:36 ----SHD---- C:\System Volume Information
2014-05-31 23:24:36 ----D---- C:\Windows\inf
2014-05-31 23:21:53 ----D---- C:\Windows\Prefetch
2014-05-31 23:21:50 ----RD---- C:\Program Files
2014-05-31 22:52:30 ----D---- C:\Windows\System32
2014-05-31 22:52:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-31 22:24:42 ----D---- C:\Windows\system32\config
2014-05-31 22:10:27 ----D---- C:\Users\Keyfor\AppData\Roaming\Dropbox
2014-05-31 22:10:17 ----D---- C:\Users\Keyfor\AppData\Roaming\DropboxMaster
2014-05-31 22:09:06 ----D---- C:\ProgramData\NVIDIA
2014-05-31 22:08:28 ----D---- C:\Windows
2014-05-31 17:29:00 ----D---- C:\Windows\winsxs
2014-05-30 23:17:12 ----D---- C:\Users\Keyfor\AppData\Roaming\DAEMON Tools Lite
2014-05-30 23:17:10 ----D---- C:\Users\Keyfor\AppData\Roaming\uTorrent
2014-05-30 23:17:10 ----D---- C:\Program Files (x86)\PDFCreator
2014-05-30 23:16:16 ----D---- C:\Windows\Panther
2014-05-30 23:16:13 ----D---- C:\Windows\Minidump
2014-05-30 23:16:13 ----D---- C:\Windows\Logs
2014-05-30 23:16:13 ----D---- C:\Windows\debug
2014-05-30 23:08:58 ----D---- C:\Windows\system32\Tasks
2014-05-30 23:08:27 ----RD---- C:\Program Files (x86)
2014-05-30 23:00:52 ----D---- C:\Windows\system32\drivers
2014-05-29 21:16:36 ----D---- C:\Windows\SysWOW64
2014-05-29 21:13:33 ----D---- C:\temp
2014-05-29 20:54:14 ----D---- C:\ProgramData\DriverGenius
2014-05-29 20:46:09 ----D---- C:\Windows\PolicyDefinitions
2014-05-29 20:40:55 ----D---- C:\Windows\system32\catroot2
2014-05-29 20:40:04 ----RSD---- C:\Windows\assembly
2014-05-29 20:39:54 ----D---- C:\Windows\Microsoft.NET
2014-05-29 20:24:25 ----HD---- C:\ProgramData
2014-05-29 20:12:34 ----D---- C:\Users\Keyfor\AppData\Roaming\vlc
2014-05-27 15:21:50 ----D---- C:\Windows\system32\catroot
2014-05-25 22:08:35 ----D---- C:\Windows\SYSWOW64\drivers
2014-05-25 22:07:44 ----D---- C:\Program Files (x86)\Common Files
2014-05-25 21:57:20 ----D---- C:\Windows\system32\DriverStore
2014-05-20 23:11:37 ----D---- C:\Windows\rescache
2014-05-19 22:07:33 ----D---- C:\Windows\IME
2014-05-17 20:07:23 ----RSD---- C:\Windows\Fonts
2014-05-17 19:06:31 ----D---- C:\Windows\system32\en-US
2014-05-17 18:07:05 ----D---- C:\Users\Keyfor\AppData\Roaming\NVIDIA
2014-05-16 20:34:39 ----D---- C:\Windows\system32\MRT
2014-05-16 20:32:01 ----A---- C:\Windows\system32\MRT.exe
2014-05-12 23:17:03 ----A---- C:\Windows\win.ini
2014-05-12 23:06:25 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-05-11 14:26:40 ----D---- C:\Program Files (x86)\Windows Media Player
2014-05-11 14:26:39 ----D---- C:\Program Files\Windows Media Player
2014-05-11 14:26:37 ----D---- C:\Windows\SYSWOW64\en-US
2014-05-11 14:26:36 ----D---- C:\Windows\SYSWOW64\migration
2014-05-11 14:26:36 ----D---- C:\Program Files\Internet Explorer
2014-05-11 14:26:33 ----D---- C:\Windows\system32\migration
2014-05-11 14:26:29 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-11 14:26:27 ----D---- C:\Windows\AppPatch
2014-05-09 23:28:30 ----SD---- C:\ProgramData\Microsoft
2014-05-09 22:27:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-08 16:52:57 ----D---- C:\Windows\system32\drivers\en-US
2014-05-08 00:08:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-05-03 15:22:56 ----D---- C:\Windows\system32\sv-SE
2014-05-03 15:22:56 ----D---- C:\Windows\system32\nb-NO
2014-05-03 15:22:56 ----D---- C:\Windows\system32\hu-HU
2014-05-03 15:22:55 ----D---- C:\Windows\system32\zh-TW
2014-05-03 15:22:55 ----D---- C:\Windows\system32\zh-CN
2014-05-03 15:22:55 ----D---- C:\Windows\system32\ru-RU
2014-05-03 15:22:55 ----D---- C:\Windows\system32\pt-PT
2014-05-03 15:22:55 ----D---- C:\Windows\system32\pt-BR
2014-05-03 15:22:55 ----D---- C:\Windows\system32\pl-PL
2014-05-03 15:22:55 ----D---- C:\Windows\system32\nl-NL
2014-05-03 15:22:55 ----D---- C:\Windows\system32\ko-KR
2014-05-03 15:22:55 ----D---- C:\Windows\system32\ja-JP
2014-05-03 15:22:55 ----D---- C:\Windows\system32\it-IT
2014-05-03 15:22:55 ----D---- C:\Windows\system32\fr-FR
2014-05-03 15:22:55 ----D---- C:\Windows\system32\fi-FI
2014-05-03 15:22:55 ----D---- C:\Windows\system32\es-ES
2014-05-03 15:22:55 ----D---- C:\Windows\system32\el-GR
2014-05-03 15:22:55 ----D---- C:\Windows\system32\de-DE
2014-05-03 15:22:55 ----D---- C:\Windows\system32\da-DK
2014-05-03 15:22:55 ----D---- C:\Windows\system32\cs-CZ
2014-05-03 15:22:54 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-01 22:17:28 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-01 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-01 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-01 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-01 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-01 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-09-07 1800832]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 gwlojovp;gwlojovp; C:\Windows\system32\drivers\gwlojovp.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2014-05-25 165504]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-08-01 14544]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-01 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2014-01-23 1335344]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2014-01-23 856112]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-09 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-09 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-22 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe [2011-08-05 8277728]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe [2011-08-05 467680]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 01 čer 2014 08:11

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

keyfor4 · #5 Příspěvek od **keyfor4** » 01 čer 2014 21:49

AdwCleaner Log:

# AdwCleaner v3.211 - Report created 01/06/2014 at 22:32:46
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Keyfor - KEYFOR-PC
# Running from : C:\Users\Keyfor\Desktop\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\Users\Keyfor\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
File Deleted : C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\searchplugins\bingp.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\Driver-Soft

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\prefs.js ]

Line Deleted : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1");
Line Deleted : user_pref("extensions.fvd_single.seopack.b_surfcanyon", true);
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1396985882154");

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1814 octets] - [01/06/2014 22:31:45]
AdwCleaner[S0].txt - [1671 octets] - [01/06/2014 22:32:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1731 octets] ##########

keyfor4 · #6 Příspěvek od **keyfor4** » 01 čer 2014 22:41

MBAM nic nenašel.

#7 Příspěvek od **Márty84** » 02 čer 2014 08:54

keyfor4 píše:MBAM nic nenašel.

Ale ja tam tu havet vidim

Tak pritvrdime.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

keyfor4 · #8 Příspěvek od **keyfor4** » 03 čer 2014 17:50

Tady je Vámi žádaný log:

ComboFix 14-06-03.01 - Keyfor 03.06.2014 18:39:52.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2474 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SysInfo_6_6_s.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-03 do 2014-06-03 )))))))))))))))))))))))))))))))
.
.
2014-06-03 16:46 . 2014-06-03 16:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-03 16:38 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{88EE2873-5D62-4CBB-B970-C140874DF352}\mpengine.dll
2014-06-01 20:36 . 2014-06-01 20:36 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-01 20:36 . 2014-05-12 05:35 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-01 20:36 . 2014-05-12 05:35 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-01 20:36 . 2014-05-12 05:35 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-01 20:36 . 2014-06-01 20:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-01 20:32 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-01 20:29 . 2014-06-01 20:32 -------- d-----w- C:\AdwCleaner
2014-05-31 21:21 . 2014-05-31 21:26 -------- d-----w- c:\program files\trend micro
2014-05-31 21:21 . 2014-05-31 21:21 -------- d-----w- C:\rsit
2014-05-30 21:08 . 2014-05-30 21:08 -------- d-----w- c:\program files\CCleaner
2014-05-30 21:08 . 2014-05-30 21:08 -------- d-----w- c:\program files (x86)\Trend Micro
2014-05-29 19:15 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2014-05-29 19:05 . 2014-05-29 19:05 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-05-29 18:39 . 2006-03-31 10:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2014-05-29 18:25 . 2014-05-29 18:25 -------- d-----w- c:\users\Keyfor\AppData\Local\Razer
2014-05-29 18:24 . 2014-05-29 18:24 -------- d-----w- c:\programdata\Razer
2014-05-29 18:24 . 2014-05-29 18:24 -------- d-----w- c:\program files (x86)\Razer
2014-05-29 18:19 . 2014-05-29 18:19 -------- d-----w- c:\programdata\Malwarebytes
2014-05-29 17:59 . 2014-05-29 17:59 -------- d-----w- c:\users\Keyfor\AppData\Roaming\InstallShield
2014-05-25 20:10 . 2014-05-25 20:10 -------- d-----w- c:\users\Keyfor\AppData\Local\ArcSoft
2014-05-25 20:08 . 2014-05-27 08:53 -------- d-----w- c:\programdata\ArcSoft
2014-05-25 20:08 . 2014-05-25 20:10 -------- d-----w- c:\users\Keyfor\AppData\Roaming\ArcSoft
2014-05-25 20:08 . 2006-11-14 09:31 22784 ----a-w- c:\windows\SysWow64\drivers\afc.sys
2014-05-25 20:07 . 2014-05-25 20:08 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2014-05-25 20:07 . 2014-05-25 20:07 -------- d-----w- c:\program files (x86)\ArcSoft
2014-05-25 20:07 . 2005-04-27 14:36 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2014-05-25 20:07 . 2003-02-21 02:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-05-25 20:07 . 2014-05-29 18:00 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-05-25 20:07 . 2003-03-18 20:14 499712 ----a-r- c:\windows\SysWow64\msvcp71.dll
2014-05-25 20:04 . 2014-05-25 20:04 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-05-25 19:56 . 2014-05-25 19:56 165504 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2014-05-23 18:40 . 2014-05-23 18:40 -------- d-----w- c:\users\Keyfor\AppData\Local\Skype
2014-05-23 18:40 . 2014-05-29 20:10 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Skype
2014-05-23 18:39 . 2014-05-23 18:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-23 18:39 . 2014-05-23 18:40 -------- d-----r- c:\program files (x86)\Skype
2014-05-23 18:39 . 2014-05-23 18:39 -------- d-----w- c:\programdata\Skype
2014-05-17 18:17 . 2014-05-25 19:55 238 ----a-w- c:\windows\system32\AF15IRTBL.bin
2014-05-17 18:08 . 2014-05-17 18:08 -------- d-----w- c:\program files\Theo30
2014-05-17 18:07 . 2014-05-17 18:11 -------- d-----w- c:\program files (x86)\theo30
2014-05-17 17:54 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-05-17 17:54 . 2014-05-17 17:54 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-17 17:49 . 2014-05-29 20:09 -------- d-----w- c:\programdata\BlazeVideo
2014-05-17 16:06 . 2014-05-17 16:11 -------- d-----w- C:\_acestream_cache_
2014-05-17 16:06 . 2014-05-29 18:11 -------- d-----w- c:\users\Keyfor\AppData\Roaming\.ACEStream
2014-05-17 16:04 . 2014-05-17 16:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\ACEStream
2014-05-17 09:42 . 2014-03-06 08:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-16 18:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-16 18:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-16 18:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-16 18:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-11 16:33 . 2014-05-11 16:33 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-05-11 16:33 . 2014-05-30 20:41 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Seznam.cz
2014-05-11 16:32 . 2014-05-11 16:32 -------- d-----w- C:\FM Genie Scout 14
2014-05-11 12:45 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-05-11 12:45 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-05-11 12:44 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-05-11 12:44 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-05-11 12:31 . 2014-05-11 12:31 -------- d-sh--w- c:\users\Keyfor\AppData\Local\EmieUserList
2014-05-11 12:31 . 2014-05-11 12:31 -------- d-sh--w- c:\users\Keyfor\AppData\Local\EmieSiteList
2014-05-11 12:26 . 2014-05-17 17:06 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-09 21:36 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-05-09 21:36 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-09 21:36 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-05-09 21:36 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-05-09 21:36 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-05-09 21:28 . 2014-05-09 21:28 -------- d-----w- c:\windows\Migration
2014-05-09 21:26 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-05-09 20:30 . 2014-05-09 20:30 -------- d-----w- c:\users\Keyfor\AppData\Local\Chromium
2014-05-09 20:27 . 2014-05-09 20:27 -------- d-----w- c:\users\Keyfor\AppData\Local\Sports Interactive
2014-05-08 07:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-05-08 07:06 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-08 07:06 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-08 07:06 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-08 07:06 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-08 07:06 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-08 07:06 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-08 07:06 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-08 07:05 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-05-08 07:05 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-05-08 07:05 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-05-08 07:05 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-05-08 07:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-05-08 07:05 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-05-08 07:05 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-05-08 07:03 . 2011-05-04 05:19 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2014-05-08 07:03 . 2011-05-04 05:22 778752 ----a-w- c:\windows\system32\mssvp.dll
2014-05-08 01:18 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-05-08 01:17 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-05-08 01:17 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2014-05-08 01:17 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-05-08 01:17 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-05-08 01:17 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-05-08 01:17 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-05-08 01:17 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-05-08 01:17 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-05-08 01:17 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-05-08 01:10 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-05-07 22:51 . 2014-05-07 22:51 -------- d-----w- c:\program files (x86)\Lame For Audacity
2014-05-07 22:43 . 2014-05-19 21:06 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Audacity
2014-05-07 22:42 . 2014-05-07 22:43 -------- d-----w- c:\program files (x86)\Audacity
2014-05-07 22:10 . 2014-05-07 22:10 -------- d-----w- c:\windows\en
2014-05-07 22:10 . 2014-05-07 22:10 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-05-07 22:09 . 2014-05-07 22:09 -------- dc----w- c:\windows\system32\DRVSTORE
2014-05-07 22:09 . 2014-03-31 19:06 58056 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-05-07 22:09 . 2014-05-07 22:09 -------- d-----w- c:\program files\Windows Live
2014-05-07 22:09 . 2014-05-07 22:10 -------- d-----w- c:\program files (x86)\Windows Live
2014-05-07 22:08 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-05-07 22:08 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2014-05-07 22:08 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2014-05-07 22:08 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-05-07 22:08 . 2010-05-26 09:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-05-07 22:08 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2014-05-07 22:07 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-05-07 22:07 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-05-07 22:06 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-05-07 22:06 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2014-05-07 22:06 . 2014-05-07 22:06 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2014-05-07 22:06 . 2014-05-07 22:06 -------- d-----r- c:\users\Keyfor\OneDrive
2014-05-07 22:05 . 2014-05-07 22:05 -------- d-----w- c:\programdata\Microsoft OneDrive
2014-05-07 22:04 . 2014-05-18 13:54 -------- d-----w- c:\users\Keyfor\AppData\Local\Windows Live
2014-05-07 22:04 . 2014-05-07 22:04 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-16 18:32 . 2014-04-22 15:32 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-15 20:17 . 2014-04-08 18:05 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-15 20:17 . 2014-04-08 18:05 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 20:17 . 2014-04-08 18:05 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-09 21:24 . 2014-05-09 21:24 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-05-09 21:24 . 2014-05-09 21:24 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-07 22:09 . 2012-07-17 12:37 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-05-01 20:17 . 2014-04-08 18:05 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-01 20:17 . 2014-04-08 18:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-01 20:17 . 2014-05-01 20:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-01 20:17 . 2014-04-08 18:05 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-01 20:17 . 2014-04-08 18:05 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-01 20:17 . 2014-04-08 18:05 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-01 20:17 . 2014-05-01 20:17 43152 ----a-w- c:\windows\avastSS.scr
2014-04-22 16:40 . 2014-04-22 16:40 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-04-22 16:40 . 2014-04-22 16:40 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-04-22 16:40 . 2014-04-22 16:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-04-22 16:40 . 2014-04-22 16:40 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-04-22 16:40 . 2014-04-22 16:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-04-22 16:40 . 2014-04-22 16:40 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-04-22 16:40 . 2014-04-22 16:40 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-04-22 16:40 . 2014-04-22 16:40 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-04-22 16:40 . 2014-04-22 16:40 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-04-22 16:40 . 2014-04-22 16:40 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-04-22 16:40 . 2014-04-22 16:40 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-04-22 16:40 . 2014-04-22 16:40 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-04-22 16:40 . 2014-04-22 16:40 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-04-22 16:40 . 2014-04-22 16:40 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-04-22 16:40 . 2014-04-22 16:40 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-04-22 16:40 . 2014-04-22 16:40 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-22 16:40 . 2014-04-22 16:40 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-04-22 16:40 . 2014-04-22 16:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-04-22 16:40 . 2014-04-22 16:40 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-22 16:40 . 2014-04-22 16:40 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-04-22 16:40 . 2014-04-22 16:40 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-04-22 16:40 . 2014-04-22 16:40 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-22 16:40 . 2014-04-22 16:40 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-04-22 16:40 . 2014-04-22 16:40 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-22 16:36 . 2014-04-22 16:36 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-04-22 16:36 . 2014-04-22 16:36 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-04-22 15:12 . 2014-04-22 15:12 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-04-22 13:50 . 2014-04-22 13:50 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-04-10 19:08 . 2014-04-02 19:13 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-10 19:08 . 2014-04-02 19:13 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-31 19:34 . 2014-03-31 19:34 322248 ----a-w- c:\windows\WLXPGSS.SCR
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-05 20:19 . 2014-03-31 21:03 7670 --s-a-w- c:\windows\SysWow64\mncqtvey.vbe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-26 3888648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 gwlojovp;gwlojovp; [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
R4 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-21 17:36 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-03 18:49:28
ComboFix-quarantined-files.txt 2014-06-03 16:49
ComboFix2.txt 2013-12-25 22:21
.
Před spuštěním: 65 162 870 784 bytes free
Po spuštění: 64 892 903 424 bytes free
.
- - End Of File - - F20AC551239CCC331B301858BE67DF16
A36C5E4F47E84449FF07ED3517B43A31

#9 Příspěvek od **Márty84** » 04 čer 2014 09:08

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
gwlojovp
SkypeUpdate
c2cautoupdatesvc
c2cpnrsvc

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

keyfor4 · #10 Příspěvek od **keyfor4** » 05 čer 2014 21:25

Jsem netišil že bývá tlik fází

Tady je log:

ComboFix 14-06-04.01 - Keyfor 05.06.2014 22:11:32.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2750 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Keyfor\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_gwlojovp
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-05 do 2014-06-05 )))))))))))))))))))))))))))))))
.
.
2014-06-01 20:36 . 2014-06-01 20:36 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-01 20:36 . 2014-05-12 05:35 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-01 20:36 . 2014-05-12 05:35 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-01 20:36 . 2014-05-12 05:35 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-01 20:36 . 2014-06-01 20:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-01 20:32 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-01 20:29 . 2014-06-01 20:32 -------- d-----w- C:\AdwCleaner
2014-05-31 21:21 . 2014-05-31 21:26 -------- d-----w- c:\program files\trend micro
2014-05-31 21:21 . 2014-05-31 21:21 -------- d-----w- C:\rsit
2014-05-30 21:08 . 2014-05-30 21:08 -------- d-----w- c:\program files\CCleaner
2014-05-30 21:08 . 2014-05-30 21:08 -------- d-----w- c:\program files (x86)\Trend Micro
2014-05-29 19:15 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2014-05-29 19:05 . 2014-05-29 19:05 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-05-29 18:39 . 2006-03-31 10:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2014-05-29 18:25 . 2014-06-03 17:01 -------- d-----w- c:\users\Keyfor\AppData\Local\Razer
2014-05-29 18:24 . 2014-06-03 17:00 -------- d-----w- c:\programdata\Razer
2014-05-29 18:24 . 2014-06-03 16:56 -------- d-----w- c:\program files (x86)\Razer
2014-05-29 18:19 . 2014-05-29 18:19 -------- d-----w- c:\programdata\Malwarebytes
2014-05-29 17:59 . 2014-05-29 17:59 -------- d-----w- c:\users\Keyfor\AppData\Roaming\InstallShield
2014-05-25 20:10 . 2014-05-25 20:10 -------- d-----w- c:\users\Keyfor\AppData\Local\ArcSoft
2014-05-25 20:08 . 2014-05-27 08:53 -------- d-----w- c:\programdata\ArcSoft
2014-05-25 20:08 . 2014-05-25 20:10 -------- d-----w- c:\users\Keyfor\AppData\Roaming\ArcSoft
2014-05-25 20:08 . 2006-11-14 09:31 22784 ----a-w- c:\windows\SysWow64\drivers\afc.sys
2014-05-25 20:07 . 2014-05-25 20:08 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2014-05-25 20:07 . 2014-05-25 20:07 -------- d-----w- c:\program files (x86)\ArcSoft
2014-05-25 20:07 . 2005-04-27 14:36 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2014-05-25 20:07 . 2003-02-21 02:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-05-25 20:07 . 2014-05-29 18:00 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-05-25 20:07 . 2003-03-18 20:14 499712 ----a-r- c:\windows\SysWow64\msvcp71.dll
2014-05-25 20:04 . 2014-05-25 20:04 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-05-25 19:56 . 2014-05-25 19:56 165504 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2014-05-23 18:40 . 2014-05-23 18:40 -------- d-----w- c:\users\Keyfor\AppData\Local\Skype
2014-05-23 18:40 . 2014-05-29 20:10 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Skype
2014-05-23 18:39 . 2014-05-23 18:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-23 18:39 . 2014-05-23 18:40 -------- d-----r- c:\program files (x86)\Skype
2014-05-23 18:39 . 2014-05-23 18:39 -------- d-----w- c:\programdata\Skype
2014-05-17 18:17 . 2014-05-25 19:55 238 ----a-w- c:\windows\system32\AF15IRTBL.bin
2014-05-17 18:08 . 2014-05-17 18:08 -------- d-----w- c:\program files\Theo30
2014-05-17 18:07 . 2014-05-17 18:11 -------- d-----w- c:\program files (x86)\theo30
2014-05-17 17:54 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-05-17 17:54 . 2014-05-17 17:54 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-17 17:49 . 2014-05-29 20:09 -------- d-----w- c:\programdata\BlazeVideo
2014-05-17 16:06 . 2014-05-17 16:11 -------- d-----w- C:\_acestream_cache_
2014-05-17 16:06 . 2014-05-29 18:11 -------- d-----w- c:\users\Keyfor\AppData\Roaming\.ACEStream
2014-05-17 16:04 . 2014-05-17 16:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\ACEStream
2014-05-17 09:42 . 2014-03-06 08:15 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-16 18:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-16 18:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-16 18:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-16 18:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-11 16:33 . 2014-05-11 16:33 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-05-11 16:33 . 2014-05-30 20:41 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Seznam.cz
2014-05-11 16:32 . 2014-05-11 16:32 -------- d-----w- C:\FM Genie Scout 14
2014-05-11 12:45 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-05-11 12:45 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-05-11 12:44 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-05-11 12:44 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-05-11 12:31 . 2014-05-11 12:31 -------- d-sh--w- c:\users\Keyfor\AppData\Local\EmieUserList
2014-05-11 12:31 . 2014-05-11 12:31 -------- d-sh--w- c:\users\Keyfor\AppData\Local\EmieSiteList
2014-05-11 12:26 . 2014-05-17 17:06 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-09 21:36 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-05-09 21:36 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-05-09 21:36 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-05-09 21:36 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-05-09 21:36 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-05-09 21:28 . 2014-05-09 21:28 -------- d-----w- c:\windows\Migration
2014-05-09 21:26 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-05-09 20:30 . 2014-05-09 20:30 -------- d-----w- c:\users\Keyfor\AppData\Local\Chromium
2014-05-09 20:27 . 2014-05-09 20:27 -------- d-----w- c:\users\Keyfor\AppData\Local\Sports Interactive
2014-05-08 07:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-05-08 07:06 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-05-08 07:06 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-05-08 07:06 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-05-08 07:06 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-05-08 07:06 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-05-08 07:06 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-05-08 07:06 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-05-08 07:05 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-05-08 07:05 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-05-08 07:05 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-05-08 07:05 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-05-08 07:05 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2014-05-08 07:05 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-05-08 07:05 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-05-08 07:03 . 2011-05-04 05:19 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2014-05-08 07:03 . 2011-05-04 05:22 778752 ----a-w- c:\windows\system32\mssvp.dll
2014-05-08 01:18 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-05-08 01:17 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-05-08 01:17 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2014-05-08 01:17 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-05-08 01:17 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-05-08 01:17 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-05-08 01:17 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-05-08 01:17 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-05-08 01:17 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-05-08 01:17 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-05-08 01:10 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-05-07 22:51 . 2014-05-07 22:51 -------- d-----w- c:\program files (x86)\Lame For Audacity
2014-05-07 22:43 . 2014-05-19 21:06 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Audacity
2014-05-07 22:42 . 2014-05-07 22:43 -------- d-----w- c:\program files (x86)\Audacity
2014-05-07 22:10 . 2014-05-07 22:10 -------- d-----w- c:\windows\en
2014-05-07 22:10 . 2014-05-07 22:10 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2014-05-07 22:09 . 2014-05-07 22:09 -------- dc----w- c:\windows\system32\DRVSTORE
2014-05-07 22:09 . 2014-03-31 19:06 58056 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-05-07 22:09 . 2014-05-07 22:09 -------- d-----w- c:\program files\Windows Live
2014-05-07 22:09 . 2014-05-07 22:10 -------- d-----w- c:\program files (x86)\Windows Live
2014-05-07 22:08 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-05-07 22:08 . 2010-06-02 02:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2014-05-07 22:08 . 2010-06-02 02:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2014-05-07 22:08 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2014-05-07 22:08 . 2010-05-26 09:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-05-07 22:08 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2014-05-07 22:07 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-05-07 22:07 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-05-07 22:06 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
2014-05-07 22:06 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2014-05-07 22:06 . 2014-05-07 22:06 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2014-05-07 22:06 . 2014-05-07 22:06 -------- d-----r- c:\users\Keyfor\OneDrive
2014-05-07 22:05 . 2014-05-07 22:05 -------- d-----w- c:\programdata\Microsoft OneDrive
2014-05-07 22:04 . 2014-05-18 13:54 -------- d-----w- c:\users\Keyfor\AppData\Local\Windows Live
2014-05-07 22:04 . 2014-05-07 22:04 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-16 18:32 . 2014-04-22 15:32 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-15 20:17 . 2014-04-08 18:05 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-15 20:17 . 2014-04-08 18:05 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 20:17 . 2014-04-08 18:05 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-09 21:24 . 2014-05-09 21:24 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-05-09 21:24 . 2014-05-09 21:24 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-07 22:09 . 2012-07-17 12:37 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-05-01 20:17 . 2014-04-08 18:05 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-01 20:17 . 2014-04-08 18:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-01 20:17 . 2014-05-01 20:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-01 20:17 . 2014-04-08 18:05 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-01 20:17 . 2014-04-08 18:05 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-01 20:17 . 2014-04-08 18:05 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-01 20:17 . 2014-05-01 20:17 43152 ----a-w- c:\windows\avastSS.scr
2014-04-22 16:40 . 2014-04-22 16:40 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-04-22 16:40 . 2014-04-22 16:40 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-04-22 16:40 . 2014-04-22 16:40 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-04-22 16:40 . 2014-04-22 16:40 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-04-22 16:40 . 2014-04-22 16:40 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-04-22 16:40 . 2014-04-22 16:40 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-04-22 16:40 . 2014-04-22 16:40 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-04-22 16:40 . 2014-04-22 16:40 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-04-22 16:40 . 2014-04-22 16:40 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-04-22 16:40 . 2014-04-22 16:40 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-04-22 16:40 . 2014-04-22 16:40 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-04-22 16:40 . 2014-04-22 16:40 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-04-22 16:40 . 2014-04-22 16:40 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-04-22 16:40 . 2014-04-22 16:40 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-04-22 16:40 . 2014-04-22 16:40 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-04-22 16:40 . 2014-04-22 16:40 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-22 16:40 . 2014-04-22 16:40 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-04-22 16:40 . 2014-04-22 16:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-04-22 16:40 . 2014-04-22 16:40 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-22 16:40 . 2014-04-22 16:40 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-04-22 16:40 . 2014-04-22 16:40 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-04-22 16:40 . 2014-04-22 16:40 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-22 16:40 . 2014-04-22 16:40 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-04-22 16:40 . 2014-04-22 16:40 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-22 16:40 . 2014-04-22 16:40 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-22 16:36 . 2014-04-22 16:36 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-04-22 16:36 . 2014-04-22 16:36 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-04-22 15:12 . 2014-04-22 15:12 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-04-22 13:50 . 2014-04-22 13:50 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-04-10 19:08 . 2014-04-02 19:13 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-10 19:08 . 2014-04-02 19:13 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-31 19:34 . 2014-03-31 19:34 322248 ----a-w- c:\windows\WLXPGSS.SCR
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 22:05 223432 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-26 3888648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
R4 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-21 17:36 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 22:06 262344 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Celkový čas: 2014-06-05 22:22:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-05 20:22
ComboFix2.txt 2014-06-05 20:06
ComboFix3.txt 2014-06-03 16:49
ComboFix4.txt 2013-12-25 22:21
.
Před spuštěním: 64 915 234 816 bytes free
Po spuštění: 64 564 617 216 bytes free
.
- - End Of File - - 1A12061AAC03A68E5C2CA8349C89845D
A36C5E4F47E84449FF07ED3517B43A31

#11 Příspěvek od **Márty84** » 06 čer 2014 01:48

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

keyfor4 · #12 Příspěvek od **keyfor4** » 08 čer 2014 22:11

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/06/08 23:00:03

-- Controller Map ----------------------------------------------------------
+ Standard AHCI 1.0 Serial ATA Controller [ATA]
+ ATA Channel 0 (0)
- ST9500420AS ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVDRAM GT32N ATA Device

-- Disk List ---------------------------------------------------------------
(1) ST9500420AS : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9500420AS
----------------------------------------------------------------------------
Model : ST9500420AS
Firmware : 0003SDM1
Serial Number : 5VJ7DHNF
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 9556 hod.
Power On Count : 4189 krát
Host Reads : 1935 GB
Host Writes : 1461 GB
Temparature : 36 C (96 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : D0D0h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _97 __6 000008D42238 Počet chyb čtení
03 _97 _97 _85 000000000000 Čas na roztočení ploten
04 _91 _91 _20 000000002715 Počet spuštění/zastavení
05 _93 _93 _36 000000000099 Počet přemapovaných sektorů
07 _71 _60 _30 000E0D7FD6FD Počet chybných hledání
09 _90 _90 __0 000000002554 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 00000000105D Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 0000000000BA Ohlášeno neopravitelných chyb
BC 100 _97 __0 000500050026 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _64 _50 _45 000024200024 Teplota toku vzduchu
BF 100 100 __0 00000000008B Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000040 Počet vypnutí disku
C1 _51 _51 __0 000000018009 Počet cyklů načítání/vymazání
C2 _36 _50 __0 000700000024 Teplota
C3 _47 _37 __0 000008D42238 Počet oprav chybného čtení
C5 100 100 __0 000000000001 Počet podezřelých sektorů
C6 100 100 __0 000000000001 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 71DF000024EB Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000B6A867A7 Total LBAs Written
F2 100 253 __0 0000F1FBAD8C Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3556 3556 4A37 4448 4E46
020: 0000 8000 0004 3030 3033 4D31 4D31 5354 3935 3030
030: 3432 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 0048 0040
080: 01F0 0029 746B 7F09 61E3 BE09 BE09 61E3 007F 0033
090: 0033 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 29BC C782 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3E00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7CA5

RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Keyfor [Admin rights]
Mode : Scan -- Date : 06/08/2014 23:10:17

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0 -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500420AS ATA Device +++++
--- User ---
[MBR] da03154ada04718254b4c8261d47b58a
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 2048 | Size: 20001 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 40965750 | Size: 109232 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 264673280 | Size: 9999 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 285153280 | Size: 337704 MB
User = LL1 ... OK
User = LL2 ... OK

#13 Příspěvek od **Márty84** » 09 čer 2014 03:27

Znovu spustte RogueKiller jako spravce
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni nalezy oznacte (zkontrolujte, ze jsou u nich zatrzitka) a kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.

Disk na tom neni moc dobre

Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

keyfor4 · #14 Příspěvek od **keyfor4** » 15 čer 2014 15:33

RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Keyfor [Admin rights]
Mode : Remove -- Date : 06/15/2014 16:28:46

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 16 ¤¤¤
[FIREFX:Addon] nuui4pco.default : Hola Unblocker [jid1-4P0kohSJxU1qGg@jetpack] -> DELETED
[FIREFX:Addon] nuui4pco.default : Seznam liÅ¡tiÄka [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> DELETED
[FIREFX:Addon] nuui4pco.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> DELETED
[FIREFX:Addon] nuui4pco.default : Flash Video Downloader - YouTube Full HD Download [artur.dubovoy@gmail.com] -> DELETED
[FIREFX:Addon] nuui4pco.default : avast! Online Security [wrc@avast.com] -> DELETED
[FIREFX:Addon] nuui4pco.default : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> DELETED
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> DELETED
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : Seznam LiÅ¡tiÄka - Email [bgjpfhpjcgdppjbgnpnjllokbmcdllig] -> ERROR [2]
[CHROME:Addon] Default : Seznam LiÅ¡tiÄka - SlovnÃk [blmojkbhnkkphngknkmgccmlenfaelkd] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Magic Player [kpckgflgdapkpabemgkielbefdildaio] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Seznam LiÅ¡tiÄka - RychlÃ¡ volba [olfeabkoenfaoljndfecamgilllcpiak] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500420AS ATA Device +++++
--- User ---
[MBR] da03154ada04718254b4c8261d47b58a
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 2048 | Size: 20001 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 40965750 | Size: 109232 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 264673280 | Size: 9999 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 285153280 | Size: 337704 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_DEL_06092014_220713.log - RKreport_SCN_06082014_231017.log - RKreport_SCN_06092014_220545.log - RKreport_SCN_06152014_162506.log

HDTune:
Obrázek

#15 Příspěvek od **Márty84** » 15 čer 2014 15:40

V HD Tune by me nejvic zajimal ten error scan, ale vysledek tu nevidim. Bylo tam nejake cervene policko?

VIRY.CZ

Vypínání hry po 30ti minutách (notebook)

Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)

Re: Vypínání hry po 30ti minutách (notebook)