Reklamy,kurzor vyskakuje z radku,hry vyskakuji zpet do windo

[franni]

Zdravim,prosim o kontrolu logu,,dekuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Franni at 2015-06-14 09:11:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 143 GB (47%) free of 305 GB
Total RAM: 4044 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:11:22, on 14.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
C:\Program Files\trend micro\Franni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Chaturbate Token Hack Generator 2015.lnk = C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10325 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2740
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 23ea6cc8-60f1-411e-83b6-2db004813034 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "406046869-488298307-9415450962112550019692792958-1079073470-14860098961765311236
\??\C:\Windows\system32\conhost.exe "-1697220505-2138541395-871578479-1961194902-154928259112180290517498443271149787202
taskeng.exe {4C4128AB-8679-4452-9DAD-B0393FE7F219}
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe" -c
taskeng.exe {D1B73666-95EE-44D2-8367-6D3CE0C2206C}
szndesktop.exe default start
"C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "599801131-1589911562111100935-118369797714423380341385983231104178906550456629
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="3824.0.380557634\671034819" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3824 "\\.\pipe\gecko-crash-server-pipe.3824" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --proxy-stub-channel=Flash5268.713565C0.2741 --host-broker-channel=Flash5268.713565C0.2428 --host-pid=5268 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --channel=4368.002DF658.1854509550 --proxy-stub-channel=Flash5268.713565C0.2741 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" --host-npapi-version=28 --type=renderer
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Franni\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverScanner Delayed Launch.job - C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\extensions\
battlefieldheroespatcher@ea.com
cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu

C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\searchplugins\
bing.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-24 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-02-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-24 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-02-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-24 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-24 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [2013-09-16 1382568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-28 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-28 1571696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"cz.seznam.software.autoupdate"=C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Safer-Surf]
C:\Program Files (x86)\di4Safer-Surf\Safer-Surf.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Search]
C:\Users\Franni\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.12.4\dsrlte.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 332016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"RUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [2011-09-20 115048]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-10-23 502328]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Chaturbate Token Hack Generator 2015.lnk - C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-14 09:11:13 ----D---- C:\rsit
2015-06-13 16:36:04 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-13 16:36:04 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-13 16:36:01 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-13 16:36:01 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-13 16:33:52 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-13 16:30:58 ----D---- C:\ProgramData\boost_interprocess
2015-06-13 16:30:35 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-13 16:30:35 ----A---- C:\Windows\system32\nvaudcap64v.dll
2015-06-13 16:30:35 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-13 16:30:33 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-13 16:30:33 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-13 16:30:33 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-13 16:30:33 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\nvhdap64.dll
2015-06-13 16:30:33 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-13 16:30:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-13 16:30:32 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-13 16:30:29 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-13 16:30:29 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-13 16:30:29 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-13 16:30:29 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-13 16:28:32 ----D---- C:\NVIDIA
2015-06-10 15:48:29 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 15:48:27 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 15:48:25 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 15:48:23 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 15:48:23 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 15:48:22 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 15:48:22 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 15:48:22 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 15:48:21 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 15:48:08 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 15:48:07 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 15:48:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 15:48:06 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 15:48:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 15:48:05 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 15:48:04 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 15:48:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 15:48:02 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 15:48:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:48:01 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 15:48:00 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 15:48:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 15:48:00 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 15:47:59 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 15:47:59 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 15:47:59 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 15:47:59 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 15:47:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 15:47:58 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 15:47:58 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 15:47:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 15:47:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 15:47:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 15:47:57 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 15:47:57 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 15:47:57 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 15:47:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 15:47:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 15:47:56 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 15:47:56 ----A---- C:\Windows\system32\logman.exe
2015-06-10 15:47:55 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 15:47:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 15:47:55 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 15:47:55 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 15:47:55 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 15:47:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 15:47:54 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 15:47:54 ----A---- C:\Windows\system32\smss.exe
2015-06-10 15:47:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 15:47:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 15:47:53 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 15:47:53 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 15:47:53 ----A---- C:\Windows\system32\relog.exe
2015-06-10 15:47:53 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 15:47:53 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 15:47:52 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 15:47:52 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 15:47:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 15:47:51 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 15:47:51 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 15:47:50 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 15:47:50 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 15:47:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 15:47:50 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 15:47:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 15:47:49 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 15:47:49 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 15:47:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 15:47:49 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 15:47:49 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 15:47:49 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 15:47:48 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 15:47:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 15:47:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 15:47:48 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 15:47:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:47:46 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:47:45 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:47:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:47:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 15:47:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 15:47:44 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 15:47:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:47:43 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:47:43 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:47:43 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 15:47:42 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 15:47:42 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 15:47:42 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 15:47:42 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 15:47:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 15:47:41 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 15:47:41 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 15:46:40 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 15:46:40 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 15:46:23 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 15:46:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 15:46:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 15:46:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 15:46:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:46:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 15:46:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 15:46:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:46:01 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 15:46:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 15:46:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 15:46:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 15:45:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 15:45:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 15:45:59 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 15:45:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 15:45:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 15:45:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 15:45:58 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 15:45:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 15:45:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 15:45:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:45:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 15:45:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:45:57 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 15:45:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 15:45:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 15:45:56 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 15:45:55 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 15:45:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 15:45:54 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 15:45:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 15:45:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 15:45:52 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 15:45:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 15:45:51 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 15:45:51 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 15:45:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 15:45:48 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 15:45:48 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 15:45:48 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 15:45:46 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:45:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 15:45:46 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 15:45:46 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 15:45:45 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 15:45:45 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 15:45:44 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 15:45:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:45:40 ----A---- C:\Windows\system32\mshtml.dll
2015-06-05 15:24:33 ----A---- C:\Windows\system32\invagent.dll
2015-06-05 15:24:33 ----A---- C:\Windows\system32\generaltel.dll
2015-06-05 15:24:33 ----A---- C:\Windows\system32\appraiser.dll
2015-06-05 15:24:33 ----A---- C:\Windows\system32\aepic.dll
2015-06-05 15:24:33 ----A---- C:\Windows\system32\aeinv.dll
2015-06-05 15:24:32 ----A---- C:\Windows\system32\devinv.dll
2015-06-05 15:24:32 ----A---- C:\Windows\system32\aepdu.dll
2015-06-05 15:24:32 ----A---- C:\Windows\system32\acmigration.dll
2015-06-02 15:48:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-27 00:06:55 ----D---- C:\MyGames
2015-05-18 18:37:06 ----D---- C:\Program Files (x86)\Page up top
2015-05-18 14:53:45 ----D---- C:\Users\Franni\AppData\Roaming\Google

======List of files/folders modified in the last 1 month======

2015-06-14 09:11:22 ----D---- C:\Program Files\Trend Micro
2015-06-14 09:11:14 ----D---- C:\Windows\Temp
2015-06-14 09:06:11 ----D---- C:\ProgramData\NVIDIA
2015-06-14 08:56:13 ----SHD---- C:\System Volume Information
2015-06-14 08:46:03 ----D---- C:\Users\Franni\AppData\Roaming\Seznam.cz
2015-06-13 17:22:20 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-13 16:45:51 ----D---- C:\Windows\Minidump
2015-06-13 16:45:42 ----D---- C:\Windows
2015-06-13 16:42:12 ----D---- C:\Windows\system32\config
2015-06-13 16:38:10 ----D---- C:\Windows\SysWOW64
2015-06-13 16:38:10 ----D---- C:\Windows\System32
2015-06-13 16:37:19 ----D---- C:\Windows\inf
2015-06-13 16:36:01 ----D---- C:\Program Files\NVIDIA Corporation
2015-06-13 16:36:00 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-06-13 16:35:44 ----D---- C:\Windows\system32\DriverStore
2015-06-13 16:35:21 ----SHD---- C:\Windows\Installer
2015-06-13 16:35:20 ----RD---- C:\Program Files (x86)
2015-06-13 16:34:22 ----D---- C:\Windows\system32\drivers
2015-06-13 16:34:20 ----D---- C:\temp
2015-06-13 16:31:04 ----RD---- C:\Users
2015-06-13 16:30:58 ----HD---- C:\ProgramData
2015-06-13 10:05:52 ----D---- C:\Windows\Prefetch
2015-06-13 10:05:42 ----D---- C:\Program Files (x86)\SpeedFan
2015-06-13 09:26:00 ----D---- C:\Windows\SoftwareDistribution
2015-06-13 09:24:16 ----D---- C:\Windows\debug
2015-06-13 09:21:24 ----D---- C:\Windows\LiveKernelReports
2015-06-12 17:26:40 ----D---- C:\Program Files (x86)\d76d8309-0bb2-48ff-a728-fee21e2a0395
2015-06-12 17:26:40 ----D---- C:\Program Files (x86)\c5f24251-0772-459a-ad1b-922e799146c1
2015-06-12 17:26:40 ----D---- C:\Program Files (x86)\AMD
2015-06-12 17:26:40 ----D---- C:\Program Files (x86)\6f54cfa1-34dc-4bdf-9b4b-f66d149baa74
2015-06-11 05:53:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-11 04:27:47 ----D---- C:\Windows\rescache
2015-06-11 03:44:08 ----D---- C:\Windows\system32\Tasks
2015-06-11 03:44:08 ----D---- C:\Program Files (x86)\Opera
2015-06-11 03:38:19 ----D---- C:\Windows\winsxs
2015-06-11 03:35:02 ----D---- C:\Program Files\Windows Media Player
2015-06-11 03:35:02 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 03:35:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:35:00 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:35:00 ----D---- C:\Windows\AppPatch
2015-06-11 03:34:58 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 03:34:58 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:34:57 ----D---- C:\Windows\system32\en-US
2015-06-11 03:34:57 ----D---- C:\Windows\PolicyDefinitions
2015-06-11 03:34:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:03:31 ----D---- C:\Windows\system32\MRT
2015-06-11 03:03:14 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 15:44:44 ----D---- C:\Windows\system32\catroot2
2015-06-10 07:32:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-09 15:10:46 ----D---- C:\Users\Franni\AppData\Roaming\Skype
2015-06-06 03:17:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 03:16:26 ----SD---- C:\Windows\system32\CompatTel
2015-06-06 03:16:26 ----D---- C:\Windows\system32\appraiser
2015-06-05 15:42:57 ----D---- C:\Program Files (x86)\WarThunder
2015-05-28 16:55:29 ----RD---- C:\Program Files (x86)\Skype
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-05-28 06:15:30 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-21 05:45:10 ----D---- C:\Windows\addins
2015-05-21 05:45:04 ----D---- C:\Windows\Tasks
2015-05-21 05:45:04 ----D---- C:\Windows\Registration
2015-05-21 03:00:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-21 03:00:47 ----SD---- C:\Windows\system32\GWX
2015-05-18 21:19:03 ----HD---- C:\Windows\msdownld.tmp
2015-05-18 21:18:56 ----D---- C:\Program Files (x86)\Simple Units Converter
2015-05-18 21:18:56 ----D---- C:\Program Files (x86)\Counter Strike Best Online Games Collection
2015-05-18 20:57:54 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-18 19:15:50 ----D---- C:\AdwCleaner
2015-05-18 19:15:37 ----D---- C:\Program Files\Common Files\System
2015-05-18 18:18:51 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2014-09-19 60104]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-28 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-28 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3hub.sys [2011-11-21 101376]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3xhc.sys [2011-11-21 217088]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-06-12 136408]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2014-09-19 137584]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-28 1152656]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-10-25 143416]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-01-27 773968]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-28 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-28 23006864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-12-29 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10 268464]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-01-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-02 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-29 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[altrok]

Krasny den Vam preju


Odinstalujte

• McAfee Security Scan - adware z instalace Adobe Flash Playeru http://forum.viry.cz/viewtopic.php?p=1374437#p1374437
• Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[franni]

tu to je,,jeste se chci zeptat prosim Vas,,co s tema reklamama co vyskakuji ty okenka,,dekuji




# AdwCleaner v4.206 - Log vytvořen 14/06/2015 v 11:00:34
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-09.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Franni - FRANNI-PC
# Spuštěno z : C:\Users\Franni\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\akaelkiagnbfcccfnmbimdbplecgbikh
Soubor Smazáno : C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\akaelkiagnbfcccfnmbimdbplecgbikh
Soubor Smazáno : C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\knlpigpfaognbholppaembpfphilacie

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 cs)


-\\ Google Chrome v43.0.2357.124


-\\ Opera v30.0.1835.59


*************************

AdwCleaner[R0].txt - [8201 bytů] - [19/09/2014 16:39:27]
AdwCleaner[R1].txt - [2420 bytů] - [05/10/2014 11:38:29]
AdwCleaner[R2].txt - [30730 bytů] - [18/05/2015 19:13:59]
AdwCleaner[R3].txt - [5035 bytů] - [14/06/2015 10:00:47]
AdwCleaner[R4].txt - [1717 bytů] - [14/06/2015 10:58:12]
AdwCleaner[S0].txt - [8989 bytů] - [19/09/2014 16:42:18]
AdwCleaner[S1].txt - [2281 bytů] - [05/10/2014 11:39:53]
AdwCleaner[S2].txt - [27989 bytů] - [18/05/2015 19:15:13]
AdwCleaner[S3].txt - [5278 bytů] - [14/06/2015 10:02:54]
AdwCleaner[S4].txt - [1639 bytů] - [14/06/2015 11:00:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1697 bytů] ##########

[altrok]

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

• spustte jako spravce
• do velkeho okna zkopirujte script uvedeny nize
• kliknete na Run script
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi

  Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;

[franni]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Franni on ne 14.06.2015 at 11:20:41,61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Franni\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.6.2015 11:21:55 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\6f54cfa1-34dc-4bdf-9b4b-f66d149baa74 deleted successfully
C:\PROGRA~2\c5f24251-0772-459a-ad1b-922e799146c1 deleted successfully
C:\PROGRA~2\d76d8309-0bb2-48ff-a728-fee21e2a0395 deleted successfully
C:\PROGRA~2\IndepthFunc deleted successfully
C:\Users\Franni\AppData\Roaming\Google deleted successfully
C:\Users\Franni\AppData\Local\Adobe deleted successfully
C:\Users\Franni\AppData\Local\Trend Micro deleted successfully
C:\Users\Franni\AppData\Local\WarThunder deleted successfully

[altrok]

Log neni kompletni - program stale pracuje.

[franni]

to vyskakovani se deje nepravidelne,,,ted uz zase psat mohu,ale jakmile se to projevi,tak musim vzdy za kazdym pismenem kliknout na radek a muzu psat,kdyz otevru nabidku v prohlizeci,nez se nadeju uz je zase skryta,kdyz pravim tlacitkem na plochu,tak to zmizne,,tak nevim,,zatim zadna zmena

[altrok]

Nakazu zpusobujici (nejen) tyto problemy pravdepodobne vidim, ale nejsme jeste u konce. Poustime tam zatim overene automaticke skenery a cistice, ktere cast haveti odstrani. Zoek jste nechal dobehnout do konce nebo jste jej ukoncil? Log totiz neni kompletni.

[franni]

Ok...jeste to frci...poslu po restartu..diky za trpelivost

[franni]

tutaj to je :

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Franni on ne 14.06.2015 at 11:52:17,99.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Franni\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-14-092340.log 970 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com");
user_pref("browser.newtab.url", "https://www.google.com");
user_pref("browser.search.selectedEngine", "webssearches");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default

user.js not found
---- Lines Air Globe removed from prefs.js ----
user_pref("extensions.Air Globe.asul", "1434265688040");
user_pref("extensions.Air Globe.aul", "1434268672767");
user_pref("extensions.Air Globe.irl", true);
user_pref("extensions.Air Globe.is", "ob13073ppCZ");
user_pref("extensions.Air Globe.ug", "8C610B12-5BB9-4BEF-9A52-B1F5A7779BCC");
---- Lines ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299 removed from prefs.js ----
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.active", true);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.addressbar", "NA");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.addressbarenhanced", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.asyncdb.was_copied", "true");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.asyncinternaldb.was_copied", "true");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.backgroundver", 3);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.certdomaininstaller", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.cookie.InstallationTime.value", "1431573257");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.description", ".");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.domain", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.enablesearch", false);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.homepage", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.changeprevious", false);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.iframe", false);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.InstallationTime", 1431573257);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.InstallerParamsCache.expiration", "Fri Feb 01
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.InstallerParamsCache.value", "%7B%22source_id%
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin__disable_bi_pixel_.expirat
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin__disable_bi_pixel_.value",
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_bundledUrls.expiration", "
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_bundledWithHash.expiration
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_bundledWithHash.value", "n
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_notBundledArr_.expiration"
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_notBundledArr_.value", "%5
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_regBundledWithSoftware.exp
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.monetization_plugin_regBundledWithSoftware.val
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.reporting_user_key_index.expiration", "Sun May
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.reporting_user_key_index.value", "671");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_appVer.value", "42");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_lastVersion.expiration", "Fri Feb 01
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 0
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_nextCheck.expiration", "Tue May 19 2
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_queue.expiration", "Fri Feb 01 2030
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_remote_resources.expiration", "Fri F
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.internaldb.Resources_remote_resources.value", "%7B%22remo
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.lastDailyReport", "1431969765513");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.lastUpdate", "1431969765384");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.manifesturl", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.name", "SensePlus.V2");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.newtab", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.opensearch", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.pluginsurl", "http://js.basememlog.com/plugin/apps/70299/
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.pluginsversion", 36);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.publisher", "Object Browser");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.searchstatus", 0);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.setnewtab", false);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.thankyou", "");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.updateinterval", 360);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.70299.ver", 42);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.apps", "70299");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.bic", "14d506a5ac9dd253bb72893559326d3f");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.cid", 70299);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.firstrun", false);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.hadappinstalled", true);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.installationdate", 1431573257);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.modetype", "production");
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.reportInstall", true);
user_pref("extensions.ae9d197d59f2f45f382b1aa5c14d828706aaed9b904554b5cb7984e9com70299.statsDailyCounter", 4);
---- Lines extensions.7KXzsvWr45Jl87rz removed from prefs.js ----
user_pref("extensions.7KXzsvWr45Jl87rz.epoch", "1432056168");
user_pref("extensions.7KXzsvWr45Jl87rz.url", "http://toolkitcard.in/sync2/?q=hfZ9ofqU ... MBzqUojw8r
---- Lines extensions.IUnJ92p387QtggbO removed from prefs.js ----
user_pref("extensions.IUnJ92p387QtggbO.epoch", "1431781050");
user_pref("extensions.IUnJ92p387QtggbO.url", "http://superve.org/sync2/?q=hfZ9oehUh7w ... qUojw8rdkF
---- Lines extensions.XRuoouNX59ep381B removed from prefs.js ----
user_pref("extensions.XRuoouNX59ep381B.epoch", "1431781049");
user_pref("extensions.XRuoouNX59ep381B.url", "http://firsttshare.us/sync2/?q=hfZ9oemM ... FqShIC7n0r
---- Lines extensions.aTUxXwhFaBCTFZtf removed from prefs.js ----
user_pref("extensions.aTUxXwhFaBCTFZtf.epoch", "1432056169");
user_pref("extensions.aTUxXwhFaBCTFZtf.url", "http://veteranted.com/sync2/?q=hfZ9ofbL ... MBzqUojw8r
---- Lines extensions.ntcwwxDZBJ8kga77 removed from prefs.js ----
user_pref("extensions.ntcwwxDZBJ8kga77.epoch", "1431781048");
user_pref("extensions.ntcwwxDZBJ8kga77.url", "http://homedirectorymusicweb.in/sync2/? ... Ha6qja8qSh
---- Lines extensions.preUx6rfmmx8HoOJ removed from prefs.js ----
user_pref("extensions.preUx6rfmmx8HoOJ.epoch", "1431781049");
user_pref("extensions.preUx6rfmmx8HoOJ.url", "http://techwebbjobnew.info/sync2/?q=hfZ ... a6qjaFqihI
---- FireFox user.js and prefs.js backups ----

prefs_14.06.2015_1204_.backup

==== Batch Command(s) Run By Tool======================


Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Counter Strike Best Online Games Collection deleted
C:\PROGRA~2\Page up top deleted
C:\PROGRA~2\Simple Units Converter deleted
C:\Users\Franni\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Franni\AppData\Local\CrashRpt deleted
C:\Windows\tasks\DriverScanner Delayed Launch.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\SysWOW64\LavasoftTcpService.dll deleted
C:\Windows\SysWOW64\LavasoftTcpService.ini deleted
C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
"C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\websearches.sqlite" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default
- Battlefield Heroes Updater - %ProfilePath%\extensions\battlefieldheroespatcher@ea.com
- Ads Remover - %ProfilePath%\extensions\cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu
- Air Globe 1.0.1 - %ProfilePath%\extensions\{16de1a5e-6c3d-4a29-8611-d373f21989ef}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default
77887617FA24E755A5A431E3E28E25E1 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director
2E661988463BCFA1B95D4DAAB9B0B6FA - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll - Shockwave Flash
5B0F6A8F086D3220272919A3023EF180 - C:\Users\Franni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
A523A2E4302AEB68B53F691A5C0DDE06 - C:\Users\Franni\AppData\Local\MyComGames\npmycomdetector.dll - My.com Games Detector
AA2B0803778428522D1CF29EF5AC2DDB - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll - EA Battlefield Heroes Updater


==== Chromium Look ======================

Ge-ForcePlus v3 - Franni\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh
Air Globe - Franni\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngjbncpojlhlhphfmidglmkpafklkcah

==== Chromium Startpages ======================

C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Preferences
worldoftanks.eu":2.2239010857415447,"www.battlefieldheroes.com":0.5227586988632231}}},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]spankbang.com,*":{"setting":1},"[*.]www.pornerbros.com,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]www.ashemaletube.com,*":{"setting":1},"[*.]www.sexfurries.com,*":{"setting":1},"[*.]www.shemalelovetube.com,*":{"setting":1},"[*.]www.tspussyhunters.com,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]spankbang.com,*":{"fullscreen":1},"[*.]www.ashemaletube.com,*":{"plugins":1},"[*.]www.pornerbros.com,*":{"fullscreen":1},"[*.]www.sexfurries.com,*":{"plugins":1},"[*.]www.shemalelovetube.com,*":{"plugins":1},"[*.]www.tspussyhunters.com,*":{"plugins":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"PrvnĂ­ uĹľivatel","per_host_zoom_levels":{}},"protection":{"macs":{"extensions":null}},"savefile":{},"selectfile":{"last_directory":"C:\\Program Files (x86)\\WarThunder\\Screenshots"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13075391024815022"},"translate_accepted_count":{"de":1,"en":26},"translate_blocked_languages":["cs"],"translate_denied_count":{"de":0,"en":0},"translate_last_denied_time":1.419797e+12,"translate_too_often_denied":true,"translate_whitelists":{}}
ground.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","h ... /googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.81\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"6A9F48FF56D7402AE6E62E6AAFC8E83A2B013BB94668E90ED1B07AED6D461F42"},"default_search_provider":{"keyword":"942C081FA967D15386FADD90F5D3BF962740BA33D04944B11C09FDA7494BCA90","name":"100D534EE9EF780C7CACF2235D6F2C3D385388A6DEDAEF691BE60A3051F48530","search_url":"D017406CDA57CD69F76B74E49FAA8347CB176B5EA44EEAA65026EEAAE296F7A3"},"default_search_provider_data":{"template_url_data":"CB25B478E5FDE450CDD4925A581666D71112F73C50E0C6C6C51541F501CA8C36"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"1F5854CE9530D976E319226ACF31FB2EB590234DED6BB2B02FC963CCCF47F16A","bepbmhgboaologfdajaanbcjmnhjmhfn":"D8872F44D229FE529E70D250EE248E6EF433F55624739BCFAC40F05EF9A587AC","bpimjanmknifnoiajikmhmhmlihdccbd":"8BFD966784236BB4DC4D6D3F7105CA4D12176C9D6A31E0B3E5E4896CF5F3155A","dlggapfljcnbmajohkhhapaoajopbncm":"6B6F8A3F67ED963C72901E638798580230F4D1AF52A1E0CDCD2E3D5016FB9AB3","eemcgdkfndhakfknompkggombfjjjeno":"3523AB18A1E2AD0131871ABE6CC70E6296D682C4319D3472BB1329CA64679BE2","ennkphjdgehloodpbhlhldgbnhmacadg":"848A52B230A1E0863C093C02E9E1CF204D56645DC71598D9FE40E6EDA0866F29","gfdkimpbcpahaombhbimeihdjnejgicl":"4500960212FEF3F7CA2DA825D5EC279F2FFFC8515192878B780C154BE88933F5","ginepjojjbmfbfiibfdebddmbkjmgfle":"98DC93CF32D1515FB3A0FF56597248B1780D6DD70F9920B0D57A8AF2CAF63CF3","kmendfapggjehodndflmmgagdbamhnfd":"F7C99F5877881D3C74E948C878B7F9D6508C369500A690B75EB49828C580F15E","lojpenhmoajbiciapkjkiekmobleogjc":"DFF69AE4E51970AEF260208B5C681E53E61BF2A5D4F07BEB412F932E50BED02D","mfehgcgbbipciphmccgaenjidiccnmng":"70DCF30A64169107F2B8429DFFB9506333855214AA6748C889A43967DC48BE5C","mgndgikekgjfcpckkfioiadnlibdjbkf":"154D9C077465795F7DC204E2C734878DD8C1DE943C12F6AD34971FA1E0C86652","mhjfbmdgcfjbbpaeojofohoefgiehjai":"CAA3AFD25B42BCF328E6E028CC0080A566891B4DF363CAB7A69064AD2E9B3236","mmebmmnpohfhoknnlpohjaembcipocaa":"1145BEE540C167BE9932CD49CFD6BAC1E8B16DA6427696C4BF36C6AA3DD257CF","neajdppkdcdipfabeoofebfddakdcjhd":"1E155DF56ACF373B484836B6B85AD12F71BBD7CA46BAD12AF8BBD2E8E3610654","nkeimhogjdpnpccoofpliimaahmaaome":"247BC461DB0DED9564A7CF0B0BB53F7A39E741849F55C7A2255EEC1026D6E0F7","nmmhkkegccagdldgiimedpiccmgmieda":"CD2BE991EC4A0B5039E62906C27F168184BBB30061E9213F1DCA05AFA9BE5821","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"C602A7B0EBE1CF19EECDEDD625C4EBAD5D23C591C12D3DBCB5E69A883FDADDF9"}},"google":{"services":{"last_username":"F8C969DF8FEABA2BC26A9E2412427C447560E3B9228BA09DC9F6F5908EE1DAA3","username":"CF600978077D78BB1B9FDA42CFB680A3C74CB662E8233FBE46F0DEFDF06BEFB3"}},"homepage":"E7E3C7D43ADEC84C8512CD14323C6B57E9149044E866377E823CF957EE872302","homepage_is_newtabpage":"5A9694DE7B03F58EB38FFFABAA7D118F9F03E1E3D7E040CB859296E9FB5B0D48","pinned_tabs":"0EFF29089AA1A313EB5F8820739BB2933ECE1995C5C8A8828D4366BC4B747363","prefs":{"preference_reset_time":"56BCECE94150397D2D209CDAC28ECCE64A9DBF602DB8BD3EA1FA6C02440CF3A1"},"profile":{"reset_prompt_memento":"F73CE7FDB3335EBE15263BCF04C8447BC165A40A124DC227B1F24746D4031750"},"safebrowsing":{"incidents_sent":"AE898B9F2E1579D8D22A198AFE882BAE252AE9FAEE82DFD15132D645A9E05D22"},"search_provider_overrides":"C7FAC3520F8B881ED59F415F518911F8D34F5093A037B92A199CF74443C03BDD","session":{"restore_on_startup":"5F695959CD9E078B9288B1DC2B34FE9E2A6A5A7502DF8CB523D9FF487C86E222","startup_urls":"9112F5D6CC1D156804001F5A032F3BB25340652EA3995689B0D83B511B5FA3EB"},"software_reporter":{"prompt_reason":"83CB6069C2042F2237D229C48BC91AF86A38118F818E6305710F5A9224A8E772","prompt_seed":"C9794F8EC10F8267E3131B329E709904292753F48875A79D149C209CE52C753E","prompt_version":"BDF0BB068B82CAD3154F9DEDC9F1E84F1914F2F27CAA3559309118CC83971C20"},"sync":{"remaining_rollback_tries":"7AF82D94EC9A2E319F6E4A6938411305C0948E53BFA68EEE11D36DFABF976911"}},"super_mac":"9E4DC3705B3CA8F3743956D2B0CA7D1607C4088B127C1B3B9408A5AA1090F472"},"session":{}}


==== Chromium Fix ======================

C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhongheibdpfhdpfccheljfcabgliidh deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jhongheibdpfhdpfccheljfcabgliidh_0.localstorage deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_jhongheibdpfhdpfccheljfcabgliidh_0 deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhongheibdpfhdpfccheljfcabgliidh deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngjbncpojlhlhphfmidglmkpafklkcah deleted successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ngjbncpojlhlhphfmidglmkpafklkcah_0.localstorage deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ngjbncpojlhlhphfmidglmkpafklkcah_0.localstorage deleted successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngjbncpojlhlhphfmidglmkpafklkcah deleted successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ngjbncpojlhlhphfmidglmkpafklkcah deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{02E28D42-90E7-47C2-8083-CDEDB77E67E7} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_14875"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{58882F20-0930-4E45-BDC6-BD82DD690B90} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_14875"
{61902B34-7CD9-4CC3-A9FA-145850BCF1D1} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_14875"
{6CC3A7C1-20B7-4B3F-8A4C-B8C62A7427AB} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_14875"
{A75FF286-67D3-4C6F-8918-07886198195D} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_14875"
{C15A48F2-DCA7-440E-9C00-02DEC3FC7574} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_14875"
{C4522A8F-B487-4E6F-8CDE-A5D9200AF290} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_14875"
{DACB3199-35DE-43D5-A9BF-D66219E928B7} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875"
{EA9694CD-146B-4D6D-9220-DFBEC08A1516} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_14875"

==== Reset Google Chrome ======================

C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Franni\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Safer-Surf deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Franni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Franni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Franni\AppData\Local\Mozilla\Firefox\Profiles\r4uehmnr.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Franni\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=216 folders=35 6440797 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Franni\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Franni\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== EOF on ne 14.06.2015 at 12:09:46,96 ======================

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[franni]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Franni (administrator) on FRANNI-PC on 14-06-2015 12:25:39
Running from C:\Users\Franni\Desktop
Loaded Profiles: Franni (Available Profiles: Franni)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
() C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Users\Franni\AppData\Local\MyComGames\MyComGames.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1382568 2013-09-16] (Trend Micro Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
Startup: C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chaturbate Token Hack Generator 2015.lnk [2015-05-03]
ShortcutTarget: Chaturbate Token Hack Generator 2015.lnk -> C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {02E28D42-90E7-47C2-8083-CDEDB77E67E7} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {58882F20-0930-4E45-BDC6-BD82DD690B90} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {61902B34-7CD9-4CC3-A9FA-145850BCF1D1} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {6CC3A7C1-20B7-4B3F-8A4C-B8C62A7427AB} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {A75FF286-67D3-4C6F-8918-07886198195D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {C15A48F2-DCA7-440E-9C00-02DEC3FC7574} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {C4522A8F-B487-4E6F-8CDE-A5D9200AF290} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {DACB3199-35DE-43D5-A9BF-D66219E928B7} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> {EA9694CD-146B-4D6D-9220-DFBEC08A1516} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-24] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-02-28] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-24] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-02-28] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-1648820562-2695445354-3781568532-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-24] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-03-18] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1648820562-2695445354-3781568532-1001: @my.com/Games -> C:\Users\Franni\AppData\Local\MyComGames\NPMyComDetector.dll [2015-05-27] (My.com, Inc)
FF Plugin HKU\S-1-5-21-1648820562-2695445354-3781568532-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Franni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Extension: Battlefield Heroes Updater - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\battlefieldheroespatcher@ea.com [2014-09-20]
FF Extension: Ads Remover - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu [2015-05-10]
FF Extension: Air Globe 1.0.1 - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\{16de1a5e-6c3d-4a29-8611-d373f21989ef}.xpi [2015-05-10]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Franni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-28] (NVIDIA Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-28] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-05-28] (NVIDIA Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 12:25 - 2015-06-14 12:26 - 00017390 _____ C:\Users\Franni\Desktop\FRST.txt
2015-06-14 12:25 - 2015-06-14 12:25 - 00000000 ____D C:\FRST
2015-06-14 12:24 - 2015-06-14 12:24 - 02109952 _____ (Farbar) C:\Users\Franni\Desktop\FRST64.exe
2015-06-14 12:23 - 2015-06-14 12:23 - 00015327 _____ C:\Users\Franni\Desktop\LM.bat
2015-06-14 12:20 - 2015-06-14 12:23 - 00029696 _____ C:\Users\Franni\AppData\Local\MSGBOX.EXE
2015-06-14 12:07 - 2015-06-14 11:52 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-14 11:53 - 2015-06-14 11:23 - 00000970 _____ C:\zoek-results2015-06-14-092340.log
2015-06-14 11:21 - 2015-06-14 12:09 - 00031445 _____ C:\zoek-results.log
2015-06-14 11:20 - 2015-06-14 12:05 - 00000000 ____D C:\zoek_backup
2015-06-14 11:19 - 2015-06-14 11:19 - 01308672 _____ C:\Users\Franni\Desktop\zoek.exe
2015-06-14 11:01 - 2015-06-14 12:09 - 00001236 _____ C:\Windows\PFRO.log
2015-06-14 10:17 - 2015-06-14 10:17 - 00000000 ____D C:\KVRT_Data
2015-06-14 10:15 - 2015-06-14 10:17 - 105808032 _____ (Kaspersky Lab ZAO) C:\Users\Franni\Downloads\KVRT.exe
2015-06-14 10:00 - 2015-06-14 10:00 - 02231296 _____ C:\Users\Franni\Downloads\adwcleaner_4.206.exe
2015-06-14 09:11 - 2015-06-14 09:11 - 00000000 ____D C:\rsit
2015-06-14 09:10 - 2015-06-14 09:10 - 01222144 _____ C:\Users\Franni\Downloads\RSITx64.exe
2015-06-13 16:45 - 2015-06-13 16:45 - 00749608 _____ C:\Windows\Minidump\061315-25646-01.dmp
2015-06-13 16:36 - 2015-06-13 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-13 16:36 - 2015-06-13 16:36 - 00001392 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-13 16:36 - 2015-05-28 09:04 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-13 16:36 - 2015-05-28 09:04 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-13 16:36 - 2015-05-28 09:04 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-13 16:36 - 2015-05-28 09:04 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-13 16:35 - 2015-06-14 09:17 - 00000000 ____D C:\Users\Franni\AppData\Local\NVIDIA Corporation
2015-06-13 16:33 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-13 16:30 - 2015-06-13 17:22 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-13 16:30 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-13 16:30 - 2015-05-28 09:04 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-13 16:30 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-13 16:30 - 2015-05-28 09:04 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-13 16:30 - 2015-05-28 09:04 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-13 16:28 - 2015-06-13 16:28 - 00000000 ____D C:\NVIDIA
2015-06-13 16:23 - 2015-06-13 16:28 - 292211848 _____ (NVIDIA Corporation) C:\Users\Franni\Downloads\353.06-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-06-13 10:04 - 2015-06-13 10:05 - 02174848 _____ C:\Users\Franni\Downloads\instsf450(1).exe
2015-06-13 09:34 - 2015-06-13 09:34 - 00582936 _____ C:\Windows\Minidump\061315-22713-01.dmp
2015-06-13 09:29 - 2015-06-14 12:09 - 00003389 _____ C:\Windows\setupact.log
2015-06-13 09:29 - 2015-06-13 16:45 - 416706601 _____ C:\Windows\MEMORY.DMP
2015-06-13 09:29 - 2015-06-13 09:29 - 00546064 _____ C:\Windows\Minidump\061315-24008-01.dmp
2015-06-13 09:29 - 2015-06-13 09:29 - 00000000 _____ C:\Windows\setuperr.log
2015-06-13 09:25 - 2015-06-14 12:13 - 00267716 _____ C:\Windows\WindowsUpdate.log
2015-06-10 16:48 - 2015-06-10 16:48 - 00000000 ____D C:\Users\Franni\AppData\Local\CEF
2015-06-10 15:48 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:48 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:48 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:48 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:48 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:48 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:48 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:48 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:48 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:48 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:48 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:48 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:48 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:48 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:48 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:48 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:48 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:48 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:47 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:47 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:47 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:47 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:47 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:47 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:47 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:47 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:47 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:47 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:47 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:47 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:47 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:47 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:47 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:47 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:47 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:47 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:47 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:47 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:47 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:47 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:47 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:46 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 15:46 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 15:46 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 15:46 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 15:46 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 15:46 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 15:46 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:46 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 15:46 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 15:46 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 15:46 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 15:46 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:46 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:46 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:46 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:46 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:46 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:46 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:46 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:45 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:45 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:45 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 15:45 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 15:45 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 15:45 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 15:45 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 15:45 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 15:45 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 15:45 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 15:45 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 15:45 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 15:45 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 15:45 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 15:45 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 15:45 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 15:45 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 15:45 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 15:45 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 15:45 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:45 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:45 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:45 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:45 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:45 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:45 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:45 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:45 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:45 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:45 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:45 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:45 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:45 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:45 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:45 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:45 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:45 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:45 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:45 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:45 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:45 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:45 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:45 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:45 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-06 03:18 - 2015-06-06 03:18 - 00000000 ____D C:\Users\Franni\AppData\Local\GWX
2015-06-05 15:24 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 15:24 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 15:24 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 15:24 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 15:24 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 15:24 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 15:24 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 15:24 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 15:48 - 2015-06-06 03:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-27 18:14 - 2015-05-27 18:14 - 00000128 _____ C:\Users\Franni\Desktop\Armored Warfare Early Access.url
2015-05-27 18:14 - 2015-05-27 18:14 - 00000000 ____D C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta
2015-05-27 00:06 - 2015-06-14 12:12 - 00000000 ____D C:\Users\Franni\AppData\Local\MyComGames
2015-05-27 00:06 - 2015-05-27 17:44 - 00000000 ____D C:\MyGames
2015-05-27 00:06 - 2015-05-27 00:06 - 05098480 _____ C:\Users\Franni\Downloads\ArmwarMycomLoader.exe
2015-05-27 00:06 - 2015-05-27 00:06 - 00002022 _____ C:\Users\Franni\Desktop\My.com Games.lnk
2015-05-27 00:06 - 2015-05-27 00:06 - 00000000 ____D C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-05-20 17:15 - 2015-05-20 17:15 - 00389640 _____ C:\Users\Franni\Desktop\photo.php
2015-05-18 19:59 - 2015-05-18 19:59 - 00884271 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (2).exe.opdownload
2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204.exe
2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (1).exe
2015-05-18 19:09 - 2015-05-18 19:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Franni\Downloads\hijackthis.exe
2015-05-18 19:09 - 2015-05-18 19:09 - 00011829 _____ C:\Users\Franni\Downloads\hijackthis.log
2015-05-17 23:58 - 2015-06-14 09:18 - 00000024 _____ C:\Users\Franni\AppData\Roaming\appdataFr25.bin
2015-05-17 23:54 - 2015-05-18 19:32 - 00011308 _____ C:\Users\Franni\Downloads\software_removal_tool.log
2015-05-17 23:54 - 2015-05-18 19:32 - 00000297 _____ C:\Users\Franni\Downloads\debug.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 12:21 - 2014-05-27 18:27 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 12:17 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 12:17 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 12:14 - 2015-05-13 15:11 - 00000000 ____D C:\Users\Franni\AppData\Roaming\Seznam.cz
2015-06-14 12:09 - 2015-05-11 15:29 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-06-14 12:09 - 2014-12-15 16:51 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-14 12:09 - 2014-05-27 18:27 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 12:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 12:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-06-14 11:29 - 2014-07-12 09:17 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 11:00 - 2014-09-19 16:39 - 00000000 ____D C:\AdwCleaner
2015-06-14 10:57 - 2014-06-07 21:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-14 09:17 - 2014-12-15 17:02 - 00000000 ____D C:\Users\Franni\AppData\Local\NVIDIA
2015-06-14 09:11 - 2015-01-04 00:13 - 00000000 ____D C:\Program Files\Trend Micro
2015-06-13 17:22 - 2014-12-15 16:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-13 16:45 - 2014-07-29 15:16 - 00000000 ____D C:\Windows\Minidump
2015-06-13 16:36 - 2014-12-15 16:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-13 16:36 - 2014-12-15 16:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-13 16:34 - 2015-01-04 01:22 - 00000000 ____D C:\temp
2015-06-13 10:05 - 2014-10-03 19:20 - 00001022 _____ C:\Users\Franni\Desktop\SpeedFan.lnk
2015-06-13 10:05 - 2014-10-03 19:20 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2015-06-13 10:05 - 2014-10-03 19:20 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-06-13 09:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-06-12 17:26 - 2014-12-22 01:00 - 00000000 ____D C:\Program Files (x86)\AMD
2015-06-12 16:59 - 2014-09-19 16:29 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-11 05:53 - 2010-11-21 11:27 - 00668542 _____ C:\Windows\system32\perfh005.dat
2015-06-11 05:53 - 2010-11-21 11:27 - 00141202 _____ C:\Windows\system32\perfc005.dat
2015-06-11 05:53 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 04:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 03:44 - 2015-05-10 19:43 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431279801
2015-06-11 03:44 - 2015-05-10 19:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-11 03:38 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 03:37 - 2009-07-14 06:45 - 00313944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 03:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 03:12 - 2014-05-30 16:26 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:03 - 2014-05-30 16:26 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 07:32 - 2014-07-12 09:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 07:32 - 2014-07-12 09:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 07:32 - 2014-07-12 09:17 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-10 07:27 - 2014-05-27 18:28 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 15:10 - 2014-06-07 21:44 - 00000000 ____D C:\Users\Franni\AppData\Roaming\Skype
2015-06-06 03:17 - 2014-08-19 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 03:16 - 2014-12-15 04:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 03:16 - 2014-05-29 17:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-05 15:42 - 2015-01-03 01:30 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-05-28 09:04 - 2014-12-15 17:02 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2014-08-19 23:15 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 09:04 - 2014-08-19 23:14 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 09:04 - 2014-08-19 23:14 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-12-15 16:51 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-12-15 16:51 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-12-15 16:51 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-12-15 16:51 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-12-15 16:51 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-12-15 16:51 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-12-15 16:51 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-21 05:45 - 2014-05-30 15:43 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-05-21 05:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\addins
2015-05-21 05:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2015-05-21 03:00 - 2015-04-04 15:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 03:00 - 2015-04-04 15:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-18 20:57 - 2014-09-19 16:28 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-18 20:57 - 2014-09-19 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-18 20:57 - 2014-09-19 16:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-18 20:16 - 2014-05-27 18:27 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 20:16 - 2014-05-27 18:27 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 19:15 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-05-18 19:09 - 2014-05-27 18:24 - 00000000 ____D C:\Users\Franni\AppData\Local\VirtualStore
2015-05-18 18:18 - 2009-07-14 04:34 - 00000505 _____ C:\Windows\win.ini
2015-05-18 14:53 - 2014-05-27 18:27 - 00000000 ____D C:\Users\Franni\AppData\Local\Google

==================== Files in the root of some directories =======

2015-05-17 23:58 - 2015-06-14 09:18 - 0000024 _____ () C:\Users\Franni\AppData\Roaming\appdataFr25.bin
2015-01-04 00:13 - 2015-01-04 00:13 - 0000036 _____ () C:\Users\Franni\AppData\Local\housecall.guid.cache
2015-06-14 12:20 - 2015-06-14 12:23 - 0029696 _____ () C:\Users\Franni\AppData\Local\MSGBOX.EXE
2008-01-01 01:11 - 2008-01-01 01:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-06 03:47

==================== End of log ============================

[franni]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Franni at 2015-06-14 12:26:41
Running from C:\Users\Franni\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1648820562-2695445354-3781568532-500 - Administrator - Disabled)
Franni (S-1-5-21-1648820562-2695445354-3781568532-1001 - Administrator - Enabled) => C:\Users\Franni
Guest (S-1-5-21-1648820562-2695445354-3781568532-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1648820562-2695445354-3781568532-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

[0.9.2] RagnaPack v2.0 (HKLM-x32\...\[0.9.2] RagnaPack v2.0 1.0.2) (Version: 1.0.2 - Ragnarocek)
[0.9.2] RagnaPack v2.0 (x32 Version: 1.0.2 - Ragnarocek) Hidden
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aktualizace NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Armored Warfare MyCom Beta) (Version: 1.13 - My.com B.V.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version: - )
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 3.5 (HKLM-x32\...\{EF790F1C-CB0C-4B95-8C54-60783F3B6661}) (Version: 3.5.4.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MIDI MP3 Converter 4.51 (HKLM-x32\...\MIDI MP3 Converter_is1) (Version: - EZ SoftMagic, Inc.)
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My.com Games (HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\MyComGames) (Version: 3.123 - My.com B.V.)
Nero 2014 (HKLM-x32\...\{E3546DC1-0F84-4F85-A909-C715DF70E360}) (Version: 15.0.09200 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{A4DC74AA-F4DF-48B9-AA4B-C30CA0DBCA33}) (Version: 15.0.04600 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Ovládací panel NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PCWin Speaker Recorder (HKLM-x32\...\{C78205AF-82F7-4EAF-A6C9-E1B90B8BB833}) (Version: 1.1.7.0 - FrontierDG.com)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.12.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.12.0 - Renesas Electronics Corporation) Hidden
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Seznam Software (HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Unity Web Player (HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
UnzipLite 0.5.0.0 (HKLM-x32\...\UnzipLite) (Version: 0.5.0.0 - Amnis Technology Ltd)
War Thunder Launcher 1.0.1.467 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
webiums modpack 0.9.6 v9.6.2 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: 9.6.2 - myWOTmods.com)
Weeny Free Audio Recorder 1.3 (HKLM-x32\...\Weeny Free Audio Recorder_is1) (Version: - Weeny Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-06-2015 16:53:29 LavasoftWeCompanion
13-06-2015 16:34:27 Odebráno: NVIDIA PhysX
14-06-2015 08:55:47 Windows Update
14-06-2015 10:56:00 Removed Skype Click to Call
14-06-2015 10:56:38 Removed Skype Click to Call
14-06-2015 11:21:42 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13F88E3E-E3B5-4878-85BC-9980685D8404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: {2C7AC0E0-5A31-4470-8BAE-E163194C59BA} - System32\Tasks\{4865DDEF-75EB-49C0-9FAB-B4B3FAB78647} => pcalua.exe -a C:\Users\Franni\Downloads\AD1988_VISTA_61016180\AsusSetup.exe -d C:\Users\Franni\Downloads\AD1988_VISTA_61016180
Task: {346FA9CF-41EE-4158-BF02-3B9A86B95076} - \Search-Protect No Task File <==== ATTENTION
Task: {4426B672-7FA8-495C-8175-7AFF1126737F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {63E8C7BD-AB77-4E73-AB30-74B1EFB187BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: {69E960EE-E140-4746-8834-AB86CA5D84FB} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-29] (Microsoft Corporation)
Task: {6C989581-3E89-4374-A28E-6EC60D894D53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {837AF575-67D2-433B-845A-1D0D4DFDD474} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {89EE9EBF-B4CF-44D2-9F71-C895617DB9AA} - System32\Tasks\Opera scheduled Autoupdate 1431279801 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {9587444C-DD96-4752-9A58-94E3119F2D96} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {B92588FE-345A-4383-BA6A-866F2BC1EFCD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D17F4CA7-3CC3-45D8-A932-B9AD40B92E4A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D83909DE-BA72-480F-8F18-151FAD4F8E3F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {ED61389C-BF8C-4D07-8725-778DF51731F6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F318DD9A-CCF4-4706-9919-962CB092BF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-06-26] (Nero AG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-15 16:51 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-28 16:59 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\28634libfoxloader-x64.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-09-19 03:35 - 2014-09-19 03:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2014-06-06 19:06 - 2014-12-29 16:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-13 15:11 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-05-13 15:11 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-12-13 00:25 - 2014-12-13 00:25 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-04-14 21:41 - 2014-04-14 21:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-05-27 00:06 - 2015-06-11 20:50 - 03966920 _____ () C:\Users\Franni\AppData\Local\MyComGames\MyComGames.exe
2014-09-19 03:35 - 2014-09-19 03:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 03:35 - 2014-09-19 03:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 03:35 - 2014-09-19 03:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 03:35 - 2014-09-19 03:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 03:35 - 2014-09-19 03:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2015-06-13 16:35 - 2015-05-28 09:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-28 16:59 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\28634libfoxloader.dll
2015-05-13 15:11 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-05-13 15:11 - 2015-02-17 10:35 - 00764416 _____ () C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2015-06-10 07:32 - 2015-06-10 07:32 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
2015-05-27 00:06 - 2015-06-07 20:20 - 00144896 _____ () C:\Users\Franni\AppData\Local\MyComGames\zlib1.dll
2015-05-27 00:06 - 2015-05-27 00:06 - 00062464 _____ () C:\Users\Franni\AppData\Local\MyComGames\pxd.dll
2015-05-27 00:06 - 2015-05-27 00:06 - 00178768 _____ () C:\Users\Franni\AppData\Local\MyComGames\LightUpdate.dll
2015-05-27 00:06 - 2015-05-27 00:06 - 02419488 _____ () C:\Users\Franni\AppData\Local\MyComGames\BigUp2.dll
2015-03-07 13:24 - 2015-03-07 13:24 - 41275904 _____ () C:\Users\Franni\AppData\Local\MyComGames\Chrome\3.2272.2050\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Yahoo! Search => C:\Users\Franni\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.12.4\dsrlte.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{46D20EF8-D239-45A7-9845-373E7C062867}E:\war thunder\launcher.exe] => (Allow) E:\war thunder\launcher.exe
FirewallRules: [UDP Query User{4D2C27E7-FA6D-4DDB-97CA-728A676F628D}E:\war thunder\launcher.exe] => (Allow) E:\war thunder\launcher.exe
FirewallRules: [TCP Query User{2B680774-CED7-4130-AFAD-D3D347B586D0}E:\war thunder\aces.exe] => (Allow) E:\war thunder\aces.exe
FirewallRules: [UDP Query User{325A3FFE-8969-4A59-A674-B13A8DF53533}E:\war thunder\aces.exe] => (Allow) E:\war thunder\aces.exe
FirewallRules: [TCP Query User{220125B0-BE0C-4186-BA2C-4A70AE3A04F8}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{231344B9-69FA-4D28-A5E1-39E1D71FCC84}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{1DBA2979-8B01-4C90-8E3A-330B47384DB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{963EB430-6DF3-47CE-A65D-259200D57366}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F114D903-2CD3-422E-B9D8-6AB7A893C635}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AB6ABE78-27B1-4C84-B273-26D5504C280E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{66E7A4C3-2E29-4194-AF1D-1231D91AF046}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{55E16460-2721-4262-BAD5-BD93D483BC26}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{8D957220-E493-4E36-9048-27BDA979821D}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{3959A92E-ABE5-4B61-86A9-D2C34ACE1C60}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{FE0F17A0-1C45-4A2F-BAE1-C99C2C4A3388}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{8D54791C-A0F0-4579-A032-90516663B392}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{2BC8DEBB-7238-41EE-99F2-BCE763F704C7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A2E8FA9E-7E73-4339-A4E7-D34DF0B169F5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9C564DCF-563C-48F0-B4FA-6663412A1D89}] => (Allow) LPort=2869
FirewallRules: [{5F974FF4-8AB0-4CF5-BD9A-5BA24EEB4B2E}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{B62693C3-7E9D-4BE0-B173-1B8210132834}E:\games\world_of_tanks\wotlauncher.exe] => (Allow) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{29BBA87C-61F4-4039-AAF9-8468CE70568B}E:\games\world_of_tanks\wotlauncher.exe] => (Allow) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{89CBBB85-08B9-4FE7-B5D0-752CA372666E}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5BD68C86-C3EE-43B1-AE04-ADD893F35E32}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{654306A1-AFB2-4A84-B1AE-F3251444B7FC}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{4B9A3512-DBAF-48AD-951A-3DC8BB141BB2}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{9304B267-6528-4A5F-AE0A-F6794B0E3A5A}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{C1991BEC-6264-4FCA-8016-96EA76459BAC}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{829E7F86-B0EF-4002-BE61-63661C6B7521}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{337EC706-3C9A-4728-9215-A515C30594D5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{7C40CFCD-1568-41CD-B962-08AEDCDF154A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4B8660E-6037-40A3-BEED-99BC63DD73D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{594D7F12-15B0-476F-89F8-A66FF658C5EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AE395713-44C9-40FF-B41D-8474C08F1898}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AEE40CC1-0A78-4A74-9B86-22BE7292C159}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{713A381B-985A-4804-9E3D-FF736AB7FF3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{0EB267F6-5136-4B6E-AE08-31CFC57FADE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{408E39B2-DED0-4045-8D62-A9805102326A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{58C6BC01-1485-4D8A-BFE4-53DC0606AB5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{114C960A-4EE1-4544-AB0D-C64E4D485D86}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1E10BB7C-D23C-4730-B151-BA1BDBAAAEEE}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{C45A2BFB-A1D8-46D1-BE54-E96A1DCDEEDB}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [TCP Query User{0CB9F408-F135-49A2-A21F-8C091B624C62}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{A24C5E34-1578-4679-AEE7-395595CDE65A}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{8144D2EC-91C0-492C-A580-CB8658E27C76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38DE1C23-D540-42CB-AB32-0A6A8BA904CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D7CDB6F8-08F7-4CCA-8EBE-BE9285F6A2D0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{76478E0C-2104-48F1-9CB2-CA6CE8DDBFC7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8871CD06-9441-4C7B-B82A-19EB0C39F135}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{51838B6D-D289-4DF0-8B73-8C0FE0E1D628}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{EDD52C14-15F2-4134-A367-54CD3E550295}C:\program files (x86)\warthunder\launcher.exe] => (Allow) C:\program files (x86)\warthunder\launcher.exe
FirewallRules: [UDP Query User{8D7621CB-F6EE-4900-BB2A-957690D4EE81}C:\program files (x86)\warthunder\launcher.exe] => (Allow) C:\program files (x86)\warthunder\launcher.exe
FirewallRules: [TCP Query User{C25E5C8F-96CB-4044-B551-687A240A8FA4}C:\users\franni\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\franni\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{C4A61E6E-FBC4-4921-B312-5E998AF4C9DE}C:\users\franni\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\franni\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{F44EB735-A68A-4F30-B390-BAAEBBEB8027}C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Block) C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{79A2A722-FFCF-4ADE-9037-C9A6FD17786E}C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Block) C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{968D66CA-D16E-427A-8C75-27547954FAE4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{963AAD3F-0B6C-4948-8EF3-FBE7D87DCA19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0172753B-3480-489F-A51B-37EC6D29AB55}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C3BC95E-A7B3-4788-8B46-C5C0043E6AF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A0D849E1-CEDA-4AAB-A034-F2FE44F51B89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D0AC9A06-6308-425B-9BA6-7D066524B65A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E8B76FE0-C504-4372-A3B6-6D509830CF4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2015 00:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 00:09:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/14/2015 00:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x517f39a1
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x7fc
Čas spuštění chybující aplikace: 0xFuel.Service.exe0
Cesta k chybující aplikaci: Fuel.Service.exe1
Cesta k chybujícímu modulu: Fuel.Service.exe2
ID zprávy: Fuel.Service.exe3

Error: (06/14/2015 11:26:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 11:25:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/14/2015 11:24:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x517f39a1
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x6ac
Čas spuštění chybující aplikace: 0xFuel.Service.exe0
Cesta k chybující aplikaci: Fuel.Service.exe1
Cesta k chybujícímu modulu: Fuel.Service.exe2
ID zprávy: Fuel.Service.exe3

Error: (06/14/2015 11:03:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 11:02:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/14/2015 10:32:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program armoredwarfare.exe verze 3.5.1.974 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 944

Čas spuštění: 01d0a67958a5dced

Čas ukončení: 1618

Cesta k aplikaci: C:\MyGames\Armored Warfare MyCom Beta\Bin64\armoredwarfare.exe

ID hlášení:

Error: (06/14/2015 10:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/14/2015 00:08:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2015 00:04:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/14/2015 00:04:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/14/2015 00:04:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/14/2015 00:04:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/14/2015 00:04:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/14/2015 11:24:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2015 11:01:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (06/14/2015 11:01:03 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (06/14/2015 11:01:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069


Microsoft Office:
=========================
Error: (06/14/2015 00:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 00:09:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe

Error: (06/14/2015 00:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c17fc01d0a683fecedb47C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll47125a83-127d-11e5-8680-d43d7e916794

Error: (06/14/2015 11:26:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 11:25:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe

Error: (06/14/2015 11:24:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fuel.Service.exe1.0.0.0517f39a1Device.dll4.1.0.04f55e10bc000000500000000000033c16ac01d0a680c25e59e9C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll18f047cf-1277-11e5-8222-d43d7e916794

Error: (06/14/2015 11:03:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 11:02:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe

Error: (06/14/2015 10:32:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: armoredwarfare.exe3.5.1.97494401d0a67958a5dced1618C:\MyGames\Armored Warfare MyCom Beta\Bin64\armoredwarfare.exe

Error: (06/14/2015 10:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 4044.06 MB
Available physical RAM: 2602.1 MB
Total Pagefile: 8086.33 MB
Available Pagefile: 6099.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Nový svazek) (Fixed) (Total:298.09 GB) (Free:137.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7763D280)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of log ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  Folder: C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}
  C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}
  HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
  HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
  Startup: C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chaturbate Token Hack Generator 2015.lnk [2015-05-03]
  ShortcutTarget: Chaturbate Token Hack Generator 2015.lnk -> C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe (No File)
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  FF Extension: Ads Remover - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu [2015-05-10]
  FF Extension: Air Globe 1.0.1 - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\{16de1a5e-6c3d-4a29-8611-d373f21989ef}.xpi [2015-05-10]
  
  S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
  S3 MSICDSetup; \??\D:\CDriver64.sys [X]
  S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
  
  2015-06-14 12:23 - 2015-06-14 12:23 - 00015327 _____ C:\Users\Franni\Desktop\LM.bat
  2015-06-14 12:20 - 2015-06-14 12:23 - 00029696 _____ C:\Users\Franni\AppData\Local\MSGBOX.EXE
  2015-06-14 12:07 - 2015-06-14 11:52 - 00024064 _____ C:\Windows\zoek-delete.exe
  2015-06-14 11:53 - 2015-06-14 11:23 - 00000970 _____ C:\zoek-results2015-06-14-092340.log
  2015-06-14 11:21 - 2015-06-14 12:09 - 00031445 _____ C:\zoek-results.log
  2015-06-14 11:20 - 2015-06-14 12:05 - 00000000 ____D C:\zoek_backup
  2015-06-14 11:19 - 2015-06-14 11:19 - 01308672 _____ C:\Users\Franni\Desktop\zoek.exe
  2015-06-14 10:00 - 2015-06-14 10:00 - 02231296 _____ C:\Users\Franni\Downloads\adwcleaner_4.206.exe
  2015-06-14 09:11 - 2015-06-14 09:11 - 00000000 ____D C:\rsit
  2015-06-14 09:10 - 2015-06-14 09:10 - 01222144 _____ C:\Users\Franni\Downloads\RSITx64.exe
  2015-05-18 19:59 - 2015-05-18 19:59 - 00884271 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (2).exe.opdownload
  2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204.exe
  2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (1).exe
  2015-05-18 19:09 - 2015-05-18 19:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Franni\Downloads\hijackthis.exe
  2015-05-18 19:09 - 2015-05-18 19:09 - 00011829 _____ C:\Users\Franni\Downloads\hijackthis.log
  2015-05-17 23:58 - 2015-06-14 09:18 - 0000024 _____ () C:\Users\Franni\AppData\Roaming\appdataFr25.bin
  2008-01-01 01:11 - 2008-01-01 01:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  
  Task: {2C7AC0E0-5A31-4470-8BAE-E163194C59BA} - System32\Tasks\{4865DDEF-75EB-49C0-9FAB-B4B3FAB78647} => pcalua.exe -a C:\Users\Franni\Downloads\AD1988_VISTA_61016180\AsusSetup.exe -d C:\Users\Franni\Downloads\AD1988_VISTA_61016180
  Task: {346FA9CF-41EE-4158-BF02-3B9A86B95076} - \Search-Protect No Task File <==== ATTENTION
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  End

[franni]

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Franni at 2015-06-14 12:47:36 Run:1
Running from C:\Users\Franni\Desktop
Loaded Profiles: Franni (Available Profiles: Franni)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}
C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Franni\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Franni\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
Startup: C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chaturbate Token Hack Generator 2015.lnk [2015-05-03]
ShortcutTarget: Chaturbate Token Hack Generator 2015.lnk -> C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: Ads Remover - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu [2015-05-10]
FF Extension: Air Globe 1.0.1 - C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\{16de1a5e-6c3d-4a29-8611-d373f21989ef}.xpi [2015-05-10]

S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

2015-06-14 12:23 - 2015-06-14 12:23 - 00015327 _____ C:\Users\Franni\Desktop\LM.bat
2015-06-14 12:20 - 2015-06-14 12:23 - 00029696 _____ C:\Users\Franni\AppData\Local\MSGBOX.EXE
2015-06-14 12:07 - 2015-06-14 11:52 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-14 11:53 - 2015-06-14 11:23 - 00000970 _____ C:\zoek-results2015-06-14-092340.log
2015-06-14 11:21 - 2015-06-14 12:09 - 00031445 _____ C:\zoek-results.log
2015-06-14 11:20 - 2015-06-14 12:05 - 00000000 ____D C:\zoek_backup
2015-06-14 11:19 - 2015-06-14 11:19 - 01308672 _____ C:\Users\Franni\Desktop\zoek.exe
2015-06-14 10:00 - 2015-06-14 10:00 - 02231296 _____ C:\Users\Franni\Downloads\adwcleaner_4.206.exe
2015-06-14 09:11 - 2015-06-14 09:11 - 00000000 ____D C:\rsit
2015-06-14 09:10 - 2015-06-14 09:10 - 01222144 _____ C:\Users\Franni\Downloads\RSITx64.exe
2015-05-18 19:59 - 2015-05-18 19:59 - 00884271 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (2).exe.opdownload
2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204.exe
2015-05-18 19:13 - 2015-05-18 19:13 - 02209792 _____ C:\Users\Franni\Downloads\adwcleaner_4.204 (1).exe
2015-05-18 19:09 - 2015-05-18 19:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Franni\Downloads\hijackthis.exe
2015-05-18 19:09 - 2015-05-18 19:09 - 00011829 _____ C:\Users\Franni\Downloads\hijackthis.log
2015-05-17 23:58 - 2015-06-14 09:18 - 0000024 _____ () C:\Users\Franni\AppData\Roaming\appdataFr25.bin
2008-01-01 01:11 - 2008-01-01 01:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Task: {2C7AC0E0-5A31-4470-8BAE-E163194C59BA} - System32\Tasks\{4865DDEF-75EB-49C0-9FAB-B4B3FAB78647} => pcalua.exe -a C:\Users\Franni\Downloads\AD1988_VISTA_61016180\AsusSetup.exe -d C:\Users\Franni\Downloads\AD1988_VISTA_61016180
Task: {346FA9CF-41EE-4158-BF02-3B9A86B95076} - \Search-Protect No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************

Processes closed successfully.

========================= Folder: C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf} ========================

folder not found
"C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}" => File/Folder not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1648820562-2695445354-3781568532-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
C:\Users\Franni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chaturbate Token Hack Generator 2015.lnk => moved successfully.
C:\ProgramData\{a6cce5b3-c0a3-a1b6-a6cc-ce5b3c0a96cf}\Chaturbate Token Hack Generator 2015.exe not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\cbbpncilqvghu_awjt@bbdjr_umgqahitze.edu => moved successfully.
C:\Users\Franni\AppData\Roaming\Mozilla\Firefox\Profiles\r4uehmnr.default\Extensions\{16de1a5e-6c3d-4a29-8611-d373f21989ef}.xpi => moved successfully.
ADIHdAudAddService => Service removed successfully
MSICDSetup => Service removed successfully
NTIOLib_1_0_C => Service removed successfully
C:\Users\Franni\Desktop\LM.bat => moved successfully.
C:\Users\Franni\AppData\Local\MSGBOX.EXE => moved successfully.
C:\Windows\zoek-delete.exe => moved successfully.
C:\zoek-results2015-06-14-092340.log => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\Franni\Desktop\zoek.exe => moved successfully.
C:\Users\Franni\Downloads\adwcleaner_4.206.exe => moved successfully.
C:\rsit => moved successfully.
C:\Users\Franni\Downloads\RSITx64.exe => moved successfully.
C:\Users\Franni\Downloads\adwcleaner_4.204 (2).exe.opdownload => moved successfully.
C:\Users\Franni\Downloads\adwcleaner_4.204.exe => moved successfully.
C:\Users\Franni\Downloads\adwcleaner_4.204 (1).exe => moved successfully.
C:\Users\Franni\Downloads\hijackthis.exe => moved successfully.
C:\Users\Franni\Downloads\hijackthis.log => moved successfully.
C:\Users\Franni\AppData\Roaming\appdataFr25.bin => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C7AC0E0-5A31-4470-8BAE-E163194C59BA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C7AC0E0-5A31-4470-8BAE-E163194C59BA}" => key removed successfully
C:\Windows\System32\Tasks\{4865DDEF-75EB-49C0-9FAB-B4B3FAB78647} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4865DDEF-75EB-49C0-9FAB-B4B3FAB78647}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{346FA9CF-41EE-4158-BF02-3B9A86B95076}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{346FA9CF-41EE-4158-BF02-3B9A86B95076}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Search-Protect" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.


The system needed a reboot..

==== End of Fixlog 12:47:40 ====