Zdravím, prosím o kontrolu. PC občas úplně zamrzne i při přechodu z idle stavu třeba jenom do prohlížeče a to i přes poměrně výkonný hardware. Zkoušel jsem různé programy na hledání malware a podobně, ale problém nepřestal po kontrole nepřestal/řešení.
Děkuji za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jura (administrator) on JURA-OPPC on 18-06-2015 17:44:58
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Ovislink Corp.) C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe
(Dropbox, Inc.) C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-11] (Valve Corporation)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [ApowersoftScreenCapture] => C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe /autoStart
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Dropbox Update] => C:\Users\Jura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AirLive 802.11G Wireless Utility.lnk [2015-05-30]
ShortcutTarget: AirLive 802.11G Wireless Utility.lnk -> C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe (Ovislink Corp.)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-06-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-06-06] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-06] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-06] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-27] ()
FF Extension: Adblock Plus - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-05]
CHR Extension: (Google Slides) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-05]
CHR Extension: (Google Docs) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-05]
CHR Extension: (Google Drive) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-05]
CHR Extension: (YouTube) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05]
CHR Extension: (Adblock Plus) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-10]
CHR Extension: (Google Search) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Google Sheets) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-05]
CHR Extension: (http://soundation.com/studio) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdimlpfnnmafbimfmhdapndglhpciip [2015-01-05]
CHR Extension: (AdBlock) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-05]
CHR Extension: (Cut the Rope) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-01-05]
CHR Extension: (Avast Online Security) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-10]
CHR Extension: (Black Black Chrome Theme Blue Highlight) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpkblfdnephakmjpldlhjpcblifmojn [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-06] (AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Hry\Origin\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 MySQ42; C:\ProgramData\MySQL\MySQL Server 5.7\my.ini [13861 2014-09-20] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-28] (Electronic Arts)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe [185632 2009-12-15] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe [212256 2009-12-15] (Ralink Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-10-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 leusbser; C:\Windows\System32\DRIVERS\leusbser.sys [238080 2013-08-01] (QUALCOMM Incorporated)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-15] (Visicom Media Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-15] (Visicom Media Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 ALSysIO; \??\C:\Users\Jura\AppData\Local\Temp\ALSysIO64.sys [X]
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:44 - 2015-06-18 17:45 - 00024798 _____ C:\Users\Jura\Desktop\FRST.txt
2015-06-18 17:37 - 2015-06-18 17:44 - 00000000 ____D C:\FRST
2015-06-18 17:37 - 2015-06-18 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
2015-06-18 17:32 - 2015-06-18 17:32 - 02109952 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2015-06-18 17:29 - 2015-06-18 17:29 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-06-17 16:56 - 2015-06-17 23:01 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA.job
2015-06-17 16:56 - 2015-06-17 17:01 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core.job
2015-06-17 16:56 - 2015-06-17 16:56 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA
2015-06-17 16:56 - 2015-06-17 16:56 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Local\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-13 21:07 - 2015-06-14 22:34 - 00000000 ____D C:\Users\Jura\Documents\Syberia Saves
2015-06-13 18:30 - 2015-06-13 18:30 - 00000836 _____ C:\Users\Jura\Desktop\Syberia 2.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000819 _____ C:\Users\Jura\Desktop\Syberia.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Syberia - Gold Edition
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-11 23:34 - 2015-06-11 23:46 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unity
2015-06-11 23:34 - 2015-06-11 23:43 - 00000000 ____D C:\ProgramData\Unity
2015-06-11 23:30 - 2015-06-11 23:30 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2015-06-11 23:27 - 2015-06-11 23:34 - 00000000 ____D C:\Users\Jura\AppData\Local\Unity
2015-06-11 23:27 - 2015-06-11 23:27 - 00000748 _____ C:\Users\Public\Desktop\Unity 5.1.0f3 (64-bit).lnk
2015-06-11 23:27 - 2015-06-11 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit)
2015-06-10 16:32 - 2015-06-10 16:34 - 00000000 ____D C:\Users\Jura\Documents\3DMark 11
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\IsolatedStorage
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\Futuremark
2015-06-10 16:30 - 2015-06-10 18:32 - 00018814 _____ C:\Windows\DirectX.log
2015-06-10 16:30 - 2015-06-10 16:30 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-06-10 15:35 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:35 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:35 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:35 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:35 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:35 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:35 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:35 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:35 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:35 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:35 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:34 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:34 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:34 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:34 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:30 - 2015-06-10 15:30 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngineLauncher
2015-06-09 17:32 - 2015-06-18 17:06 - 00884266 _____ C:\Windows\PFRO.log
2015-06-08 23:40 - 2015-06-08 23:40 - 00000988 _____ C:\Users\Jura\Desktop\Bandicam.lnk
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\Documents\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BANDISOFT
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-06-08 22:31 - 2015-06-08 22:31 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealHeaderTool
2015-06-05 09:35 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 09:35 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 09:35 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 11:18 - 2015-06-18 17:06 - 00003360 _____ C:\Windows\setupact.log
2015-06-02 11:18 - 2015-06-02 11:18 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 11:14 - 2015-06-02 11:14 - 00042778 _____ C:\Users\Jura\Documents\cc_20150602_111359.reg
2015-06-01 20:31 - 2015-06-01 20:31 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Apowersoft
2015-06-01 20:10 - 2015-06-08 23:41 - 00000000 ____D C:\Users\Jura\Documents\Unreal Projects
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unreal Engine
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngine
2015-06-01 19:43 - 2015-06-10 15:30 - 00000000 ____D C:\ProgramData\Epic
2015-06-01 19:43 - 2015-06-01 19:45 - 00000000 ____D C:\Program Files\Epic Games
2015-06-01 19:43 - 2015-06-01 19:43 - 00001200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00001188 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\Users\Jura\AppData\Local\EpicGamesLauncher
2015-05-31 00:53 - 2015-05-31 00:53 - 00000000 ____D C:\ProgramData\Ralink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Users\Jura\AppData\Roaming\InstallShield
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirLive 802.11G Wireless
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\AirLive Driver
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Ovislink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-05-30 16:45 - 2009-12-10 11:16 - 02061600 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01590560 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2015-05-27 19:05 - 2015-05-27 19:06 - 00014336 ___SH C:\Users\Jura\Documents\Thumbs.db
2015-05-27 15:42 - 2015-05-31 00:53 - 00002740 _____ C:\Windows\system32\RaCoInst.log
2015-05-27 15:38 - 2010-04-08 11:14 - 00446304 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr6164.sys
2015-05-22 21:37 - 2015-06-01 21:39 - 00000139 _____ C:\Users\Jura\Desktop\byteček.txt
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\Program Files\AutoHotkey
2015-05-19 19:30 - 2015-05-19 19:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\com.playsaurus.heroclicker
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:44 - 2014-06-06 18:05 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Skype
2015-06-18 17:34 - 2015-01-05 16:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 17:28 - 2014-12-07 19:34 - 00004972 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jura-OPPC-Jura Jura-OPPC
2015-06-18 17:14 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 17:14 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 17:13 - 2009-07-14 07:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-18 17:09 - 2014-06-06 17:08 - 01773298 _____ C:\Windows\WindowsUpdate.log
2015-06-18 17:06 - 2015-03-08 22:30 - 00000000 ___RD C:\Users\Jura\Disk Google
2015-06-18 17:06 - 2015-01-05 16:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 17:06 - 2014-06-06 20:02 - 00000000 ___RD C:\Users\Jura\Dropbox
2015-06-18 17:06 - 2014-06-06 20:01 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Dropbox
2015-06-18 17:06 - 2014-06-06 18:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-18 17:06 - 2014-06-06 17:56 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-18 17:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 23:55 - 2014-06-09 10:53 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BitTorrent
2015-06-17 23:04 - 2014-06-06 18:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 17:32 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-13 21:07 - 2014-09-16 19:19 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-13 18:20 - 2014-06-08 19:32 - 00000000 ____D C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
2015-06-13 11:35 - 2015-03-08 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-12 20:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 22:17 - 2009-07-14 06:45 - 00477280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 00:01 - 2014-06-13 08:50 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 23:57 - 2014-06-13 08:50 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 17:41 - 2014-06-06 17:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-09 22:13 - 2015-05-08 02:52 - 00000000 ____D C:\Users\Jura\AppData\Local\The Witcher
2015-06-09 22:04 - 2014-06-06 18:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:04 - 2014-06-06 18:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 22:04 - 2014-06-06 18:18 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-08 22:32 - 2014-10-02 21:25 - 00000000 ____D C:\Users\Jura\Documents\Visual Studio 2013
2015-06-08 16:25 - 2014-09-17 16:50 - 00000000 ____D C:\Users\Jura\AppData\Local\Greenshot
2015-06-06 11:56 - 2014-12-14 04:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 11:56 - 2014-06-13 14:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 21:38 - 2015-05-14 19:47 - 00000000 ___RD C:\Users\Jura\Desktop\SZZ
2015-06-02 11:10 - 2014-06-22 09:14 - 00000000 ____D C:\Program Files\CCleaner
2015-05-27 15:42 - 2015-05-13 18:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 11:15 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 17:41 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2015-05-19 16:18 - 2014-06-09 20:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
==================== Files in the root of some directories =======
2014-07-11 20:54 - 2014-07-11 20:54 - 0000099 _____ () C:\Users\Jura\AppData\Roaming\LauncherSettings_live.cfg
2014-11-20 07:16 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\Jura\AppData\Roaming\libcurl.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\libeay32.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\Jura\AppData\Roaming\libgcc_s_dw2-1.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\Jura\AppData\Roaming\libidn-11.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\Jura\AppData\Roaming\libpdcurses.dll
2014-11-20 07:16 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\Jura\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2014-11-20 07:16 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\Jura\AppData\Roaming\nircmd.exe
2014-11-20 07:16 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\Jura\AppData\Roaming\pthreadGC2.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\ssleay32.dll
2014-11-22 09:44 - 2014-11-22 09:44 - 2517752 _____ () C:\Users\Jura\AppData\Roaming\x11modPitcairnglg2tc10624w256l4.bin
2014-11-20 07:16 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\Jura\AppData\Roaming\zlib1.dll
2014-06-20 16:49 - 2014-06-20 16:49 - 0003584 _____ () C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-17 21:12 - 2014-12-17 21:12 - 0003246 _____ () C:\Users\Jura\AppData\Local\recently-used.xbel
2014-06-22 07:07 - 2014-06-22 07:07 - 0000017 _____ () C:\Users\Jura\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
C:\Users\Jura\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jura\AppData\Local\Temp\bdfilters.dll
C:\Users\Jura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjuhdx3.dll
C:\Users\Jura\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 18:42
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:119.24 GB) (Free:29.52 GB) NTFS
Drive d: (LAIR OF INFINITE AGONY) (Fixed) (Total:931.41 GB) (Free:423.11 GB) NTFS
Drive f: (My Essential Passport) (Fixed) (Total:931.48 GB) (Free:607.63 GB) NTFS
Available physical RAM: 5407.09 MB
Total physical RAM: 8140.04 MB
Percentage of memory in use: 33%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 794B2FEF)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 794B2FF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=OF Extended)
Disk: 2 (Size: 931.5 GB) (Disk ID: B966A755)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core.job => C:\Users\Jura\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA.job => C:\Users\Jura\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Jura\Desktop\SZZ:com.dropbox.attributes
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jura\Desktop" je 19 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
"C:\Users\Jura\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelaypluginInstall
C:\ProgramData\Aimersoft\Video Converter Ultimate\DelayPluginI.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher
"C:\Program Files\Zune\ZuneLauncher.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jura^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.lnk
C:\Users\Jura\AppData\Local\vghd\bin\vghd.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu FRST logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
prosím o kontrolu FRST logu
- Přílohy
-
- Addition.rar
- (18.73 KiB) Staženo 52 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu FRST logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu FRST logu
Log s AdwCleaneru:
# AdwCleaner v4.206 - Logfile created 18/06/2015 at 18:53:38
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Jura - JURA-OPPC
# Running from : C:\Users\Jura\Desktop\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : mcaudrv_simple
[#] Service Deleted : ManyCam
***** [ Files / Folders ] *****
File Deleted : C:\Windows\System32\drivers\mcaudrv_x64.sys
File Deleted : C:\Windows\System32\drivers\mcvidrv.sys
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v
-\\ Google Chrome v43.0.2357.124
[C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :
[C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 80F5B7CF8F002F14C7B09771B9E4A1CCD4B2B6F40733E65856CE026E6DCFA4EF"},"software_reporter":{"prompt_reason":"0DA4E1E37909D8907D4CCE7E8FCEAA369BF3E45F8887974052ADB2A57937DC0F","prompt_seed":"4AAFCABF5E19DAFBA44F5E517FFADBA2AA14F74A265F9271B1806712B512C565","prompt_version":"D622EEE2FE5D9B1C4A4AAAD3F7399134E05CCC122E4457BAD09CD188C2B20F52"},"sync":{"remaining_rollback_tries":"E680BE4AB604A316A5BD1D652BE33AA39A09141EB8E514B16652E0EF2B32C2ED"}},"super_mac":"D3187EB00F130839287FD5FE799BE39CA925C0ECAD2AB99E8D705629B983B291"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://isearch.avg.com/?cid={AE8020A9-78D1-44A3-A764-52C8B2068172}&mid=f2b9d51d9b7747d09af0cd0290ff3884-27f5d67381ba7f3782b593e356d2de384b7a5134&lang=cs&ds=gm011&pr=sa&d=2013-01-17 00:37:19&v=13.2.0.4&sap=hp
*************************
AdwCleaner[R0].txt - [4034 bytes] - [13/05/2015 18:21:21]
AdwCleaner[R1].txt - [7488 bytes] - [18/06/2015 18:48:22]
AdwCleaner[S0].txt - [4132 bytes] - [13/05/2015 18:23:21]
AdwCleaner[S1].txt - [1995 bytes] - [18/06/2015 18:53:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2054 bytes] ##########
# AdwCleaner v4.206 - Logfile created 18/06/2015 at 18:53:38
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Jura - JURA-OPPC
# Running from : C:\Users\Jura\Desktop\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : mcaudrv_simple
[#] Service Deleted : ManyCam
***** [ Files / Folders ] *****
File Deleted : C:\Windows\System32\drivers\mcaudrv_x64.sys
File Deleted : C:\Windows\System32\drivers\mcvidrv.sys
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v
-\\ Google Chrome v43.0.2357.124
[C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :
[C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 80F5B7CF8F002F14C7B09771B9E4A1CCD4B2B6F40733E65856CE026E6DCFA4EF"},"software_reporter":{"prompt_reason":"0DA4E1E37909D8907D4CCE7E8FCEAA369BF3E45F8887974052ADB2A57937DC0F","prompt_seed":"4AAFCABF5E19DAFBA44F5E517FFADBA2AA14F74A265F9271B1806712B512C565","prompt_version":"D622EEE2FE5D9B1C4A4AAAD3F7399134E05CCC122E4457BAD09CD188C2B20F52"},"sync":{"remaining_rollback_tries":"E680BE4AB604A316A5BD1D652BE33AA39A09141EB8E514B16652E0EF2B32C2ED"}},"super_mac":"D3187EB00F130839287FD5FE799BE39CA925C0ECAD2AB99E8D705629B983B291"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://isearch.avg.com/?cid={AE8020A9-78D1-44A3-A764-52C8B2068172}&mid=f2b9d51d9b7747d09af0cd0290ff3884-27f5d67381ba7f3782b593e356d2de384b7a5134&lang=cs&ds=gm011&pr=sa&d=2013-01-17 00:37:19&v=13.2.0.4&sap=hp
*************************
AdwCleaner[R0].txt - [4034 bytes] - [13/05/2015 18:21:21]
AdwCleaner[R1].txt - [7488 bytes] - [18/06/2015 18:48:22]
AdwCleaner[S0].txt - [4132 bytes] - [13/05/2015 18:23:21]
AdwCleaner[S1].txt - [1995 bytes] - [18/06/2015 18:53:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2054 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu FRST logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu FRST logu
Nový FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jura (administrator) on JURA-OPPC on 18-06-2015 20:18:15
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Ovislink Corp.) C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe
(Dropbox, Inc.) C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Skype Technologies S.A.) D:\Programs\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-05-18] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3448832 2015-06-17] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-11] (Valve Corporation)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [ApowersoftScreenCapture] => C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe /autoStart
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Dropbox Update] => C:\Users\Jura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AirLive 802.11G Wireless Utility.lnk [2015-05-30]
ShortcutTarget: AirLive 802.11G Wireless Utility.lnk -> C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe (Ovislink Corp.)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-06-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-06-06] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-06] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-06] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-27] ()
FF Extension: Adblock Plus - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-18]
CHR Extension: (Black Black Chrome Theme Blue Highlight) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpkblfdnephakmjpldlhjpcblifmojn [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-06] (AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Hry\Origin\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1737384 2015-06-15] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
R2 MySQ42; C:\ProgramData\MySQL\MySQL Server 5.7\my.ini [13861 2014-09-20] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-28] (Electronic Arts)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe [185632 2009-12-15] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe [212256 2009-12-15] (Ralink Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-10-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 leusbser; C:\Windows\System32\DRIVERS\leusbser.sys [238080 2013-08-01] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 ALSysIO; \??\C:\Users\Jura\AppData\Local\Temp\ALSysIO64.sys [X]
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 20:18 - 2015-06-18 20:18 - 00029696 _____ C:\Users\Jura\AppData\Local\MSGBOX.EXE
2015-06-18 20:18 - 2015-06-18 20:18 - 00024002 _____ C:\Users\Jura\Desktop\FRST.txt
2015-06-18 20:18 - 2015-06-18 20:18 - 00015327 _____ C:\Users\Jura\Desktop\LM.bat
2015-06-18 20:15 - 2015-06-18 20:15 - 00003026 _____ C:\Windows\System32\Tasks\RTSS
2015-06-18 19:31 - 2015-06-18 19:50 - 00003022 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-06-18 19:27 - 2015-06-18 20:15 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-18 19:27 - 2015-06-18 19:27 - 00001086 _____ C:\Users\Jura\Desktop\MSI Afterburner.lnk
2015-06-18 19:27 - 2015-06-18 19:27 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-06-18 19:27 - 2015-06-18 19:27 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-06-18 19:26 - 2015-06-18 20:15 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-18 19:22 - 2015-06-18 19:22 - 00001149 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2015-06-18 19:18 - 2015-06-18 19:18 - 00002031 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2015-06-18 19:18 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2015-06-18 19:17 - 2015-06-18 19:18 - 00000000 ____D C:\MSI
2015-06-18 19:17 - 2015-06-18 19:17 - 00002063 _____ C:\Users\Public\Desktop\MSI Super Charger.lnk
2015-06-18 19:16 - 2011-09-14 18:16 - 00032360 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2015-06-18 19:14 - 2015-06-18 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-06-18 19:14 - 2015-06-18 19:14 - 00001158 _____ C:\Users\Public\Desktop\CLICKBIOSII.lnk
2015-06-18 18:55 - 2015-06-18 18:55 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-06-18 18:46 - 2015-06-18 18:46 - 02231296 _____ C:\Users\Jura\Desktop\adwcleaner_4.206.exe
2015-06-18 17:53 - 2015-06-18 17:53 - 00019181 _____ C:\Users\Jura\Desktop\Addition.rar
2015-06-18 17:46 - 2015-06-18 17:46 - 00061812 _____ C:\Users\Jura\Desktop\FRST3.txt
2015-06-18 17:37 - 2015-06-18 20:18 - 00000000 ____D C:\FRST
2015-06-18 17:37 - 2015-06-18 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
2015-06-18 17:32 - 2015-06-18 17:32 - 02109952 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2015-06-17 16:56 - 2015-06-18 20:01 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA.job
2015-06-17 16:56 - 2015-06-17 17:01 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core.job
2015-06-17 16:56 - 2015-06-17 16:56 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA
2015-06-17 16:56 - 2015-06-17 16:56 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Local\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-13 21:07 - 2015-06-14 22:34 - 00000000 ____D C:\Users\Jura\Documents\Syberia Saves
2015-06-13 18:30 - 2015-06-13 18:30 - 00000836 _____ C:\Users\Jura\Desktop\Syberia 2.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000819 _____ C:\Users\Jura\Desktop\Syberia.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Syberia - Gold Edition
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-11 23:34 - 2015-06-11 23:46 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unity
2015-06-11 23:34 - 2015-06-11 23:43 - 00000000 ____D C:\ProgramData\Unity
2015-06-11 23:30 - 2015-06-11 23:30 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2015-06-11 23:27 - 2015-06-11 23:34 - 00000000 ____D C:\Users\Jura\AppData\Local\Unity
2015-06-11 23:27 - 2015-06-11 23:27 - 00000748 _____ C:\Users\Public\Desktop\Unity 5.1.0f3 (64-bit).lnk
2015-06-11 23:27 - 2015-06-11 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit)
2015-06-10 16:32 - 2015-06-10 16:34 - 00000000 ____D C:\Users\Jura\Documents\3DMark 11
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\IsolatedStorage
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\Futuremark
2015-06-10 16:30 - 2015-06-10 18:32 - 00018814 _____ C:\Windows\DirectX.log
2015-06-10 16:30 - 2015-06-10 16:30 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-06-10 15:35 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:35 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:35 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:35 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:35 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:35 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:35 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:35 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:35 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:35 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:35 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:34 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:34 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:34 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:34 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:30 - 2015-06-10 15:30 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngineLauncher
2015-06-09 17:32 - 2015-06-18 18:54 - 00944136 _____ C:\Windows\PFRO.log
2015-06-08 23:40 - 2015-06-08 23:40 - 00000988 _____ C:\Users\Jura\Desktop\Bandicam.lnk
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\Documents\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BANDISOFT
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-06-08 22:31 - 2015-06-08 22:31 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealHeaderTool
2015-06-05 09:35 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 09:35 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 09:35 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 11:18 - 2015-06-18 19:27 - 00003584 _____ C:\Windows\setupact.log
2015-06-02 11:18 - 2015-06-02 11:18 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 11:14 - 2015-06-02 11:14 - 00042778 _____ C:\Users\Jura\Documents\cc_20150602_111359.reg
2015-06-01 20:31 - 2015-06-01 20:31 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Apowersoft
2015-06-01 20:10 - 2015-06-08 23:41 - 00000000 ____D C:\Users\Jura\Documents\Unreal Projects
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unreal Engine
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngine
2015-06-01 19:43 - 2015-06-10 15:30 - 00000000 ____D C:\ProgramData\Epic
2015-06-01 19:43 - 2015-06-01 19:45 - 00000000 ____D C:\Program Files\Epic Games
2015-06-01 19:43 - 2015-06-01 19:43 - 00001200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00001188 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\Users\Jura\AppData\Local\EpicGamesLauncher
2015-05-31 00:53 - 2015-05-31 00:53 - 00000000 ____D C:\ProgramData\Ralink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Users\Jura\AppData\Roaming\InstallShield
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirLive 802.11G Wireless
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\AirLive Driver
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Ovislink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-05-30 16:45 - 2009-12-10 11:16 - 02061600 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01590560 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2015-05-27 19:05 - 2015-05-27 19:06 - 00014336 ___SH C:\Users\Jura\Documents\Thumbs.db
2015-05-27 15:42 - 2015-05-31 00:53 - 00002740 _____ C:\Windows\system32\RaCoInst.log
2015-05-27 15:38 - 2010-04-08 11:14 - 00446304 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr6164.sys
2015-05-22 21:37 - 2015-06-01 21:39 - 00000139 _____ C:\Users\Jura\Desktop\byteček.txt
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\Program Files\AutoHotkey
2015-05-19 19:30 - 2015-05-19 19:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\com.playsaurus.heroclicker
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 20:16 - 2014-06-06 18:05 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Skype
2015-06-18 20:04 - 2014-06-06 18:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-18 19:47 - 2014-06-06 18:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-18 19:34 - 2015-01-05 16:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 19:22 - 2015-01-11 16:50 - 00000000 ____D C:\Program Files (x86)\MSI
2015-06-18 19:19 - 2014-06-06 17:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-18 19:19 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 19:19 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 19:15 - 2014-12-07 19:34 - 00004972 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jura-OPPC-Jura Jura-OPPC
2015-06-18 19:00 - 2009-07-14 07:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-18 18:57 - 2014-06-06 17:08 - 01789327 _____ C:\Windows\WindowsUpdate.log
2015-06-18 18:54 - 2015-03-08 22:30 - 00000000 ___RD C:\Users\Jura\Disk Google
2015-06-18 18:54 - 2015-01-05 16:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 18:54 - 2014-06-06 20:02 - 00000000 ___RD C:\Users\Jura\Dropbox
2015-06-18 18:54 - 2014-06-06 20:01 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Dropbox
2015-06-18 18:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-18 18:53 - 2015-05-13 18:21 - 00000000 ____D C:\AdwCleaner
2015-06-18 17:47 - 2014-06-06 17:56 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-17 23:55 - 2014-06-09 10:53 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BitTorrent
2015-06-15 17:32 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-13 21:07 - 2014-09-16 19:19 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-13 18:20 - 2014-06-08 19:32 - 00000000 ____D C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
2015-06-13 11:35 - 2015-03-08 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-12 20:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 22:17 - 2009-07-14 06:45 - 00477280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 00:01 - 2014-06-13 08:50 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 23:57 - 2014-06-13 08:50 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 22:13 - 2015-05-08 02:52 - 00000000 ____D C:\Users\Jura\AppData\Local\The Witcher
2015-06-09 22:04 - 2014-06-06 18:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:04 - 2014-06-06 18:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 22:04 - 2014-06-06 18:18 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-08 22:32 - 2014-10-02 21:25 - 00000000 ____D C:\Users\Jura\Documents\Visual Studio 2013
2015-06-08 16:25 - 2014-09-17 16:50 - 00000000 ____D C:\Users\Jura\AppData\Local\Greenshot
2015-06-06 11:56 - 2014-12-14 04:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 11:56 - 2014-06-13 14:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 21:38 - 2015-05-14 19:47 - 00000000 ___RD C:\Users\Jura\Desktop\SZZ
2015-06-02 11:10 - 2014-06-22 09:14 - 00000000 ____D C:\Program Files\CCleaner
2015-05-27 15:42 - 2015-05-13 18:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 11:15 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 17:41 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2015-05-19 16:18 - 2014-06-09 20:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
==================== Files in the root of some directories =======
2014-07-11 20:54 - 2014-07-11 20:54 - 0000099 _____ () C:\Users\Jura\AppData\Roaming\LauncherSettings_live.cfg
2014-11-20 07:16 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\Jura\AppData\Roaming\libcurl.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\libeay32.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\Jura\AppData\Roaming\libgcc_s_dw2-1.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\Jura\AppData\Roaming\libidn-11.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\Jura\AppData\Roaming\libpdcurses.dll
2014-11-20 07:16 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\Jura\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2014-11-20 07:16 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\Jura\AppData\Roaming\nircmd.exe
2014-11-20 07:16 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\Jura\AppData\Roaming\pthreadGC2.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\ssleay32.dll
2014-11-22 09:44 - 2014-11-22 09:44 - 2517752 _____ () C:\Users\Jura\AppData\Roaming\x11modPitcairnglg2tc10624w256l4.bin
2014-11-20 07:16 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\Jura\AppData\Roaming\zlib1.dll
2014-06-20 16:49 - 2014-06-20 16:49 - 0003584 _____ () C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-18 20:18 - 2015-06-18 20:18 - 0029696 _____ () C:\Users\Jura\AppData\Local\MSGBOX.EXE
2014-12-17 21:12 - 2014-12-17 21:12 - 0003246 _____ () C:\Users\Jura\AppData\Local\recently-used.xbel
2014-06-22 07:07 - 2014-06-22 07:07 - 0000017 _____ () C:\Users\Jura\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
C:\Users\Jura\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jura\AppData\Local\Temp\bdfilters.dll
C:\Users\Jura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdmvsrb.dll
C:\Users\Jura\AppData\Local\Temp\Quarantine.exe
C:\Users\Jura\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jura\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 18:42
==================== End of log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jura (administrator) on JURA-OPPC on 18-06-2015 20:18:15
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Ovislink Corp.) C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe
(Dropbox, Inc.) C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Skype Technologies S.A.) D:\Programs\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-10-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-05-18] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3448832 2015-06-17] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-11] (Valve Corporation)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [ApowersoftScreenCapture] => C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Capture\Apowersoft Free Screen Capture.exe /autoStart
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\Run: [Dropbox Update] => C:\Users\Jura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AirLive 802.11G Wireless Utility.lnk [2015-05-30]
ShortcutTarget: AirLive 802.11G Wireless Utility.lnk -> C:\Program Files (x86)\Ovislink\Common\AirLiveUI.exe (Ovislink Corp.)
Startup: C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-06-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-06-06] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-06-06] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-06] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2014-08-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-08-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-638056861-2139263736-2926146729-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-27] ()
FF Extension: Adblock Plus - C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\c1pqxog7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-18]
CHR Extension: (Black Black Chrome Theme Blue Highlight) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpkblfdnephakmjpldlhjpcblifmojn [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-06] (AVAST Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Hry\Origin\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1737384 2015-06-15] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
R2 MySQ42; C:\ProgramData\MySQL\MySQL Server 5.7\my.ini [13861 2014-09-20] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-28] (Electronic Arts)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe [185632 2009-12-15] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe [212256 2009-12-15] (Ralink Technology, Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-10-23] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-08] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 leusbser; C:\Windows\System32\DRIVERS\leusbser.sys [238080 2013-08-01] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-27] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 ALSysIO; \??\C:\Users\Jura\AppData\Local\Temp\ALSysIO64.sys [X]
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 20:18 - 2015-06-18 20:18 - 00029696 _____ C:\Users\Jura\AppData\Local\MSGBOX.EXE
2015-06-18 20:18 - 2015-06-18 20:18 - 00024002 _____ C:\Users\Jura\Desktop\FRST.txt
2015-06-18 20:18 - 2015-06-18 20:18 - 00015327 _____ C:\Users\Jura\Desktop\LM.bat
2015-06-18 20:15 - 2015-06-18 20:15 - 00003026 _____ C:\Windows\System32\Tasks\RTSS
2015-06-18 19:31 - 2015-06-18 19:50 - 00003022 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-06-18 19:27 - 2015-06-18 20:15 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-18 19:27 - 2015-06-18 19:27 - 00001086 _____ C:\Users\Jura\Desktop\MSI Afterburner.lnk
2015-06-18 19:27 - 2015-06-18 19:27 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-06-18 19:27 - 2015-06-18 19:27 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-06-18 19:26 - 2015-06-18 20:15 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-18 19:22 - 2015-06-18 19:22 - 00001149 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2015-06-18 19:18 - 2015-06-18 19:18 - 00002031 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2015-06-18 19:18 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2015-06-18 19:17 - 2015-06-18 19:18 - 00000000 ____D C:\MSI
2015-06-18 19:17 - 2015-06-18 19:17 - 00002063 _____ C:\Users\Public\Desktop\MSI Super Charger.lnk
2015-06-18 19:16 - 2011-09-14 18:16 - 00032360 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2015-06-18 19:14 - 2015-06-18 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-06-18 19:14 - 2015-06-18 19:14 - 00001158 _____ C:\Users\Public\Desktop\CLICKBIOSII.lnk
2015-06-18 18:55 - 2015-06-18 18:55 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-06-18 18:46 - 2015-06-18 18:46 - 02231296 _____ C:\Users\Jura\Desktop\adwcleaner_4.206.exe
2015-06-18 17:53 - 2015-06-18 17:53 - 00019181 _____ C:\Users\Jura\Desktop\Addition.rar
2015-06-18 17:46 - 2015-06-18 17:46 - 00061812 _____ C:\Users\Jura\Desktop\FRST3.txt
2015-06-18 17:37 - 2015-06-18 20:18 - 00000000 ____D C:\FRST
2015-06-18 17:37 - 2015-06-18 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jura\Desktop\FRSTLauncher.exe
2015-06-18 17:32 - 2015-06-18 17:32 - 02109952 _____ (Farbar) C:\Users\Jura\Desktop\FRST64.exe
2015-06-17 16:56 - 2015-06-18 20:01 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA.job
2015-06-17 16:56 - 2015-06-17 17:01 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core.job
2015-06-17 16:56 - 2015-06-17 16:56 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000UA
2015-06-17 16:56 - 2015-06-17 16:56 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-638056861-2139263736-2926146729-1000Core
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\Users\Jura\AppData\Local\Dropbox
2015-06-17 16:56 - 2015-06-17 16:56 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-13 21:07 - 2015-06-14 22:34 - 00000000 ____D C:\Users\Jura\Documents\Syberia Saves
2015-06-13 18:30 - 2015-06-13 18:30 - 00000836 _____ C:\Users\Jura\Desktop\Syberia 2.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000819 _____ C:\Users\Jura\Desktop\Syberia.lnk
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Syberia - Gold Edition
2015-06-13 18:30 - 2015-06-13 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-11 23:34 - 2015-06-11 23:46 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unity
2015-06-11 23:34 - 2015-06-11 23:43 - 00000000 ____D C:\ProgramData\Unity
2015-06-11 23:30 - 2015-06-11 23:30 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2015-06-11 23:27 - 2015-06-11 23:34 - 00000000 ____D C:\Users\Jura\AppData\Local\Unity
2015-06-11 23:27 - 2015-06-11 23:27 - 00000748 _____ C:\Users\Public\Desktop\Unity 5.1.0f3 (64-bit).lnk
2015-06-11 23:27 - 2015-06-11 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit)
2015-06-10 16:32 - 2015-06-10 16:34 - 00000000 ____D C:\Users\Jura\Documents\3DMark 11
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\IsolatedStorage
2015-06-10 16:32 - 2015-06-10 16:32 - 00000000 ____D C:\Users\Jura\AppData\Local\Futuremark
2015-06-10 16:30 - 2015-06-10 18:32 - 00018814 _____ C:\Windows\DirectX.log
2015-06-10 16:30 - 2015-06-10 16:30 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-06-10 15:35 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:35 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:35 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:35 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:35 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:35 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:35 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:35 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:35 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:35 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:35 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:35 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:35 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:35 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:35 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:35 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:35 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:35 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:35 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:35 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:35 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:35 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:34 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:34 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:34 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:34 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:30 - 2015-06-10 15:30 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngineLauncher
2015-06-09 17:32 - 2015-06-18 18:54 - 00944136 _____ C:\Windows\PFRO.log
2015-06-08 23:40 - 2015-06-08 23:40 - 00000988 _____ C:\Users\Jura\Desktop\Bandicam.lnk
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\Documents\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BANDISOFT
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-06-08 23:40 - 2015-06-08 23:40 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-06-08 22:31 - 2015-06-08 22:31 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealHeaderTool
2015-06-05 09:35 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 09:35 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 09:35 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 09:35 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 11:18 - 2015-06-18 19:27 - 00003584 _____ C:\Windows\setupact.log
2015-06-02 11:18 - 2015-06-02 11:18 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 11:14 - 2015-06-02 11:14 - 00042778 _____ C:\Users\Jura\Documents\cc_20150602_111359.reg
2015-06-01 20:31 - 2015-06-01 20:31 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Apowersoft
2015-06-01 20:10 - 2015-06-08 23:41 - 00000000 ____D C:\Users\Jura\Documents\Unreal Projects
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Unreal Engine
2015-06-01 20:10 - 2015-06-01 20:10 - 00000000 ____D C:\Users\Jura\AppData\Local\UnrealEngine
2015-06-01 19:43 - 2015-06-10 15:30 - 00000000 ____D C:\ProgramData\Epic
2015-06-01 19:43 - 2015-06-01 19:45 - 00000000 ____D C:\Program Files\Epic Games
2015-06-01 19:43 - 2015-06-01 19:43 - 00001200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00001188 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\Users\Jura\AppData\Local\EpicGamesLauncher
2015-05-31 00:53 - 2015-05-31 00:53 - 00000000 ____D C:\ProgramData\Ralink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Users\Jura\AppData\Roaming\InstallShield
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirLive 802.11G Wireless
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\ProgramData\AirLive Driver
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Ovislink
2015-05-30 16:45 - 2015-05-30 16:45 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-05-30 16:45 - 2009-12-10 11:16 - 02061600 _____ (Ralink Technology, Corp.) C:\Windows\system32\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01590560 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RaCertMgr.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 01063200 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAIHV.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\RAEXTUI.dll
2015-05-30 16:45 - 2009-12-10 11:16 - 00109856 _____ (Ralink Technology, Corp.) C:\Windows\system32\RAEXTUI.dll
2015-05-27 19:05 - 2015-05-27 19:06 - 00014336 ___SH C:\Users\Jura\Documents\Thumbs.db
2015-05-27 15:42 - 2015-05-31 00:53 - 00002740 _____ C:\Windows\system32\RaCoInst.log
2015-05-27 15:38 - 2010-04-08 11:14 - 00446304 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr6164.sys
2015-05-22 21:37 - 2015-06-01 21:39 - 00000139 _____ C:\Users\Jura\Desktop\byteček.txt
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-05-21 17:41 - 2015-05-21 17:41 - 00000000 ____D C:\Program Files\AutoHotkey
2015-05-19 19:30 - 2015-05-19 19:30 - 00000000 ____D C:\Users\Jura\AppData\Roaming\com.playsaurus.heroclicker
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 20:16 - 2014-06-06 18:05 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Skype
2015-06-18 20:04 - 2014-06-06 18:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-18 19:47 - 2014-06-06 18:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-18 19:34 - 2015-01-05 16:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 19:22 - 2015-01-11 16:50 - 00000000 ____D C:\Program Files (x86)\MSI
2015-06-18 19:19 - 2014-06-06 17:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-18 19:19 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 19:19 - 2009-07-14 06:45 - 00034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 19:15 - 2014-12-07 19:34 - 00004972 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Jura-OPPC-Jura Jura-OPPC
2015-06-18 19:00 - 2009-07-14 07:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-18 18:57 - 2014-06-06 17:08 - 01789327 _____ C:\Windows\WindowsUpdate.log
2015-06-18 18:54 - 2015-03-08 22:30 - 00000000 ___RD C:\Users\Jura\Disk Google
2015-06-18 18:54 - 2015-01-05 16:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 18:54 - 2014-06-06 20:02 - 00000000 ___RD C:\Users\Jura\Dropbox
2015-06-18 18:54 - 2014-06-06 20:01 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Dropbox
2015-06-18 18:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-18 18:53 - 2015-05-13 18:21 - 00000000 ____D C:\AdwCleaner
2015-06-18 17:47 - 2014-06-06 17:56 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-17 23:55 - 2014-06-09 10:53 - 00000000 ____D C:\Users\Jura\AppData\Roaming\BitTorrent
2015-06-15 17:32 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-13 21:07 - 2014-09-16 19:19 - 00000000 ____D C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-13 18:20 - 2014-06-08 19:32 - 00000000 ____D C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
2015-06-13 11:35 - 2015-03-08 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-12 20:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 22:17 - 2009-07-14 06:45 - 00477280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 00:01 - 2014-06-13 08:50 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 23:57 - 2014-06-13 08:50 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 22:13 - 2015-05-08 02:52 - 00000000 ____D C:\Users\Jura\AppData\Local\The Witcher
2015-06-09 22:04 - 2014-06-06 18:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:04 - 2014-06-06 18:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 22:04 - 2014-06-06 18:18 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-08 22:32 - 2014-10-02 21:25 - 00000000 ____D C:\Users\Jura\Documents\Visual Studio 2013
2015-06-08 16:25 - 2014-09-17 16:50 - 00000000 ____D C:\Users\Jura\AppData\Local\Greenshot
2015-06-06 11:56 - 2014-12-14 04:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 11:56 - 2014-06-13 14:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 21:38 - 2015-05-14 19:47 - 00000000 ___RD C:\Users\Jura\Desktop\SZZ
2015-06-02 11:10 - 2014-06-22 09:14 - 00000000 ____D C:\Program Files\CCleaner
2015-05-27 15:42 - 2015-05-13 18:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 11:15 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 17:41 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2015-05-19 16:18 - 2014-06-09 20:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
==================== Files in the root of some directories =======
2014-07-11 20:54 - 2014-07-11 20:54 - 0000099 _____ () C:\Users\Jura\AppData\Roaming\LauncherSettings_live.cfg
2014-11-20 07:16 - 2014-05-26 20:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\Jura\AppData\Roaming\libcurl.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\libeay32.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0112142 ___SH () C:\Users\Jura\AppData\Roaming\libgcc_s_dw2-1.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0279955 ___SH () C:\Users\Jura\AppData\Roaming\libidn-11.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0148760 ___SH () C:\Users\Jura\AppData\Roaming\libpdcurses.dll
2014-11-20 07:16 - 2014-05-04 11:16 - 0207360 ___SH (CodePlex Community) C:\Users\Jura\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2014-11-20 07:16 - 2013-08-11 15:41 - 0044032 ___SH (NirSoft) C:\Users\Jura\AppData\Roaming\nircmd.exe
2014-11-20 07:16 - 2014-05-26 20:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\Jura\AppData\Roaming\pthreadGC2.dll
2014-11-20 07:16 - 2014-05-26 20:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jura\AppData\Roaming\ssleay32.dll
2014-11-22 09:44 - 2014-11-22 09:44 - 2517752 _____ () C:\Users\Jura\AppData\Roaming\x11modPitcairnglg2tc10624w256l4.bin
2014-11-20 07:16 - 2014-05-26 20:16 - 0113166 ___SH () C:\Users\Jura\AppData\Roaming\zlib1.dll
2014-06-20 16:49 - 2014-06-20 16:49 - 0003584 _____ () C:\Users\Jura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-18 20:18 - 2015-06-18 20:18 - 0029696 _____ () C:\Users\Jura\AppData\Local\MSGBOX.EXE
2014-12-17 21:12 - 2014-12-17 21:12 - 0003246 _____ () C:\Users\Jura\AppData\Local\recently-used.xbel
2014-06-22 07:07 - 2014-06-22 07:07 - 0000017 _____ () C:\Users\Jura\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
C:\Users\Jura\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jura\AppData\Local\Temp\bdfilters.dll
C:\Users\Jura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdmvsrb.dll
C:\Users\Jura\AppData\Local\Temp\Quarantine.exe
C:\Users\Jura\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jura\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 18:42
==================== End of log ============================
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu FRST logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jura\AppData\Local\Temp
AlternateDataStreams: C:\Users\Jura\Desktop\SZZ:com.dropbox.attributes
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu FRST logu
Zde:
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Jura at 2015-06-18 22:46:41 Run:1
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jura\AppData\Local\Temp
AlternateDataStreams: C:\Users\Jura\Desktop\SZZ:com.dropbox.attributes
End
*****************
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36d46b41-eef4-11e3-83f2-448a5b63c677}" => key removed successfully
HKCR\CLSID\{36d46b41-eef4-11e3-83f2-448a5b63c677} => key not found.
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69fb962c-d07c-11e4-a683-448a5b63c677}" => key removed successfully
HKCR\CLSID\{69fb962c-d07c-11e4-a683-448a5b63c677} => key not found.
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69fb979e-d07c-11e4-a683-448a5b63c677}" => key removed successfully
HKCR\CLSID\{69fb979e-d07c-11e4-a683-448a5b63c677} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKCR\PROTOCOLS\Handler\skype4com" => key removed successfully
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
"HKCR\PROTOCOLS\Handler\WSAMVCUchrome" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
X6va021 => Service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
"C:\Users\Jura\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jura\AppData\Local\Temp" folder => Scheduled to move on reboot.
"C:\Users\Jura\Desktop\SZZ" => ":com.dropbox.attributes" ADS not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-18 22:48:22)<=
C:\Users\Jura\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:48:22 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Jura at 2015-06-18 22:46:41 Run:1
Running from C:\Users\Jura\Desktop
Loaded Profiles: Jura (Available Profiles: Jura)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {36d46b41-eef4-11e3-83f2-448a5b63c677} - F:\autorun.exe -auto
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb962c-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-638056861-2139263736-2926146729-1000\...\MountPoints2: {69fb979e-d07c-11e4-a683-448a5b63c677} - G:\Lenovo_Suite.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSAMVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jura\AppData\Local\Temp
AlternateDataStreams: C:\Users\Jura\Desktop\SZZ:com.dropbox.attributes
End
*****************
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{36d46b41-eef4-11e3-83f2-448a5b63c677}" => key removed successfully
HKCR\CLSID\{36d46b41-eef4-11e3-83f2-448a5b63c677} => key not found.
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69fb962c-d07c-11e4-a683-448a5b63c677}" => key removed successfully
HKCR\CLSID\{69fb962c-d07c-11e4-a683-448a5b63c677} => key not found.
"HKU\S-1-5-21-638056861-2139263736-2926146729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{69fb979e-d07c-11e4-a683-448a5b63c677}" => key removed successfully
HKCR\CLSID\{69fb979e-d07c-11e4-a683-448a5b63c677} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKCR\PROTOCOLS\Handler\skype4com" => key removed successfully
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
"HKCR\PROTOCOLS\Handler\WSAMVCUchrome" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
X6va021 => Service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
"C:\Users\Jura\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jura\AppData\Local\Temp" folder => Scheduled to move on reboot.
"C:\Users\Jura\Desktop\SZZ" => ":com.dropbox.attributes" ADS not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-18 22:48:22)<=
C:\Users\Jura\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:48:22 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu FRST logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu FRST logu
Dobrý den,
děkuji za pomoc s vyčištěním.
Chtěl jsem napsat, že problém od čištění nenastal, ale bohužel se mi to teď stalo znovu, nicméně četnost se snížila a přijde mi, že razantně (včera touhle dobou už jsem to měl zamrznuté 3-4x, dnes to bylo poprve). Zkusil jsem hledat, jestli se nejedná o nějaký jiný problém a našel jsem hotfix od Mrkvosoftu, který by měl náhodnému zamrzání předejít, tak ještě vyzkouším tuto možnost.
děkuji za pomoc s vyčištěním.
Chtěl jsem napsat, že problém od čištění nenastal, ale bohužel se mi to teď stalo znovu, nicméně četnost se snížila a přijde mi, že razantně (včera touhle dobou už jsem to měl zamrznuté 3-4x, dnes to bylo poprve). Zkusil jsem hledat, jestli se nejedná o nějaký jiný problém a našel jsem hotfix od Mrkvosoftu, který by měl náhodnému zamrzání předejít, tak ještě vyzkouším tuto možnost.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu FRST logu
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?