Zvýšené využití CPU a Paměti až na 100%

Zpráva

Lubbard · #1 Příspěvek od **Lubbard** » 27 pro 2014 10:49

Zdravim, včera jsem si všiml že mi hlavně firefox (+-78%) ale i Antimalware Service Executable vytěžují procesor a paměť.
Už dřív jsem si všiml, že jel procák na 100%, ale to jsem renderoval video tak jsem si toho moc nevšímal (nevím jestli tu může být nějaká spojitost). Každopádně včera jsem si stahl hru a pak jsem si toho všiml (možná že to dělalo už dřív ale já si toho všiml až teď) tak jsem ji hned odinstalovat, potom ve firefoxu vyskakovaly reklamy typu: Gratulujeme máte nový dárek k vyzvednutí. Toho jsem se už zbavil...
Co bych měl dělat?..
Přiložím screen ze správce úloh

Lubbard · #2 Příspěvek od **Lubbard** » 27 pro 2014 10:53

http://www.jpeg.cz/obrazek/NLj

#3 Příspěvek od **Márty84** » 27 pro 2014 11:02

Zdravim

Kouknete na ten veliky, barevne odliseny obdelnik o kousek vys, kde je napsano

Pravidla fóra

Pokud chcete pomoc, vložte log z RSIT [návod zde] nebo FRST [návod zde].....

Tak dejte treba log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

Lubbard · #4 Příspěvek od **Lubbard** » 27 pro 2014 11:36

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2014-12-27 11:16:40
Microsoft Windows 8.1 Pro
System drive C: has 265 GB (56%) free of 477 GB
Total RAM: 3274 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:16:49, on 27. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\Inf\MSASGui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\ProgramData\HP Photo Creations\Communicator.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Users\HP\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\system32\msstp.vbe
O4 - HKLM\..\Run: [mnctkmtscSrv] C:\WINDOWS\inf\mnctkmtsc.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem25.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10389 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=ssl"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default\searchplugins\
trovi-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-11 77088]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"MSStp"=C:\WINDOWS\system32\msstp.vbe [2014-01-19 1419]
"mnctkmtscSrv"=C:\WINDOWS\inf\mnctkmtsc.vbe [2014-01-19 1342]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [2013-05-01 543]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2014-10-14 911032]

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2014-12-27 11:16:40 ----D---- C:\rsit
2014-12-27 11:16:40 ----D---- C:\Program Files (x86)\trend micro
2014-12-26 21:54:38 ----D---- C:\ProgramData\3872871776
2014-12-26 21:42:18 ----HD---- C:\$SysReset
2014-12-26 19:14:41 ----D---- C:\Temp
2014-12-26 16:14:17 ----D---- C:\ProgramData\Razer
2014-12-25 17:55:26 ----D---- C:\Program Files (x86)\EA GAMES
2014-12-25 14:49:57 ----D---- C:\ProgramData\13388277119239747666
2014-12-25 14:49:18 ----D---- C:\Program Files (x86)\unisalEs
2014-12-22 18:10:03 ----D---- C:\Users\HP\AppData\Roaming\Need for Speed World
2014-12-22 12:38:27 ----RHD---- C:\Users\HP\AppData\Roaming\SecuROM
2014-12-22 09:30:03 ----D---- C:\Program Files (x86)\Origin Games
2014-12-22 09:25:28 ----D---- C:\Users\HP\AppData\Roaming\Origin
2014-12-22 09:23:25 ----D---- C:\ProgramData\Electronic Arts
2014-12-22 09:23:04 ----D---- C:\Program Files (x86)\Origin
2014-12-22 09:16:04 ----D---- C:\ProgramData\Origin
2014-12-21 16:51:21 ----A---- C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-12-21 16:51:06 ----D---- C:\Program Files (x86)\Microsoft WSE
2014-12-21 16:43:52 ----D---- C:\Program Files (x86)\Electronic Arts
2014-12-19 20:10:16 ----A---- C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-18 10:32:41 ----D---- C:\Users\HP\AppData\Roaming\Fpscore Metro
2014-12-15 19:32:21 ----D---- C:\Program Files (x86)\Screenshots
2014-12-13 19:54:53 ----D---- C:\Users\HP\AppData\Roaming\Hamachi
2014-12-13 19:51:55 ----D---- C:\Program Files (x86)\MTA San Andreas
2014-12-11 18:48:55 ----D---- C:\Program Files (x86)\Config
2014-12-11 18:47:17 ----D---- C:\Users\HP\AppData\Roaming\LolClient
2014-12-11 16:10:25 ----D---- C:\ProgramData\Riot Games
2014-12-11 16:08:23 ----D---- C:\Program Files (x86)\Logs
2014-12-11 16:07:59 ----A---- C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-12-11 16:07:59 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-12-11 16:07:58 ----A---- C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-12-11 16:07:47 ----D---- C:\Program Files (x86)\RADS
2014-12-11 16:07:09 ----D---- C:\Users\HP\AppData\Roaming\Riot Games
2014-12-10 14:56:53 ----A---- C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 14:56:47 ----A---- C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 14:56:40 ----A---- C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 14:51:16 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 14:51:07 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 14:51:04 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 14:51:03 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 14:51:03 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 14:51:02 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 14:51:00 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 14:50:57 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 14:50:56 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 14:50:55 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 14:50:51 ----A---- C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 14:50:48 ----A---- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 14:50:48 ----A---- C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 14:50:46 ----A---- C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 14:50:45 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 14:50:19 ----A---- C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-09 14:16:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-03 20:39:59 ----A---- C:\WINDOWS\SysWOW64\xlive.dll
2014-12-03 20:39:34 ----D---- C:\ProgramData\Logs
2014-12-03 15:50:22 ----D---- C:\Program Files (x86)\RegTweaker
2014-12-02 16:00:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-12-02 15:59:37 ----A---- C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-02 15:59:34 ----A---- C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-02 15:59:33 ----A---- C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-12-02 15:59:29 ----A---- C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-12-02 15:59:28 ----A---- C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-12-02 15:59:27 ----A---- C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-12-02 15:59:26 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-12-02 15:59:24 ----A---- C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-12-02 15:59:23 ----A---- C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-12-02 15:59:22 ----A---- C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-12-02 15:59:21 ----A---- C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-12-02 15:59:17 ----A---- C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-12-02 15:59:13 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-12-02 15:59:12 ----A---- C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-12-02 15:59:10 ----A---- C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-12-02 15:59:08 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-12-02 15:59:06 ----A---- C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-11-29 19:39:26 ----D---- C:\Users\HP\AppData\Roaming\HeroesAndGeneralsDesktop
2014-11-29 14:41:24 ----D---- C:\ProgramData\Ableton
2014-11-29 14:41:23 ----D---- C:\Users\HP\AppData\Roaming\Ableton
2014-11-29 14:02:21 ----D---- C:\Program Files (x86)\Fender Universal ASIO
2014-11-29 14:01:33 ----A---- C:\WINDOWS\SysWOW64\msvcr71.dll
2014-11-29 14:01:32 ----A---- C:\WINDOWS\SysWOW64\msvcp71.dll
2014-11-29 14:00:09 ----D---- C:\Program Files (x86)\Common Files\DigiDesign
2014-11-29 14:00:08 ----D---- C:\Program Files (x86)\Steinberg
2014-11-29 14:00:07 ----D---- C:\Program Files (x86)\IK Multimedia
2014-11-29 13:59:56 ----D---- C:\Users\HP\AppData\Roaming\InstallShield
2014-11-29 13:59:09 ----A---- C:\WINDOWS\SysWOW64\REX Shared Library.dll
2014-11-29 13:59:08 ----A---- C:\WINDOWS\SysWOW64\ReWire.dll
2014-11-29 13:56:24 ----D---- C:\Program Files (x86)\Ableton
2014-11-22 19:28:13 ----A---- C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-11-22 19:27:57 ----A---- C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-11-22 19:27:56 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-11-22 19:27:50 ----A---- C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-17 19:44:15 ----D---- C:\Users\HP\AppData\Roaming\GameRanger
2014-11-17 10:38:11 ----A---- C:\WINDOWS\SysWOW64\Access.dat
2014-11-17 10:33:20 ----D---- C:\Users\HP\AppData\Roaming\Tunngle
2014-11-17 08:56:58 ----D---- C:\Program Files (x86)\FlatOut2
2014-11-15 10:22:52 ----A---- C:\WINDOWS\IsUninst.exe
2014-11-15 10:18:35 ----D---- C:\Program Files (x86)\Mafia
2014-11-15 10:12:58 ----RA---- C:\Users\HP\AppData\Roaming\MafiaSetup.exe
2014-11-15 10:08:34 ----A---- C:\WINDOWS\SysWOW64\MafiaSetup.exe
2014-11-14 17:41:15 ----D---- C:\Users\HP\AppData\Roaming\CDROLLER
2014-11-13 15:46:08 ----A---- C:\WINDOWS\SysWOW64\user32.dll
2014-11-13 15:46:07 ----A---- C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-13 15:46:04 ----A---- C:\WINDOWS\SysWOW64\msi.dll
2014-11-13 15:46:03 ----A---- C:\WINDOWS\SysWOW64\authui.dll
2014-11-13 15:46:02 ----A---- C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-13 15:43:22 ----A---- C:\WINDOWS\SysWOW64\schannel.dll
2014-11-13 15:43:21 ----A---- C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-13 15:42:51 ----A---- C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-13 15:41:58 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-13 15:41:56 ----A---- C:\WINDOWS\SysWOW64\wups.dll
2014-11-13 15:41:56 ----A---- C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-13 15:41:22 ----A---- C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-13 15:38:03 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-13 15:38:03 ----A---- C:\WINDOWS\SysWOW64\ieui.dll
2014-11-13 15:38:00 ----A---- C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-13 15:37:55 ----A---- C:\WINDOWS\SysWOW64\msrating.dll
2014-11-13 15:37:55 ----A---- C:\WINDOWS\SysWOW64\hlink.dll
2014-11-13 15:37:53 ----A---- C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-13 15:37:53 ----A---- C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-13 15:37:52 ----A---- C:\WINDOWS\SysWOW64\inseng.dll
2014-11-13 15:37:52 ----A---- C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SysWOW64\occache.dll
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-13 15:37:49 ----A---- C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 15:37:49 ----A---- C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-13 15:37:48 ----A---- C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SysWOW64\wextract.exe
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\SysWOW64\url.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-13 15:37:45 ----A---- C:\WINDOWS\SysWOW64\mshta.exe
2014-11-13 15:37:45 ----A---- C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-13 15:37:19 ----A---- C:\WINDOWS\SysWOW64\packager.dll
2014-11-13 15:37:18 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-13 15:37:08 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2014-11-13 15:37:04 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2014-11-13 15:37:03 ----A---- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-13 15:37:03 ----A---- C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-13 15:37:01 ----A---- C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-13 15:37:01 ----A---- C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-13 15:36:58 ----A---- C:\WINDOWS\SysWOW64\untfs.dll
2014-11-13 15:36:55 ----A---- C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-10 20:45:25 ----D---- C:\Users\HP\AppData\Roaming\TS3Client
2014-11-10 19:49:59 ----A---- C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-11-10 19:49:59 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-11-10 19:49:58 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-11-10 19:49:58 ----A---- C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-11-08 12:04:24 ----D---- C:\ProgramData\NanoStudio
2014-11-08 12:04:15 ----A---- C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-11-08 12:04:15 ----A---- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-11-01 13:33:04 ----D---- C:\Program Files (x86)\Common Files\Adobe
2014-10-28 13:33:26 ----A---- C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-10-28 13:33:25 ----A---- C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-10-28 13:33:24 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-10-28 13:33:19 ----A---- C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-10-28 13:33:18 ----A---- C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-10-28 13:33:13 ----A---- C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-10-28 13:33:12 ----A---- C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-10-28 13:33:07 ----A---- C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-10-28 13:33:01 ----A---- C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-10-28 13:33:00 ----A---- C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-10-28 13:32:59 ----A---- C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-10-28 13:32:55 ----A---- C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-10-28 13:32:51 ----A---- C:\WINDOWS\SysWOW64\d3dx10.dll
2014-10-28 13:32:50 ----A---- C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-10-28 13:32:49 ----A---- C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-10-28 13:32:48 ----A---- C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-10-28 13:32:46 ----A---- C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-10-28 13:32:44 ----A---- C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-10-28 13:32:42 ----A---- C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-10-28 13:32:41 ----A---- C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-10-28 13:32:27 ----A---- C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-10-28 13:32:24 ----A---- C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-10-28 13:32:22 ----A---- C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-10-28 13:32:21 ----A---- C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-10-28 13:32:19 ----A---- C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-10-28 13:32:14 ----A---- C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-10-28 13:10:12 ----D---- C:\Users\HP\AppData\Roaming\Guitar Pro 6
2014-10-28 13:10:12 ----D---- C:\ProgramData\Guitar Pro 6

======List of files/folders modified in the last 2 months======

2014-12-27 11:16:40 ----RD---- C:\Program Files (x86)
2014-12-27 11:16:37 ----D---- C:\WINDOWS\Prefetch
2014-12-27 11:02:48 ----D---- C:\Program Files (x86)\Steam
2014-12-27 10:30:05 ----D---- C:\WINDOWS\Temp
2014-12-27 10:23:39 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2014-12-27 10:23:30 ----SHD---- C:\WINDOWS\Installer
2014-12-27 10:19:26 ----A---- C:\WINDOWS\SysWOW64\bscs.ini
2014-12-27 10:16:42 ----A---- C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-12-27 10:16:24 ----A---- C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-12-27 01:48:34 ----A---- C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-12-27 01:46:17 ----D---- C:\Users\HP\AppData\Roaming\vlc
2014-12-26 22:21:55 ----HD---- C:\ProgramData
2014-12-26 22:18:06 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2014-12-26 21:55:27 ----D---- C:\WINDOWS\AppReadiness
2014-12-26 21:53:34 ----D---- C:\Windows
2014-12-26 21:53:30 ----D---- C:\WINDOWS\SysWOW64
2014-12-26 21:53:03 ----D---- C:\WINDOWS\System32
2014-12-26 21:53:03 ----D---- C:\Program Files (x86)\BandiMPEG1
2014-12-26 21:41:58 ----D---- C:\WINDOWS\Logs
2014-12-26 21:15:29 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2014-12-26 21:14:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-26 19:24:57 ----RSD---- C:\WINDOWS\assembly
2014-12-26 19:20:35 ----SHD---- C:\System Volume Information
2014-12-26 16:24:10 ----A---- C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-26 14:27:31 ----D---- C:\WINDOWS\Microsoft.NET
2014-12-24 20:12:46 ----D---- C:\WINDOWS\Inf
2014-12-24 09:44:54 ----D---- C:\Users\HP\AppData\Roaming\Skype
2014-12-22 16:51:38 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller
2014-12-21 16:51:09 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2014-12-20 09:18:08 ----D---- C:\WINDOWS\CbsTemp
2014-12-20 09:17:05 ----D---- C:\WINDOWS\WinSxS
2014-12-13 19:51:32 ----RSD---- C:\WINDOWS\Fonts
2014-12-12 16:50:58 ----D---- C:\WINDOWS\rescache
2014-12-11 16:24:02 ----D---- C:\Program Files (x86)\Hearthstone
2014-12-11 16:13:49 ----D---- C:\Program Files (x86)\Battle.net
2014-12-11 16:07:51 ----D---- C:\WINDOWS\Tasks
2014-12-11 15:13:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 22:00:38 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2014-12-10 22:00:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 22:00:30 ----D---- C:\WINDOWS\PolicyDefinitions
2014-12-10 18:02:06 ----D---- C:\ProgramData\Microsoft Help
2014-12-09 10:58:20 ----D---- C:\ProgramData\Skype
2014-12-09 10:58:11 ----RD---- C:\Program Files (x86)\Skype
2014-12-03 20:39:32 ----D---- C:\ProgramData\Temp
2014-11-29 14:53:12 ----D---- C:\Users\HP\AppData\Roaming\Audacity
2014-11-29 14:27:52 ----D---- C:\Program Files (x86)\Fender
2014-11-29 14:00:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-26 22:10:48 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-22 19:20:20 ----D---- C:\Program Files (x86)\UBISOFT
2014-11-21 15:02:53 ----D---- C:\Program Files (x86)\Common Files\Steam
2014-11-13 23:24:07 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-13 23:23:51 ----D---- C:\WINDOWS\SysWOW64\migration
2014-11-13 23:23:35 ----RD---- C:\WINDOWS\ToastData
2014-11-13 23:23:32 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-13 23:23:30 ----D---- C:\WINDOWS\apppatch
2014-11-11 18:20:37 ----D---- C:\WINDOWS\LiveKernelReports
2014-11-01 13:34:00 ----D---- C:\Users\HP\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem25.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys []
R1 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys []
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 Accelerometer;@oem25.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys []
R3 AtiHDAudioService;@oem9.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys []
R3 BtAudioBusSrv;@oem22.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys []
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys []
R3 HpqKbFiltr;@oem18.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys []
R3 netr28x;@oem33.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
R3 rtbth;@oem34.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys []
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys []
R3 rtsuvc;@oem14.inf,%rtsuvc.DeviceDesc%;HP HD Webcam [Fixed]; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys []
R3 SynTP;@oem35.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys []
S3 ahcix64s;ahcix64s; C:\WINDOWS\System32\drivers\ahcix64s.sys []
S3 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys []
S3 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys []
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys []
S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
S3 iaStorS;iaStorS; C:\WINDOWS\System32\drivers\iaStorS.sys []
S3 megasas2;megasas2; C:\WINDOWS\System32\drivers\megasas2.sys []
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys []
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys []
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys []
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-09-18 108032]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;@oem25.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe []
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-10-02 76888]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2014-12-26 281688]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-04 332800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-02-12 2690608]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-01-23 1006424]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11 267440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-22 1903472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys []
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys []
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys []

-----------------EOF-----------------

#5 Příspěvek od **Márty84** » 27 pro 2014 11:48

Je tam havet.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Lubbard · #6 Příspěvek od **Lubbard** » 27 pro 2014 12:07

# AdwCleaner v4.106 - Report created 27/12/2014 at 12:03:51
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : HP - PROBOOK
# Running from : C:\Users\HP\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\13388277119239747666
File Deleted : C:\Users\HP\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default\searchplugins\trovi-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f8e86575-ff6f-4abc-b91f-933165c6c1bc}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f8e86575-ff6f-4abc-b91f-933165c6c1bc}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f8e86575-ff6f-4abc-b91f-933165c6c1bc}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f8e86575-ff6f-4abc-b91f-933165c6c1bc}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{f8e86575-ff6f-4abc-b91f-933165c6c1bc}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[pbdi6yu0.default\prefs.js] - Line Deleted : user_pref("extensions.NJboIuPml0P34jhl.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[pbdi6yu0.default\prefs.js] - Line Deleted : user_pref("extensions.nN8ganruwIf72Gla.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]

*************************

AdwCleaner[R0].txt - [2880 octets] - [27/12/2014 12:00:52]
AdwCleaner[S0].txt - [2843 octets] - [27/12/2014 12:03:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2903 octets] ##########

#7 Příspěvek od **Márty84** » 27 pro 2014 12:21

Fajn, tak jeste ten MBAM a uvidime, co nam ukaze

Lubbard · #8 Příspěvek od **Lubbard** » 27 pro 2014 17:27

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27. 12. 2014
Scan Time: 12:11:01
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.27.04
Rootkit Database: v2014.12.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: HP

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 606106
Time Elapsed: 5 hr, 14 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.BitCoinMiner, C:\Windows\Inf\MSASGui.exe, 5052, , [86becb9b03794de900a5181c1be727d9]

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 3
Rogue.Multiple, C:\ProgramData\3872871776, , [a2a26cfae19b2b0be2b668af9271aa56],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\bitstreams, , [fa4a0561b9c3e4522f351b0e2bd8ba46],

Files: 26
PUP.BitCoinMiner, C:\Windows\Inf\MSASGui.exe, , [86becb9b03794de900a5181c1be727d9],
Trojan.Agent, C:\Program Files (x86)\unisalEs\unisalEs.exe, , [c87cea7c9edeef47dcfce7166f92a15f],
PUP.Optional.SearchProtect.A, C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\IE\60GDLQ6E\SPSetup[1].exe, , [2222df876b112b0b75670c9f47ba57a9],
PUP.Optional.Conduit.A, C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\IE\60GDLQ6E\spstub[1].exe, , [69dba4c2ea92f442d84dc3e3ea1751af],
PUP.Optional.Conduit, C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\IE\GYSHTFG3\OrbiterInstaller[1].exe, , [251ff4725c2089ad724c9f1e6899857b],
PUP.Optional.SearchProtect.A, C:\Users\HP\AppData\Local\Temp\utt76E7.tmp.exe, , [ca7aee78f5872214c5e41a86c33e56aa],
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.14.exe, , [0c389bcbaad23ff7b8101b111ee321df],
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Local\Temp\nsa6972.tmp\FreemakeVideoConverter.exe, , [9da792d4c4b8241228a069c331d0b44c],
PUP.Optional.OpenCandy, C:\Users\HP\AppData\Local\Temp\nsnFBC5.tmp\DTLite.exe, , [f153d78fec90b97dbbe474300bfaa15f],
PUP.Optional.Installrex, C:\Users\HP\Downloads\Setups\Pop\Prince of Persia The Forgotten Sands-SKIDROW.exe, , [4ff5c6a0e894b68083d4ca045ea36997],
Trojan.BitMiner, C:\Windows\Inf\mnctkmtsc\mnctkmtsc.exe, , [b98b3333dca0a78fb6f970b371910ef2],
Trojan.Agent.VBS, C:\Windows\SysWOW64\msstp.vbe, , [e75d3630611be4522df19404ea1935cb],
Rogue.Multiple, C:\ProgramData\3872871776\BIT77C6.tmp, , [a2a26cfae19b2b0be2b668af9271aa56],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\diablo130302.cl, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\diakgcn121016.cl, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libcurl-4.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libeay32.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libidn-11.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\librtmp.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\libssh2.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\phatk121016.cl, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\poclbm130302.cl, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\scrypt130511.cl, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\ssleay32.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\zlib1.dll, , [fa4a0561b9c3e4522f351b0e2bd8ba46],
Trojan.Agent.BCM, C:\Windows\Inf\mnctkmtsc\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [fa4a0561b9c3e4522f351b0e2bd8ba46],

Physical Sectors: 0
(No malicious items detected)

(end)

#9 Příspěvek od **Márty84** » 27 pro 2014 19:12

Vsechny nalezy hodte do karanteny. Po dalsim restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Lubbard · #10 Příspěvek od **Lubbard** » 28 pro 2014 11:14

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28. 12. 2014
Scan Time: 2:58:07
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.27.08
Rootkit Database: v2014.12.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: HP

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362791
Time Elapsed: 26 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Lubbard · #11 Příspěvek od **Lubbard** » 28 pro 2014 11:16

Dobrý, dík.. procák jede pod 10%, ale paměť je furt na 50%....

#12 Příspěvek od **Márty84** » 28 pro 2014 11:52

Vsak jsme jeste neskoncili.

Test jste trosku osidil, tentokrat to nebyl kompletni test, ale jen ten zakladni, ale snad by uz nic nenasel.

MBAM tedy odinstalujte.

Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe

Lubbard · #13 Příspěvek od **Lubbard** » 28 pro 2014 12:13

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2014-12-28 12:12:44
Microsoft Windows 8.1 Pro
System drive C: has 263 GB (55%) free of 477 GB
Total RAM: 3274 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:12:48, on 28. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\system32\msstp.vbe
O4 - HKLM\..\Run: [mnctkmtscSrv] C:\WINDOWS\inf\mnctkmtsc.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem25.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9744 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
dashost.exe {40037fd7-46d4-4514-8a1d92fbfa562050}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\vcsFPService.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\RtsCM64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN34M1DJ1505YC;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\HP\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=ssl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"=C:\WINDOWS\RTSCM64.EXE [2013-08-02 147160]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-04 1702912]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2014-10-14 911032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-01-31 337184]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2013-03-11 77088]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"MSStp"=C:\WINDOWS\system32\msstp.vbe []
"mnctkmtscSrv"=C:\WINDOWS\inf\mnctkmtsc.vbe [2014-01-19 1342]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-12-28 12:12:45 ----D---- C:\Program Files\trend micro
2014-12-27 12:09:20 ----D---- C:\ProgramData\Malwarebytes
2014-12-27 12:00:48 ----D---- C:\AdwCleaner
2014-12-27 11:16:40 ----D---- C:\rsit
2014-12-27 11:16:40 ----D---- C:\Program Files (x86)\trend micro
2014-12-26 21:42:18 ----HD---- C:\$SysReset
2014-12-26 19:14:41 ----D---- C:\Temp
2014-12-25 17:55:26 ----D---- C:\Program Files (x86)\EA GAMES
2014-12-25 14:49:18 ----D---- C:\Program Files (x86)\unisalEs
2014-12-22 18:10:03 ----D---- C:\Users\HP\AppData\Roaming\Need for Speed World
2014-12-22 12:38:27 ----RHD---- C:\Users\HP\AppData\Roaming\SecuROM
2014-12-22 09:30:03 ----D---- C:\Program Files (x86)\Origin Games
2014-12-22 09:25:28 ----D---- C:\Users\HP\AppData\Roaming\Origin
2014-12-22 09:23:25 ----D---- C:\ProgramData\Electronic Arts
2014-12-22 09:23:04 ----D---- C:\Program Files (x86)\Origin
2014-12-22 09:16:04 ----D---- C:\ProgramData\Origin
2014-12-21 16:51:21 ----A---- C:\WINDOWS\SYSWOW64\vp6vfw.dll
2014-12-21 16:51:06 ----D---- C:\Program Files (x86)\Microsoft WSE
2014-12-21 16:43:52 ----D---- C:\Program Files (x86)\Electronic Arts
2014-12-19 20:10:18 ----A---- C:\WINDOWS\system32\poqexec.exe
2014-12-19 20:10:16 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2014-12-18 10:32:41 ----D---- C:\Users\HP\AppData\Roaming\Fpscore Metro
2014-12-15 19:32:21 ----D---- C:\Program Files (x86)\Screenshots
2014-12-13 19:54:53 ----D---- C:\Users\HP\AppData\Roaming\Hamachi
2014-12-13 19:54:23 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2014-12-13 19:51:55 ----D---- C:\Program Files (x86)\MTA San Andreas
2014-12-13 17:01:04 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2014-12-11 18:48:55 ----D---- C:\Program Files (x86)\Config
2014-12-11 18:47:17 ----D---- C:\Users\HP\AppData\Roaming\LolClient
2014-12-11 16:10:25 ----D---- C:\ProgramData\Riot Games
2014-12-11 16:08:23 ----D---- C:\Program Files (x86)\Logs
2014-12-11 16:07:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2014-12-11 16:07:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2014-12-11 16:07:58 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2014-12-11 16:07:47 ----D---- C:\Program Files (x86)\RADS
2014-12-11 16:07:09 ----D---- C:\Users\HP\AppData\Roaming\Riot Games
2014-12-10 14:56:55 ----A---- C:\WINDOWS\system32\crypt32.dll
2014-12-10 14:56:53 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2014-12-10 14:56:50 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 14:56:47 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-12-10 14:56:41 ----A---- C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 14:56:40 ----A---- C:\WINDOWS\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-10 14:51:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-12-10 14:51:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-12-10 14:51:08 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-12-10 14:51:07 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-12-10 14:51:05 ----A---- C:\WINDOWS\system32\wininet.dll
2014-12-10 14:51:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-12-10 14:51:04 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-12-10 14:51:04 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-12-10 14:51:03 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-12-10 14:51:03 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-12-10 14:51:03 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-12-10 14:51:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-12-10 14:51:00 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-12-10 14:51:00 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 14:50:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-12-10 14:50:56 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-12-10 14:50:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-12-10 14:50:55 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-12-10 14:50:55 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-12-10 14:50:55 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 14:50:55 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 14:50:53 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 14:50:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-12-10 14:50:51 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-12-10 14:50:51 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-12-10 14:50:51 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-12-10 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-12-10 14:50:48 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-12-10 14:50:48 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-12-10 14:50:47 ----A---- C:\WINDOWS\system32\jscript.dll
2014-12-10 14:50:46 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-12-10 14:50:45 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-12-10 14:50:20 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 14:50:19 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2014-12-10 14:50:18 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-12-10 14:50:18 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2014-12-10 14:50:18 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2014-12-10 14:50:17 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys
2014-12-09 14:16:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-03 20:39:59 ----A---- C:\WINDOWS\SYSWOW64\xlive.dll
2014-12-03 20:39:34 ----D---- C:\ProgramData\Logs
2014-12-03 15:50:22 ----D---- C:\Program Files (x86)\RegTweaker
2014-12-02 16:00:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-12-02 15:59:37 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2014-12-02 15:59:37 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2014-12-02 15:59:37 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-02 15:59:37 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2014-12-02 15:59:35 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-02 15:59:34 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_43.dll
2014-12-02 15:59:34 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-02 15:59:33 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2014-12-02 15:59:33 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2014-12-02 15:59:33 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2014-12-02 15:59:31 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2014-12-02 15:59:30 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2014-12-02 15:59:29 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2014-12-02 15:59:29 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2014-12-02 15:59:29 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2014-12-02 15:59:28 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
2014-12-02 15:59:28 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2014-12-02 15:59:27 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
2014-12-02 15:59:27 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2014-12-02 15:59:26 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
2014-12-02 15:59:26 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2014-12-02 15:59:24 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
2014-12-02 15:59:24 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2014-12-02 15:59:23 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
2014-12-02 15:59:23 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2014-12-02 15:59:22 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2014-12-02 15:59:22 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2014-12-02 15:59:21 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
2014-12-02 15:59:21 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_41.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_41.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2014-12-02 15:59:19 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2014-12-02 15:59:17 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
2014-12-02 15:59:17 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2014-12-02 15:59:16 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2014-12-02 15:59:15 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2014-12-02 15:59:13 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2014-12-02 15:59:13 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-02 15:59:12 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2014-12-02 15:59:12 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2014-12-02 15:59:10 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2014-12-02 15:59:10 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2014-12-02 15:59:09 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2014-12-02 15:59:08 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
2014-12-02 15:59:08 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2014-12-02 15:59:07 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2014-12-02 15:59:06 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
2014-12-02 15:59:06 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2014-12-02 15:59:05 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2014-12-02 15:59:05 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2014-12-02 15:59:03 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2014-11-29 19:39:26 ----D---- C:\Users\HP\AppData\Roaming\HeroesAndGeneralsDesktop
2014-11-29 14:41:24 ----D---- C:\ProgramData\Ableton
2014-11-29 14:41:23 ----D---- C:\Users\HP\AppData\Roaming\Ableton
2014-11-29 14:02:21 ----D---- C:\Program Files (x86)\Fender Universal ASIO
2014-11-29 14:01:33 ----A---- C:\WINDOWS\SYSWOW64\msvcr71.dll
2014-11-29 14:01:32 ----A---- C:\WINDOWS\SYSWOW64\msvcp71.dll
2014-11-29 14:00:08 ----D---- C:\Program Files (x86)\Steinberg
2014-11-29 14:00:07 ----D---- C:\Program Files (x86)\IK Multimedia
2014-11-29 13:59:56 ----D---- C:\Users\HP\AppData\Roaming\InstallShield
2014-11-29 13:59:09 ----A---- C:\WINDOWS\SYSWOW64\REX Shared Library.dll
2014-11-29 13:59:08 ----A---- C:\WINDOWS\SYSWOW64\ReWire.dll
2014-11-29 13:56:24 ----D---- C:\Program Files (x86)\Ableton
2014-11-22 19:28:13 ----A---- C:\WINDOWS\SYSWOW64\CmdLineExt_x64.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2014-11-22 19:27:58 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2014-11-22 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2014-11-22 19:27:57 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2014-11-22 19:27:56 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2014-11-22 19:27:56 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2014-11-22 19:27:54 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2014-11-22 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2014-11-22 19:27:50 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-19 15:51:04 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-19 04:26:34 ----A---- C:\WINDOWS\system32\FM20.DLL
2014-11-17 19:44:15 ----D---- C:\Users\HP\AppData\Roaming\GameRanger
2014-11-17 10:38:11 ----A---- C:\WINDOWS\SYSWOW64\Access.dat
2014-11-17 10:33:20 ----D---- C:\Users\HP\AppData\Roaming\Tunngle
2014-11-17 10:33:18 ----A---- C:\WINDOWS\system32\drivers\tap0901t.sys
2014-11-17 08:56:58 ----D---- C:\Program Files (x86)\FlatOut2
2014-11-15 10:22:52 ----A---- C:\WINDOWS\IsUninst.exe
2014-11-15 10:18:35 ----D---- C:\Program Files (x86)\Mafia
2014-11-15 10:12:58 ----RA---- C:\Users\HP\AppData\Roaming\MafiaSetup.exe
2014-11-15 10:08:34 ----A---- C:\WINDOWS\SYSWOW64\MafiaSetup.exe
2014-11-14 17:41:15 ----D---- C:\Users\HP\AppData\Roaming\CDROLLER
2014-11-13 15:46:09 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-13 15:46:08 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-13 15:46:08 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-13 15:46:07 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-13 15:46:07 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-13 15:46:07 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-13 15:46:07 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-13 15:46:04 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-13 15:46:04 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-13 15:46:04 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-13 15:46:03 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-13 15:46:02 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-13 15:46:02 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-13 15:46:02 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-13 15:46:01 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-13 15:43:22 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-13 15:43:22 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-13 15:43:21 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-13 15:43:21 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-13 15:43:21 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-13 15:42:53 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-13 15:42:52 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-13 15:42:51 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-13 15:42:51 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-13 15:42:51 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-13 15:42:51 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-13 15:41:59 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-13 15:41:58 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-13 15:41:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-13 15:41:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-13 15:41:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-13 15:41:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-13 15:41:56 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-13 15:41:56 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-13 15:41:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-13 15:41:56 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-13 15:41:22 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-13 15:41:21 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-13 15:41:05 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-13 15:41:04 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-13 15:38:07 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-13 15:38:05 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-13 15:38:04 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-13 15:38:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-13 15:38:03 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-13 15:38:00 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-13 15:38:00 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-13 15:37:58 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-13 15:37:55 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-13 15:37:55 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-13 15:37:54 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-13 15:37:54 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-13 15:37:53 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-13 15:37:53 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-13 15:37:53 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-13 15:37:53 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-13 15:37:53 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-13 15:37:52 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-13 15:37:52 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-13 15:37:52 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-13 15:37:51 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-13 15:37:50 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-13 15:37:49 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 15:37:49 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-13 15:37:49 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-13 15:37:48 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-13 15:37:48 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-13 15:37:48 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-13 15:37:48 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-13 15:37:47 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-13 15:37:46 ----A---- C:\WINDOWS\system32\url.dll
2014-11-13 15:37:46 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-13 15:37:45 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-13 15:37:45 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-13 15:37:45 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-13 15:37:45 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-13 15:37:44 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-13 15:37:44 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-13 15:37:20 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-13 15:37:19 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-13 15:37:19 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-13 15:37:18 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-13 15:37:18 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-13 15:37:11 ----A---- C:\WINDOWS\system32\shell32.dll
2014-11-13 15:37:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-11-13 15:37:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-11-13 15:37:07 ----A---- C:\WINDOWS\system32\twinui.dll
2014-11-13 15:37:07 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-13 15:37:06 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-13 15:37:06 ----A---- C:\WINDOWS\system32\localspl.dll
2014-11-13 15:37:06 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-11-13 15:37:05 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-13 15:37:04 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-11-13 15:37:03 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2014-11-13 15:37:03 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-11-13 15:37:03 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-11-13 15:37:02 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2014-11-13 15:37:02 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2014-11-13 15:37:01 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2014-11-13 15:37:01 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2014-11-13 15:37:01 ----A---- C:\WINDOWS\system32\puiobj.dll
2014-11-13 15:37:00 ----AC---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-11-13 15:36:59 ----A---- C:\WINDOWS\system32\untfs.dll
2014-11-13 15:36:59 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-11-13 15:36:58 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2014-11-13 15:36:57 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-13 15:36:56 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2014-11-13 15:36:55 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2014-11-10 20:45:25 ----D---- C:\Users\HP\AppData\Roaming\TS3Client
2014-11-10 19:49:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2014-11-10 19:49:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_43.dll
2014-11-10 19:49:58 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_7.dll
2014-11-10 19:49:58 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2014-11-08 12:04:24 ----D---- C:\ProgramData\NanoStudio
2014-11-08 12:04:15 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_7.dll
2014-11-08 12:04:15 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_5.dll
2014-10-28 13:33:26 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2014-10-28 13:33:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2014-10-28 13:33:25 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2014-10-28 13:33:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2014-10-28 13:33:24 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2014-10-28 13:33:24 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2014-10-28 13:33:22 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2014-10-28 13:33:19 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2014-10-28 13:33:19 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2014-10-28 13:33:18 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2014-10-28 13:33:18 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2014-10-28 13:33:16 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2014-10-28 13:33:13 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2014-10-28 13:33:13 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2014-10-28 13:33:12 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2014-10-28 13:33:12 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2014-10-28 13:33:10 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2014-10-28 13:33:07 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2014-10-28 13:33:07 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2014-10-28 13:33:06 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2014-10-28 13:33:04 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2014-10-28 13:33:01 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2014-10-28 13:33:01 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2014-10-28 13:33:00 ----A---- C:\WINDOWS\SYSWOW64\xinput1_3.dll
2014-10-28 13:33:00 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2014-10-28 13:32:59 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2014-10-28 13:32:59 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2014-10-28 13:32:57 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2014-10-28 13:32:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2014-10-28 13:32:55 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2014-10-28 13:32:53 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2014-10-28 13:32:51 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2014-10-28 13:32:51 ----A---- C:\WINDOWS\system32\d3dx10.dll
2014-10-28 13:32:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2014-10-28 13:32:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2014-10-28 13:32:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2014-10-28 13:32:49 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2014-10-28 13:32:48 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2014-10-28 13:32:48 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2014-10-28 13:32:46 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2014-10-28 13:32:46 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2014-10-28 13:32:45 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2014-10-28 13:32:44 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2014-10-28 13:32:44 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2014-10-28 13:32:42 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
2014-10-28 13:32:42 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2014-10-28 13:32:41 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
2014-10-28 13:32:41 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2014-10-28 13:32:27 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
2014-10-28 13:32:27 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2014-10-28 13:32:26 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2014-10-28 13:32:24 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2014-10-28 13:32:24 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2014-10-28 13:32:22 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2014-10-28 13:32:22 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2014-10-28 13:32:21 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2014-10-28 13:32:21 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2014-10-28 13:32:19 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2014-10-28 13:32:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2014-10-28 13:32:17 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2014-10-28 13:32:14 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2014-10-28 13:32:14 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2014-10-28 13:10:12 ----D---- C:\Users\HP\AppData\Roaming\Guitar Pro 6
2014-10-28 13:10:12 ----D---- C:\ProgramData\Guitar Pro 6
2014-10-27 17:55:03 ----D---- C:\Program Files (x86)\Fraps
2014-10-27 15:52:46 ----A---- C:\WINDOWS\SYSWOW64\SHORTCUT.INI
2014-10-27 15:52:01 ----A---- C:\WINDOWS\SYSWOW64\REMOTEDEVICE.INI
2014-10-27 15:43:06 ----D---- C:\Program Files (x86)\Company
2014-10-26 11:24:28 ----D---- C:\Program Files (x86)\Rockstar Games
2014-10-26 10:38:42 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2014-10-26 10:38:37 ----D---- C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2014-10-26 10:38:32 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-10-26 10:38:01 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-10-24 17:30:20 ----D---- C:\WINDOWS\Hewlett-Packard
2014-10-18 14:03:37 ----D---- C:\Users\HP\AppData\Roaming\BANDISOFT
2014-10-18 13:17:18 ----D---- C:\Program Files (x86)\BandiMPEG1
2014-10-16 14:27:34 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-16 14:25:08 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-16 14:25:08 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-16 14:25:04 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 14:25:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-16 14:25:02 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-16 14:25:02 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-16 14:25:01 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 14:25:01 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 14:25:01 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-16 14:25:00 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-16 14:25:00 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-16 14:25:00 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-16 14:25:00 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-16 14:24:59 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-16 14:24:59 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-16 14:24:59 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-16 14:24:59 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-16 14:24:59 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 14:24:58 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-16 14:24:58 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-16 14:24:58 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 14:24:57 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 14:24:57 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 14:24:57 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-16 14:24:57 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-16 14:24:56 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 14:24:56 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 14:24:56 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-16 14:24:55 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-16 14:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 14:24:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 14:24:54 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-14 19:16:45 ----D---- C:\CFLog
2014-10-08 18:11:27 ----D---- C:\Users\HP\AppData\Roaming\Ubisoft
2014-10-08 18:11:27 ----D---- C:\ProgramData\Ubisoft
2014-10-04 12:07:39 ----D---- C:\Users\HP\AppData\Roaming\Publish Providers
2014-10-04 12:01:31 ----D---- C:\Program Files\Sony
2014-10-02 09:40:00 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2014-10-02 09:39:59 ----N---- C:\WINDOWS\SYSWOW64\PnkBstrA.exe
2014-10-01 19:54:53 ----D---- C:\Users\HP\AppData\Roaming\Fender

======List of files/folders modified in the last 3 months======

2014-12-28 12:12:45 ----RD---- C:\Program Files
2014-12-28 12:12:39 ----D---- C:\WINDOWS\Prefetch
2014-12-28 12:12:38 ----D---- C:\Program Files (x86)\Steam
2014-12-28 12:09:55 ----RD---- C:\Program Files (x86)
2014-12-28 12:09:55 ----D---- C:\WINDOWS\system32\drivers
2014-12-28 12:00:01 ----D---- C:\WINDOWS\system32\sru
2014-12-28 11:46:44 ----D---- C:\WINDOWS\Temp
2014-12-28 03:57:34 ----D---- C:\WINDOWS\Microsoft.NET
2014-12-27 23:54:17 ----D---- C:\Users\HP\AppData\Roaming\vlc
2014-12-27 20:50:08 ----RD---- C:\WINDOWS\System32
2014-12-27 20:50:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-27 20:50:07 ----D---- C:\WINDOWS\Inf
2014-12-27 20:12:38 ----D---- C:\WINDOWS\system32\wdi
2014-12-27 20:12:06 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2014-12-27 20:10:17 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2014-12-27 20:09:04 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2014-12-27 20:05:33 ----D---- C:\WINDOWS\CbsTemp
2014-12-27 20:05:30 ----HD---- C:\ProgramData
2014-12-27 20:05:24 ----D---- C:\WINDOWS\SysWOW64
2014-12-27 10:23:39 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2014-12-27 10:23:30 ----SHD---- C:\WINDOWS\Installer
2014-12-26 22:18:06 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2014-12-26 21:55:27 ----D---- C:\WINDOWS\AppReadiness
2014-12-26 21:55:26 ----HD---- C:\Program Files\WindowsApps
2014-12-26 21:53:34 ----D---- C:\Windows
2014-12-26 21:41:58 ----D---- C:\WINDOWS\Logs
2014-12-26 21:14:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-26 19:24:57 ----RSD---- C:\WINDOWS\assembly
2014-12-26 19:20:35 ----SHD---- C:\System Volume Information
2014-12-25 12:14:22 ----D---- C:\WINDOWS\system32\config
2014-12-24 09:44:54 ----D---- C:\Users\HP\AppData\Roaming\Skype
2014-12-22 19:13:45 ----D---- C:\WINDOWS\system32\NDF
2014-12-21 16:51:09 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2014-12-20 09:17:05 ----D---- C:\WINDOWS\WinSxS
2014-12-13 19:51:32 ----RSD---- C:\WINDOWS\Fonts
2014-12-12 16:50:58 ----D---- C:\WINDOWS\rescache
2014-12-12 16:30:39 ----D---- C:\WINDOWS\system32\DriverStore
2014-12-11 16:24:02 ----D---- C:\Program Files (x86)\Hearthstone
2014-12-11 16:13:49 ----D---- C:\Program Files (x86)\Battle.net
2014-12-11 16:07:51 ----D---- C:\WINDOWS\Tasks
2014-12-11 15:13:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 22:02:26 ----D---- C:\WINDOWS\system32\catroot
2014-12-10 22:00:38 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-12-10 22:00:38 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 22:00:38 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 22:00:38 ----D---- C:\WINDOWS\system32\cs-CZ
2014-12-10 22:00:32 ----D---- C:\Program Files\Internet Explorer
2014-12-10 22:00:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 22:00:30 ----D---- C:\WINDOWS\PolicyDefinitions
2014-12-10 18:02:06 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 18:01:49 ----D---- C:\WINDOWS\system32\MRT
2014-12-10 17:58:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-12-10 14:56:31 ----D---- C:\WINDOWS\system32\catroot2
2014-12-09 10:58:20 ----D---- C:\ProgramData\Skype
2014-12-09 10:58:11 ----RD---- C:\Program Files (x86)\Skype
2014-12-05 18:10:58 ----D---- C:\WINDOWS\system32\Tasks
2014-12-03 20:39:32 ----D---- C:\ProgramData\Temp
2014-11-29 14:53:12 ----D---- C:\Users\HP\AppData\Roaming\Audacity
2014-11-29 14:27:52 ----D---- C:\Program Files (x86)\Fender
2014-11-29 14:00:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-26 22:10:48 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-11-22 19:20:20 ----D---- C:\Program Files (x86)\UBISOFT
2014-11-13 23:24:07 ----D---- C:\Program Files\Windows Defender
2014-11-13 23:24:07 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-13 23:24:02 ----D---- C:\WINDOWS\system32\wbem
2014-11-13 23:23:51 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-13 23:23:48 ----D---- C:\WINDOWS\system32\migration
2014-11-13 23:23:35 ----RD---- C:\WINDOWS\ToastData
2014-11-13 23:23:32 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-11-13 23:23:30 ----D---- C:\WINDOWS\apppatch
2014-11-11 18:20:37 ----D---- C:\WINDOWS\LiveKernelReports
2014-11-01 13:34:00 ----D---- C:\Users\HP\AppData\Roaming\Adobe
2014-10-30 12:25:26 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2014-10-26 08:23:28 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2014-10-26 08:23:27 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2014-10-26 08:23:27 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2014-10-26 08:23:27 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2014-10-26 08:23:27 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2014-10-26 08:23:26 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2014-10-26 08:23:26 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2014-10-26 08:23:26 ----A---- C:\WINDOWS\system32\dpnet.dll
2014-10-26 08:23:26 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2014-10-26 08:23:25 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2014-10-26 08:23:20 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2014-10-26 08:23:18 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2014-10-26 08:23:18 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2014-10-26 08:23:18 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2014-10-25 12:09:16 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-24 17:30:35 ----D---- C:\Program Files (x86)\HP
2014-10-16 21:15:20 ----D---- C:\WINDOWS\WinStore
2014-10-16 21:15:17 ----D---- C:\WINDOWS\MediaViewer
2014-10-16 21:15:17 ----D---- C:\WINDOWS\FileManager
2014-10-16 21:15:17 ----D---- C:\WINDOWS\Camera
2014-10-14 19:22:26 ----D---- C:\WINDOWS\SYSWOW64\drivers
2014-10-04 13:22:34 ----D---- C:\Program Files (x86)\Cyberlink
2014-10-04 13:19:34 ----D---- C:\Program Files\CyberLink
2014-10-04 12:24:16 ----D---- C:\Users\HP\AppData\Roaming\Sony
2014-10-04 12:01:32 ----D---- C:\ProgramData\Sony
2014-10-02 09:39:58 ----D---- C:\WINDOWS\system32\LogFiles
2014-09-29 12:39:08 ----D---- C:\Program Files (x86)\Video Plug-Ins

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem25.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-03-01 30520]
R1 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-10-26 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 Accelerometer;@oem25.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-03-01 43320]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 AtiHDAudioService;@oem9.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2013-04-23 98744]
R3 BtAudioBusSrv;@oem22.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-12-05 49632]
R3 HpqKbFiltr;@oem18.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2013-01-28 26504]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
R3 netr28x;@oem33.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 rtbth;@oem34.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-26 772680]
R3 rtsuvc;@oem14.inf,%rtsuvc.DeviceDesc%;HP HD Webcam [Fixed]; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-08-02 8873688]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-02-04 544768]
R3 SynTP;@oem35.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 ahcix64s;ahcix64s; C:\WINDOWS\System32\drivers\ahcix64s.sys [2012-10-08 298304]
S3 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-06-12 79016]
S3 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-06-12 26280]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-12-13 45112]
S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-11-03 575448]
S3 iaStorS;iaStorS; C:\WINDOWS\System32\drivers\iaStorS.sys [2012-11-03 651736]
S3 megasas2;megasas2; C:\WINDOWS\System32\drivers\megasas2.sys [2012-10-02 53552]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-01-23 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2013-02-01 448072]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-09-18 108032]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-01-31 553248]
R2 hpsrv;@oem25.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-03-01 43320]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-10-02 76888]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-04 332800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-02-12 3165232]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-01-23 1006424]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11 267440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-22 1903472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2013-08-22 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

#14 Příspěvek od **Márty84** » 28 pro 2014 14:46

Havet se tam drzi, budu ji muset odpalit skriptem.

Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Lubbard · #15 Příspěvek od **Lubbard** » 28 pro 2014 17:08

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by HP (administrator) on PROBOOK on 28-12-2014 17:05:26
Running from C:\Users\HP\Desktop
Loaded Profile: HP (Available profiles: HP)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [147160 2013-08-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-04] (IDT, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSStp] => C:\WINDOWS\system32\msstp.vbe
HKLM-x32\...\Run: [mnctkmtscSrv] => C:\WINDOWS\inf\mnctkmtsc.vbe [1342 2014-01-19] ()
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKU\S-1-5-21-16469112-297514692-3324769309-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-16469112-297514692-3324769309-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-16469112-297514692-3324769309-1001\...\MountPoints2: {99da8e62-5b76-11e4-be78-3c77e6776cb4} - "E:\MafiaLauncher.EXE"
HKU\S-1-5-21-16469112-297514692-3324769309-1001\...\MountPoints2: {99da8e82-5b76-11e4-be78-3c77e6776cb4} - "F:\Install.bat"
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.cz/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-16469112-297514692-3324769309-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pbdi6yu0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-29]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-09-18] (Freemake) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-22] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-10-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-04] (IDT, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-26] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [651736 2012-11-03] (Intel Corporation)
S3 megasas2; C:\Windows\System32\drivers\megasas2.sys [53552 2012-10-02] (LSI Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8873688 2013-08-02] (Realtek Semiconductor Corp.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 X6va027; \??\C:\WINDOWS\SysWOW64\Drivers\X6va027 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 17:05 - 2014-12-28 17:06 - 00014151 _____ () C:\Users\HP\Desktop\FRST.txt
2014-12-28 17:04 - 2014-12-28 17:05 - 00000000 ____D () C:\FRST
2014-12-28 17:02 - 2014-12-28 17:02 - 02123264 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-12-28 15:34 - 2014-12-28 15:34 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Unity
2014-12-28 15:08 - 2014-12-28 15:08 - 00000000 ____D () C:\Users\HP\AppData\Local\Unity
2014-12-28 12:12 - 2014-12-28 12:12 - 00000000 ____D () C:\Program Files\trend micro
2014-12-28 12:07 - 2014-12-28 12:08 - 01222144 _____ () C:\Users\HP\Downloads\RSITx64.exe
2014-12-27 12:09 - 2014-12-27 12:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-27 12:00 - 2014-12-27 12:03 - 00000000 ____D () C:\AdwCleaner
2014-12-27 11:16 - 2014-12-27 11:16 - 00000000 ____D () C:\rsit
2014-12-27 11:16 - 2014-12-27 11:16 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-27 10:23 - 2014-12-27 10:23 - 00000323 _____ () C:\Users\HP\Desktop\Diagnostické nástroje pro tiskárny HP.url
2014-12-26 21:42 - 2014-12-26 21:42 - 00000000 ___HD () C:\$SysReset
2014-12-26 19:14 - 2014-12-26 19:16 - 00000000 ____D () C:\Temp
2014-12-25 19:42 - 2014-12-25 19:42 - 00001807 _____ () C:\Users\HP\Desktop\nfsmwres – zástupce.lnk
2014-12-25 19:32 - 2014-12-25 19:32 - 00161795 _____ () C:\Users\HP\Downloads\The-Interview-2014.WEB-DL.x264-ANGL.srt
2014-12-25 18:14 - 2014-12-25 18:14 - 00000000 ____D () C:\Users\HP\Documents\NFS Most Wanted
2014-12-25 18:00 - 2014-12-25 18:00 - 00002193 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-12-25 18:00 - 2014-12-25 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-12-25 17:55 - 2014-12-25 17:55 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-12-25 14:49 - 2014-12-27 20:05 - 00000000 ____D () C:\Program Files (x86)\unisalEs
2014-12-25 12:53 - 2014-12-25 14:29 - 1516648178 _____ () C:\Users\HP\Downloads\The-Interview-2014-(rozhovor)-WEB-DL.XviD.MP3-RARBG.avi
2014-12-24 20:11 - 2014-12-24 22:09 - 1090413280 _____ () C:\Users\HP\Downloads\Jonesovi-cz-dabing-vyborna-komedie.avi
2014-12-22 18:10 - 2014-12-22 18:10 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Need for Speed World
2014-12-22 16:52 - 2014-12-22 16:52 - 00000000 ____D () C:\Users\HP\AppData\Local\Electronic_Arts_Inc
2014-12-22 12:38 - 2014-12-22 12:38 - 00000000 __RHD () C:\Users\HP\AppData\Roaming\SecuROM
2014-12-22 12:38 - 2014-12-22 12:38 - 00000000 ____D () C:\Users\HP\AppData\Local\Electronic Arts
2014-12-22 09:30 - 2014-12-26 20:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-22 09:25 - 2014-12-23 10:20 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Origin
2014-12-22 09:25 - 2014-12-22 09:30 - 00000000 ____D () C:\Users\HP\AppData\Local\Origin
2014-12-22 09:23 - 2014-12-26 22:21 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-12-22 09:23 - 2014-12-26 10:36 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-22 09:23 - 2014-12-22 09:23 - 00000987 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-12-22 09:16 - 2014-12-26 21:46 - 00000000 ____D () C:\ProgramData\Origin
2014-12-21 17:00 - 2014-12-22 12:38 - 00000000 ____D () C:\Users\HP\Documents\Electronic Arts
2014-12-21 16:51 - 2014-12-21 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-12-21 16:51 - 2008-09-05 01:22 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-12-21 16:43 - 2014-12-26 21:47 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-12-21 12:15 - 2014-12-21 12:54 - 675278206 _____ () C:\Users\HP\Downloads\Shrekovy-Vanoce-Shrekoleda-CZ-dvdrip.avi
2014-12-19 20:10 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-19 20:10 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-18 18:45 - 2014-12-18 18:45 - 00000000 ____D () C:\Users\HP\Downloads\Nová složka
2014-12-18 10:32 - 2014-12-18 10:32 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Fpscore Metro
2014-12-15 19:32 - 2014-12-23 20:24 - 00000000 ____D () C:\Program Files (x86)\Screenshots
2014-12-14 14:40 - 2014-12-14 14:40 - 00000000 ____D () C:\Users\HP\AppData\Local\THQ
2014-12-13 19:54 - 2014-12-13 19:56 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Hamachi
2014-12-13 19:54 - 2014-12-13 19:54 - 00033344 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\hamachi.sys
2014-12-13 19:52 - 2014-12-13 19:52 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MTA San Andreas
2014-12-13 19:52 - 2014-12-13 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas
2014-12-13 19:51 - 2014-12-13 20:03 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas
2014-12-13 19:51 - 2014-12-13 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-12-11 18:47 - 2014-12-11 18:47 - 00000000 ____D () C:\Users\HP\AppData\Roaming\LolClient
2014-12-11 16:10 - 2014-12-11 16:10 - 00000000 ____D () C:\ProgramData\Riot Games
2014-12-11 16:07 - 2014-12-28 12:47 - 00000000 ____D () C:\Program Files (x86)\RADS
2014-12-11 16:07 - 2014-12-11 16:08 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Riot Games
2014-12-11 16:07 - 2014-12-11 16:07 - 00001580 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-11 16:07 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-12-11 16:07 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-12-11 16:07 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-12-10 16:46 - 2014-12-10 16:46 - 00033746 _____ () C:\Users\HP\Downloads\Ultramarines-A-Warhammer-40000-Movie-2010-CZ-SUB.srt
2014-12-10 14:56 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 14:56 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 14:56 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 14:56 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 14:56 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 14:56 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 14:51 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 14:51 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 14:51 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 14:51 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 14:51 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 14:51 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 14:51 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 14:51 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 14:51 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 14:51 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 14:51 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 14:51 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 14:51 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 14:51 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 14:50 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 14:50 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 14:50 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 14:50 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 14:50 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 14:50 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 14:50 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 14:50 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 14:50 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 14:50 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 14:50 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 14:50 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 14:50 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 14:50 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 14:50 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 14:50 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 14:50 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 14:50 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 14:50 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 14:50 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 14:50 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 14:50 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 14:50 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 14:50 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 14:50 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 14:50 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 14:50 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 14:50 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 14:50 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 14:50 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 14:50 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-09 15:42 - 2014-12-09 16:24 - 733337600 _____ () C:\Users\HP\Downloads\Ultramarines---A-Warhammer-40,000-Movie-2010.avi
2014-12-09 14:16 - 2014-12-09 14:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 20:39 - 2014-12-03 20:40 - 15453832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xlive.dll
2014-12-03 16:09 - 2014-12-03 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 15:50 - 2014-12-03 16:08 - 00000000 ____D () C:\Program Files (x86)\RegTweaker
2014-12-02 16:00 - 2014-12-02 16:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-02 15:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-02 15:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-02 15:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-02 15:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-02 15:59 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-12-02 15:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-12-02 15:59 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-12-02 15:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-12-02 15:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-12-02 15:59 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-12-02 15:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-12-02 15:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-12-02 15:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-12-02 15:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-12-02 15:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-12-02 15:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-12-02 15:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-12-02 15:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-12-02 15:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-12-02 15:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-12-02 15:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-11-29 14:41 - 2014-11-29 14:42 - 00000000 ____D () C:\Users\HP\Documents\Ableton
2014-11-29 14:41 - 2014-11-29 14:41 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Ableton
2014-11-29 14:41 - 2014-11-29 14:41 - 00000000 ____D () C:\ProgramData\Ableton
2014-11-29 14:27 - 2014-11-29 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fender FUSE
2014-11-29 14:02 - 2014-11-29 14:02 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fender Universal ASIO
2014-11-29 14:02 - 2014-11-29 14:02 - 00000000 ____D () C:\Program Files (x86)\Fender Universal ASIO
2014-11-29 14:01 - 2014-11-29 14:01 - 00001215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmpliTube Fender LE.lnk
2014-11-29 14:01 - 2009-11-11 17:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-11-29 14:01 - 2009-11-11 17:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-11-29 14:00 - 2014-11-29 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-11-29 14:00 - 2014-11-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-11-29 14:00 - 2014-11-29 14:00 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia
2014-11-29 13:59 - 2014-11-29 13:59 - 00000000 ____D () C:\Users\HP\AppData\Roaming\InstallShield
2014-11-29 13:59 - 2014-11-29 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ableton
2014-11-29 13:59 - 2009-11-09 17:25 - 00368640 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll
2014-11-29 13:59 - 2009-11-09 17:25 - 00233472 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll
2014-11-29 13:56 - 2014-11-29 13:56 - 00000000 ____D () C:\Program Files (x86)\Ableton

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 17:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-28 16:48 - 2014-09-10 01:25 - 01898846 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 16:41 - 2014-11-10 20:45 - 00000000 ____D () C:\Users\HP\AppData\Roaming\TS3Client
2014-12-28 16:27 - 2014-09-28 14:13 - 00000334 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-12-28 16:26 - 2014-09-08 17:18 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-28 12:40 - 2014-09-08 17:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-28 11:09 - 2014-09-16 17:53 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81223E2F-EF2E-413F-AA61-B4D0720430AA}
2014-12-27 23:54 - 2014-09-14 20:14 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-12-27 20:50 - 2014-03-18 16:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-27 20:50 - 2014-03-18 15:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-12-27 20:50 - 2014-03-18 15:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-12-27 20:44 - 2014-09-11 19:00 - 03380224 ___SH () C:\Users\HP\Downloads\Thumbs.db
2014-12-27 20:12 - 2013-02-22 12:59 - 00000983 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2014-12-27 20:10 - 2014-09-10 05:20 - 00000000 ___DO () C:\Users\HP\OneDrive
2014-12-27 20:10 - 2014-08-28 05:17 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2014-12-27 20:09 - 2014-08-28 05:17 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2014-12-27 20:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-27 20:08 - 2014-03-18 08:20 - 00057840 _____ () C:\WINDOWS\PFRO.log
2014-12-27 20:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-27 20:08 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-27 14:20 - 2014-08-28 04:21 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-16469112-297514692-3324769309-1001
2014-12-27 12:07 - 2014-10-28 09:46 - 00015739 _____ () C:\Users\HP\rgmnr
2014-12-27 10:51 - 2014-09-30 16:22 - 00809984 ___SH () C:\Users\HP\Desktop\Thumbs.db
2014-12-27 10:23 - 2014-09-12 15:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\HpUpdate
2014-12-27 01:48 - 2014-10-27 15:52 - 00000130 _____ () C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2014-12-26 22:33 - 2014-09-21 11:36 - 00000000 ___RD () C:\Users\HP\Documents\Notes
2014-12-26 22:18 - 2014-09-20 07:27 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-12-26 21:55 - 2014-08-28 04:13 - 00000000 ____D () C:\Users\HP\AppData\Local\Packages
2014-12-26 21:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-26 21:53 - 2014-10-18 13:17 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-12-26 21:14 - 2014-08-28 04:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-26 20:12 - 2014-10-28 15:58 - 00000000 ____D () C:\Users\HP\Desktop\Captures
2014-12-26 20:12 - 2013-08-22 15:46 - 00299952 _____ () C:\WINDOWS\setupact.log
2014-12-26 19:25 - 2014-09-10 15:43 - 00335513 _____ () C:\WINDOWS\DirectX.log
2014-12-26 16:24 - 2014-10-02 09:41 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-26 16:24 - 2014-10-02 09:40 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-24 17:17 - 2014-11-08 20:00 - 1046391189 _____ () C:\Users\HP\Downloads\Sony-Vegas-Pro-13-Full.rar
2014-12-24 09:44 - 2014-09-10 15:11 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-12-22 19:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-22 19:04 - 2014-09-28 14:48 - 00000000 ____D () C:\Users\HP\Documents\Movie Studio Platinum 13.0 Projects
2014-12-22 16:08 - 2014-11-07 22:44 - 00000000 ____D () C:\Users\HP\Downloads\Skrillex
2014-12-21 09:49 - 2014-10-02 09:40 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-18 15:39 - 2014-10-23 15:49 - 00000000 ____D () C:\Users\HP\Desktop\projects
2014-12-18 11:33 - 2014-11-17 19:44 - 00000000 ____D () C:\Users\HP\AppData\Roaming\GameRanger
2014-12-18 00:13 - 2013-08-22 15:44 - 00492392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-12 16:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 16:34 - 2014-09-20 16:04 - 00000000 ____D () C:\Users\HP\AppData\Local\Battle.net
2014-12-11 16:24 - 2014-09-20 16:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-11 16:13 - 2014-09-20 16:04 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-11 15:21 - 2014-11-01 13:33 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
2014-12-11 15:21 - 2014-09-08 17:18 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-11 15:13 - 2014-09-22 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:02 - 2014-09-13 15:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 18:01 - 2014-09-08 19:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 17:58 - 2014-09-08 19:50 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 10:58 - 2014-09-10 15:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-09 10:58 - 2014-09-10 15:11 - 00000000 ____D () C:\ProgramData\Skype
2014-12-03 20:39 - 2014-09-21 09:38 - 00000000 ____D () C:\ProgramData\Temp
2014-12-02 18:53 - 2014-09-14 12:54 - 00000000 ____D () C:\Users\HP\Documents\My Games
2014-11-29 22:40 - 2014-09-10 01:12 - 00000000 ____D () C:\Users\HP
2014-11-29 14:53 - 2014-09-21 08:22 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Audacity
2014-11-29 14:27 - 2014-09-27 09:30 - 00000000 ____D () C:\Program Files (x86)\Fender
2014-11-29 14:27 - 2014-08-28 04:57 - 00030298 _____ () C:\WINDOWS\DPINST.LOG

Some content of TEMP:
====================
C:\Users\HP\AppData\Local\Temp\AutoRun.exe
C:\Users\HP\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\HP\AppData\Local\Temp\bdfilters.dll
C:\Users\HP\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\HP\AppData\Local\Temp\e07bBCF940070.exe
C:\Users\HP\AppData\Local\Temp\Quarantine.exe
C:\Users\HP\AppData\Local\Temp\sqlite3.dll
C:\Users\HP\AppData\Local\Temp\ubi6FB6.tmp.exe
C:\Users\HP\AppData\Local\Temp\_is1138.exe
C:\Users\HP\AppData\Local\Temp\~F524.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-28 03:56

==================== End Of Log ============================

VIRY.CZ

Zvýšené využití CPU a Paměti až na 100%

Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%

Re: Zvýšené využití CPU a Paměti až na 100%