Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola + nález v MB

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Preventivní kontrola + nález v MB

#1 Příspěvek od Masek33 »

Dobrý den, prosím o preventivní kontrolu ntb. Dnes sem si jen tak zběžně nechal zkontrolovat ntb programem Malwarebytes a našlo to pár věcí, ale vím, že to občas mívá falešné detekce, tak s tím jdu za Vámi :) Předem děkuji


Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2015-07-24 12:10:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (18%) free of 159 GB
Total RAM: 3993 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:34, on 24.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L355 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-984795046-312569605-1762408917-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-984795046-312569605-1762408917-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-984795046-312569605-1762408917-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-984795046-312569605-1762408917-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-984795046-312569605-1762408917-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E80D88A3-C28C-497E-994C-4E2942C02F36}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15230 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\S-Bar\MSIService.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000001" /M "L355 Series"
"C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008d4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f881d935-77b0-4911-ad5a-d0c27e85548b 1
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "1047225465-5346079171562586915360657519-1764281270-976099501-545229141-410926449
C:\windows\system32\SearchIndexer.exe /Embedding
\??\C:\windows\system32\conhost.exe "-260317995-9865391251070684012200410048512915902141094502722795589187-2000120688
C:\windows\System32\alg.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\system32\GWX\GWX.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxHK.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window --flag-switches-begin --enable-npapi --flag-switches-end
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5476.0.2581293\1995710448" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.1.767012238\1608498571" --font-cache-shared-handle=1824 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.2.1570480593\275435407" --font-cache-shared-handle=1912 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.3.1260889858\973111549" --font-cache-shared-handle=2152 /prefetch:673131151
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\The KMPlayer\KMPlayer.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.54.1253419638\1817096915" --font-cache-shared-handle=6828 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.55.1898672399\1092853029" --font-cache-shared-handle=4848 /prefetch:673131151
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5476.56.535124661\324582331" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"c:\program files (x86)\avira\antivir desktop\avscan.exe" /CFG="sysscan.avp"
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
"C:\windows\system32\NOTEPAD.EXE" C:\Users\Petr\Desktop\mm.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5476.60.1810926290\1203882846" --font-cache-shared-handle=6576 /prefetch:673131151
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
"D:\_Petr\program\RSIT\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.80.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2010-09-14 25600]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-02-17 177936]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-02-21 11406608]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-05-30 1279480]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-30 14021336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"EPLTarget\P0000000000000000"=C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"EPLTarget\P0000000000000001"=C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-07-14 813896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-01-03 502288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-13 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-10-13 230696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-26 291608]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2011-08-30 1517056]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
""= []
"Avira Systray"=C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [2015-06-02 134368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-07-24 12:05:16 ----D---- C:\rsit
2015-07-24 11:40:22 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-24 11:40:01 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mwac.sys
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mbam.sys
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\lpk.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\fontsub.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\dciman32.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\atmlib.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\atmfd.dll
2015-07-15 22:22:26 ----A---- C:\windows\SYSWOW64\cewmdm.dll
2015-07-15 22:22:26 ----A---- C:\windows\system32\cewmdm.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wups.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuwebv.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wups2.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wups.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wudriver.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wucltux.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuaueng.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuauclt.exe
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuapp.exe
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuapi.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\WinSetupUI.dll
2015-07-15 22:22:24 ----A---- C:\windows\system32\rdpcorets.dll
2015-07-15 22:22:23 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\win32k.sys
2015-07-15 22:22:23 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\jscript9diag.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\jscript9.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\gdi32.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-07-15 22:22:21 ----A---- C:\windows\system32\urlmon.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\mshtml.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\ieui.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\ieframe.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\iertutil.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\ieetwcollector.exe
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\iernonce.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\ie4uinit.exe
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-07-15 22:22:17 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-07-15 22:22:17 ----A---- C:\windows\system32\iedkcs32.dll
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:22:16 ----A---- C:\windows\system32\msfeeds.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\iesetup.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\dxtrans.dll
2015-07-15 22:22:15 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-07-15 22:22:15 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 22:22:15 ----A---- C:\windows\system32\vbscript.dll
2015-07-15 22:22:14 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-07-15 22:22:14 ----A---- C:\windows\system32\jsproxy.dll
2015-07-15 22:22:14 ----A---- C:\windows\system32\ieUnatt.exe
2015-07-15 22:22:14 ----A---- C:\windows\system32\dxtmsft.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\wininet.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\mshtmled.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\jscript.dll
2015-07-15 22:22:12 ----A---- C:\windows\system32\msrating.dll
2015-07-15 22:22:12 ----A---- C:\windows\system32\MshtmlDac.dll
2015-07-15 22:22:10 ----A---- C:\windows\SYSWOW64\ole32.dll
2015-07-15 22:22:10 ----A---- C:\windows\system32\ole32.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\wintrust.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\cryptsvc.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\cryptnet.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\crypt32.dll
2015-07-15 22:22:05 ----A---- C:\windows\system32\rpcrt4.dll
2015-07-15 22:22:05 ----A---- C:\windows\system32\kerberos.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\wdigest.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\TSpkg.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\sspisrv.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\sspicli.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\schannel.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\secur32.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\ncrypt.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msv1_0.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msobjs.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msaudite.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\lsass.exe
2015-07-15 22:22:04 ----A---- C:\windows\system32\lsasrv.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\cryptbase.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\credssp.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\auditpol.exe
2015-07-15 22:22:04 ----A---- C:\windows\system32\adtschema.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msimsg.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msihnd.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msiexec.exe
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msi.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\authui.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msimsg.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msihnd.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msiexec.exe
2015-07-15 22:22:00 ----A---- C:\windows\system32\msi.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\consent.exe
2015-07-15 22:22:00 ----A---- C:\windows\system32\authui.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\appinfo.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\invagent.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\generaltel.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\devinv.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-07-15 22:21:57 ----A---- C:\windows\system32\appraiser.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\aepdu.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\aeinv.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\acmigration.dll
2015-06-30 20:06:45 ----A---- C:\windows\system32\drivers\TeeDriverx64.sys
2015-06-30 20:06:00 ----A---- C:\windows\system32\RtkCfg64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\RtkApi64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\RltkAPO64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\drivers\RTKVHD64.sys
2015-06-30 20:06:00 ----A---- C:\windows\system32\drivers\RTAIODAT.DAT
2015-06-30 20:05:59 ----A---- C:\windows\system32\RCoInstII64.dll
2015-06-30 20:05:53 ----A---- C:\windows\system32\FMAPO64.dll

======List of files/folders modified in the last 1 month======

2015-07-24 12:10:33 ----D---- C:\windows\Temp
2015-07-24 12:10:33 ----D---- C:\Program Files\trend micro
2015-07-24 12:04:12 ----SHD---- C:\System Volume Information
2015-07-24 11:54:35 ----SHD---- C:\windows\Installer
2015-07-24 11:40:22 ----D---- C:\windows\system32\drivers
2015-07-24 11:40:01 ----RD---- C:\Program Files (x86)
2015-07-24 11:40:01 ----D---- C:\ProgramData\Malwarebytes
2015-07-24 11:34:54 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-07-24 11:34:05 ----D---- C:\Program Files (x86)\Steam
2015-07-24 11:34:01 ----D---- C:\windows\inf
2015-07-24 11:34:01 ----D---- C:\windows\debug
2015-07-24 11:34:01 ----D---- C:\Windows
2015-07-24 10:34:56 ----D---- C:\windows\System32
2015-07-24 10:34:56 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-07-24 10:09:53 ----A---- C:\windows\SYSWOW64\log.txt
2015-07-24 10:07:56 ----D---- C:\windows\system32\config
2015-07-23 22:20:40 ----D---- C:\windows\system32\FxsTmp
2015-07-22 17:20:53 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-07-21 19:01:53 ----D---- C:\windows\winsxs
2015-07-21 19:01:07 ----D---- C:\windows\SysWOW64
2015-07-18 16:04:45 ----D---- C:\windows\rescache
2015-07-17 00:00:49 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-07-17 00:00:48 ----SD---- C:\windows\SYSWOW64\GWX
2015-07-17 00:00:48 ----SD---- C:\windows\system32\GWX
2015-07-17 00:00:48 ----D---- C:\windows\SYSWOW64\en-US
2015-07-17 00:00:48 ----D---- C:\windows\system32\en-US
2015-07-17 00:00:48 ----D---- C:\windows\system32\cs-CZ
2015-07-17 00:00:48 ----D---- C:\windows\PolicyDefinitions
2015-07-17 00:00:48 ----D---- C:\Program Files\Internet Explorer
2015-07-17 00:00:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-17 00:00:46 ----SD---- C:\windows\system32\CompatTel
2015-07-17 00:00:46 ----D---- C:\windows\system32\wbem
2015-07-17 00:00:46 ----D---- C:\windows\system32\appraiser
2015-07-17 00:00:45 ----D---- C:\windows\AppPatch
2015-07-16 23:21:27 ----D---- C:\windows\Tasks
2015-07-16 22:30:32 ----D---- C:\windows\system32\MRT
2015-07-16 22:23:09 ----D---- C:\ProgramData\ProductData
2015-07-16 22:22:46 ----D---- C:\windows\system32\Tasks
2015-07-15 22:21:41 ----D---- C:\windows\system32\catroot2
2015-07-14 23:32:35 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2015-07-14 20:24:09 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-07-13 18:13:10 ----RD---- C:\Program Files (x86)\Skype
2015-07-13 18:13:05 ----D---- C:\ProgramData\Skype
2015-07-12 16:11:01 ----D---- C:\ProgramData\PopCap Games
2015-07-07 22:51:13 ----D---- C:\ProgramData\Package Cache
2015-07-07 22:51:03 ----D---- C:\Program Files (x86)\Avira
2015-07-06 10:59:06 ----D---- C:\Games
2015-07-05 17:36:25 ----D---- C:\Program Files (x86)\Battle.net
2015-07-03 08:43:04 ----A---- C:\windows\system32\MRT.exe
2015-06-30 22:28:45 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-30 21:11:56 ----D---- C:\windows\system32\catroot
2015-06-30 20:06:46 ----D---- C:\windows\system32\DriverStore
2015-06-30 20:06:30 ----D---- C:\windows\SYSWOW64\RTCOM
2015-06-29 20:40:10 ----D---- C:\Users\Petr\AppData\Roaming\Origin
2015-06-29 20:38:24 ----D---- C:\ProgramData\Origin
2015-06-29 20:38:12 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\drivers\iusb3hcs.sys [2012-02-26 16152]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-08 283200]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-12 26528]
R1 LUMDriver;LUMDriver; \??\C:\windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2012-12-13 450136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [2015-03-05 44088]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-10-13 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\drivers\ETD.sys [2012-02-29 143144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2015-06-30 4496600]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\drivers\iusb3hub.sys [2012-02-26 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\drivers\iusb3xhc.sys [2012-02-26 788760]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2015-06-30 172832]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwsw01.sys [2015-02-12 11532704]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2015-06-01 38048]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\windows\system32\DRIVERS\RtsPStor.sys [2015-02-12 359128]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2015-04-20 977624]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-15 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-11-18 16088]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-06-30 27760]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-11-18 30424]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ibtfltcoex;ibtfltcoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-06-02 217280]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-21 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-21 1104208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2012-02-27 151648]
R2 EpsonScanSvc;Epson Scanner Service; C:\windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-02 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 2429544]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-15 127320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-15 276824]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [2012-03-16 160768]
R2 MSI Foundation Service;MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-17 12800]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-01-03 138768]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2015-03-27 76152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-15 362840]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-21 1304912]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-14 119408]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-06-29 2004488]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-11-08 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------


Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 24.7.2015
Čas skenování: 11:42
Protokol: mm.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.24.04
Databáze rootkitů: v2015.07.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 410442
Uplynulý čas: 10 min, 23 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-984795046-312569605-1762408917-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB1D533C-24CF-41F7-A1E4-5B33F9E97AB7}, Do karantény, [d0c4598ce7a392a4591561add82b1ae6],

Hodnoty registru: 2
PUP.Optional.Spigot.A, HKU\S-1-5-21-984795046-312569605-1762408917-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB1D533C-24CF-41F7-A1E4-5B33F9E97AB7}|URL, http://search.yahoo.com/search?fr=chr-g ... earchTerms}, Do karantény, [d0c4598ce7a392a4591561add82b1ae6]
PUP.Optional.Spigot.A, HKU\S-1-5-21-984795046-312569605-1762408917-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB1D533C-24CF-41F7-A1E4-5B33F9E97AB7}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, Do karantény, [791b37ae7f0b989ed831088e18ec19e7]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.Spigot.A, C:\Windows\Installer\a8f2d0.msi, Do karantény, [c9cbf5f0c5c51620ed438bb3db265ba5],
PUP.Optional.Spigot.A, C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\prefs.js, Dobré: (), Špatné: (user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =902615&p=");), Nahrazeno,[6430865fe7a388aec1d23b375ca9b24e]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

:arrow: Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#3 Příspěvek od Masek33 »

# AdwCleaner v4.112 - Logfile created 26/07/2015 at 12:05:05
# Updated 09/03/2015 by Xplode
# Database : 2015-07-26.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Petr - PETR-MSI
# Running from : C:\Users\Petr\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : mcaudrv_simple
[#] Service Deleted : ManyCam

***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v29.0.1 (cs)


-\\ Google Chrome v44.0.2403.107


*************************

AdwCleaner[R0].txt - [1318 bytes] - [14/11/2013 11:42:11]
AdwCleaner[R1].txt - [3111 bytes] - [04/03/2014 08:59:54]
AdwCleaner[R2].txt - [2682 bytes] - [20/03/2015 11:40:53]
AdwCleaner[R3].txt - [1285 bytes] - [26/07/2015 12:00:03]
AdwCleaner[R4].txt - [1345 bytes] - [26/07/2015 12:03:35]
AdwCleaner[S0].txt - [1309 bytes] - [14/11/2013 11:42:32]
AdwCleaner[S1].txt - [3181 bytes] - [04/03/2014 09:01:35]
AdwCleaner[S2].txt - [2749 bytes] - [20/03/2015 11:43:37]
AdwCleaner[S3].txt - [1286 bytes] - [26/07/2015 12:05:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1345 bytes] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.7.2015
Čas skenování: 12:09
Protokol: mmm.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.26.03
Databáze rootkitů: v2015.07.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 598342
Uplynulý čas: 1 hod, 0 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 9
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Application Updater\ApplicationUpdater.exe.vir, , [db807c6aa4e6f3437dd30822a0618f71],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe.vir, , [2d2eca1caae0979fce9426188d74d927],
PUP.Optional.Spigot.SID, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe.vir, , [5209a83e47430333c7927ff08184936d],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\wth173.dll.vir, , [de7d974fb5d51c1a80e279c5b34e36ca],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\Search Settings\wthx173.dll.vir, , [adae6c7a34568da9055d8db1f70a53ad],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\WidgiHelper.exe.vir, , [e17a7571f991cf67222f082221e03ec2],
PUP.Optional.Spigot.SID, C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\FF\components\iobitappsToolbarFF.dll.vir, , [66f543a390fa59dd86d3e58a966fbd43],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll.vir, , [d289e600a1e9bc7a4c16d9653ac7b44c],
PUP.Optional.Spigot.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE64.dll.vir, , [f7649551bfcb53e32f33023cce3346ba],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#4 Příspěvek od Márty84 »

Nalezy uz jsou v karantene ADWCleaneru, takze jsou neskodne.

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#5 Příspěvek od Masek33 »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2015-07-28 10:21:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (18%) free of 159 GB
Total RAM: 3993 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:21:54, on 28.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L355 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E80D88A3-C28C-497E-994C-4E2942C02F36}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13804 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
taskeng.exe {4F57F9C3-47A7-460B-99DF-513E45B36170}
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\S-Bar\MSIService.exe"
"C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000714
C:\windows\System32\alg.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f881d935-77b0-4911-ad5a-d0c27e85548b 1
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
\??\C:\windows\system32\conhost.exe "-581110892-25514511918399272741265035643-5347125611537053988-257026371359004
"taskhost.exe"
C:\windows\servicing\TrustedInstaller.exe
taskeng.exe {C3DF8B5C-8F49-4F59-B89F-A8B0F2EBE4D7}
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
igfxEM.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
igfxHK.exe
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000000" /M "L355 Series"
"C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE" /EPT "EPLTarget\P0000000000000001" /M "L355 Series"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "1256728532-1511110264-1013540792171979809-213490487-20017428293775718361686063333
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4768.0.1536410613\471716089" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3621 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4768.1.1176828127\1198397565" --font-cache-shared-handle=2200 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4768.2.1449485155\1286265198" --font-cache-shared-handle=2344 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4768.3.1997299426\1381126842" --font-cache-shared-handle=2184 /prefetch:673131151
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\GWX\GWX.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4768.7.1886225216\959726354" --font-cache-shared-handle=4892 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Enabled_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin4/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_07/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4768.8.95372635\1906619621" --font-cache-shared-handle=4464 /prefetch:673131151
"C:\totalcmd\TOTALCMD64.EXE"
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\_Petr\program\RSIT\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.80.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2010-09-14 25600]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-02-17 177936]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-02-21 11406608]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-05-30 1279480]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-30 14021336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"EPLTarget\P0000000000000000"=C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"EPLTarget\P0000000000000001"=C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [2012-02-28 283232]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-07-24 813896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger]
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-01-03 502288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-13 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-10-13 230696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-26 291608]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2011-08-30 1517056]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-01-02 73984]
""= []
"Avira Systray"=C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [2015-06-02 134368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-07-26 04:59:35 ----D---- C:\hp
2015-07-26 04:52:29 ----A---- C:\windows\system32\drivers\mcvidrv_x64.sys
2015-07-24 12:05:16 ----D---- C:\rsit
2015-07-24 11:40:22 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-24 11:40:01 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mwac.sys
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-07-24 11:40:01 ----A---- C:\windows\system32\drivers\mbam.sys
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-07-20 20:34:31 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\lpk.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\fontsub.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\dciman32.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\atmlib.dll
2015-07-20 20:34:31 ----A---- C:\windows\system32\atmfd.dll
2015-07-15 22:22:26 ----A---- C:\windows\SYSWOW64\cewmdm.dll
2015-07-15 22:22:26 ----A---- C:\windows\system32\cewmdm.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wups.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-07-15 22:22:25 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuwebv.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wups2.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wups.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wudriver.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wucltux.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuaueng.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuauclt.exe
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuapp.exe
2015-07-15 22:22:25 ----A---- C:\windows\system32\wuapi.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 22:22:25 ----A---- C:\windows\system32\WinSetupUI.dll
2015-07-15 22:22:24 ----A---- C:\windows\system32\rdpcorets.dll
2015-07-15 22:22:23 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\win32k.sys
2015-07-15 22:22:23 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\jscript9diag.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\jscript9.dll
2015-07-15 22:22:23 ----A---- C:\windows\system32\gdi32.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-07-15 22:22:22 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-07-15 22:22:21 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-07-15 22:22:21 ----A---- C:\windows\system32\urlmon.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\mshtml.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\ieui.dll
2015-07-15 22:22:20 ----A---- C:\windows\system32\ieframe.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-07-15 22:22:19 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\iertutil.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-07-15 22:22:19 ----A---- C:\windows\system32\ieetwcollector.exe
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-07-15 22:22:18 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\iernonce.dll
2015-07-15 22:22:18 ----A---- C:\windows\system32\ie4uinit.exe
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-07-15 22:22:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-07-15 22:22:17 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-07-15 22:22:17 ----A---- C:\windows\system32\iedkcs32.dll
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-07-15 22:22:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:22:16 ----A---- C:\windows\system32\msfeeds.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\iesetup.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\ieapfltr.dll
2015-07-15 22:22:16 ----A---- C:\windows\system32\dxtrans.dll
2015-07-15 22:22:15 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-07-15 22:22:15 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 22:22:15 ----A---- C:\windows\system32\vbscript.dll
2015-07-15 22:22:14 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-07-15 22:22:14 ----A---- C:\windows\system32\jsproxy.dll
2015-07-15 22:22:14 ----A---- C:\windows\system32\ieUnatt.exe
2015-07-15 22:22:14 ----A---- C:\windows\system32\dxtmsft.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\wininet.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\mshtmled.dll
2015-07-15 22:22:13 ----A---- C:\windows\system32\jscript.dll
2015-07-15 22:22:12 ----A---- C:\windows\system32\msrating.dll
2015-07-15 22:22:12 ----A---- C:\windows\system32\MshtmlDac.dll
2015-07-15 22:22:10 ----A---- C:\windows\SYSWOW64\ole32.dll
2015-07-15 22:22:10 ----A---- C:\windows\system32\ole32.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2015-07-15 22:22:08 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\wintrust.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\cryptsvc.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\cryptnet.dll
2015-07-15 22:22:08 ----A---- C:\windows\system32\crypt32.dll
2015-07-15 22:22:05 ----A---- C:\windows\system32\rpcrt4.dll
2015-07-15 22:22:05 ----A---- C:\windows\system32\kerberos.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-07-15 22:22:04 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\wdigest.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\TSpkg.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\sspisrv.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\sspicli.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\schannel.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\secur32.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\ncrypt.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msv1_0.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msobjs.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\msaudite.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\lsass.exe
2015-07-15 22:22:04 ----A---- C:\windows\system32\lsasrv.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-07-15 22:22:04 ----A---- C:\windows\system32\cryptbase.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\credssp.dll
2015-07-15 22:22:04 ----A---- C:\windows\system32\auditpol.exe
2015-07-15 22:22:04 ----A---- C:\windows\system32\adtschema.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msimsg.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msihnd.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msiexec.exe
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\msi.dll
2015-07-15 22:22:00 ----A---- C:\windows\SYSWOW64\authui.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msimsg.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msihnd.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\msiexec.exe
2015-07-15 22:22:00 ----A---- C:\windows\system32\msi.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\consent.exe
2015-07-15 22:22:00 ----A---- C:\windows\system32\authui.dll
2015-07-15 22:22:00 ----A---- C:\windows\system32\appinfo.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\invagent.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\generaltel.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\devinv.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-07-15 22:21:57 ----A---- C:\windows\system32\appraiser.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\aepdu.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\aeinv.dll
2015-07-15 22:21:57 ----A---- C:\windows\system32\acmigration.dll
2015-06-30 20:06:45 ----A---- C:\windows\system32\drivers\TeeDriverx64.sys
2015-06-30 20:06:00 ----A---- C:\windows\system32\RtkCfg64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\RtkApi64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\RltkAPO64.dll
2015-06-30 20:06:00 ----A---- C:\windows\system32\drivers\RTKVHD64.sys
2015-06-30 20:06:00 ----A---- C:\windows\system32\drivers\RTAIODAT.DAT
2015-06-30 20:05:59 ----A---- C:\windows\system32\RCoInstII64.dll
2015-06-30 20:05:53 ----A---- C:\windows\system32\FMAPO64.dll

======List of files/folders modified in the last 1 month======

2015-07-28 10:21:53 ----D---- C:\windows\Temp
2015-07-28 10:21:53 ----D---- C:\Program Files\trend micro
2015-07-28 10:20:13 ----A---- C:\windows\SYSWOW64\log.txt
2015-07-28 10:18:15 ----D---- C:\windows\system32\config
2015-07-28 00:45:00 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-07-27 15:48:56 ----SHD---- C:\System Volume Information
2015-07-27 15:48:30 ----D---- C:\windows\System32
2015-07-27 15:48:30 ----D---- C:\windows\inf
2015-07-27 15:48:30 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-07-27 15:44:11 ----D---- C:\windows\system32\FxsTmp
2015-07-26 12:13:54 ----RD---- C:\Program Files (x86)
2015-07-26 12:13:53 ----HD---- C:\ProgramData
2015-07-26 12:05:31 ----D---- C:\Windows
2015-07-26 12:05:06 ----D---- C:\AdwCleaner
2015-07-26 04:59:54 ----A---- C:\windows\win.ini
2015-07-26 04:59:53 ----RSD---- C:\windows\Media
2015-07-26 04:59:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-07-26 04:52:50 ----D---- C:\windows\system32\DriverStore
2015-07-26 04:52:50 ----D---- C:\windows\system32\drivers
2015-07-26 04:52:39 ----D---- C:\ProgramData\CyberLink
2015-07-25 11:35:17 ----SD---- C:\windows\system32\GWX
2015-07-24 11:54:35 ----SHD---- C:\windows\Installer
2015-07-24 11:40:01 ----D---- C:\ProgramData\Malwarebytes
2015-07-24 11:34:05 ----D---- C:\Program Files (x86)\Steam
2015-07-24 11:34:01 ----D---- C:\windows\debug
2015-07-22 17:20:53 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-07-21 19:01:53 ----D---- C:\windows\winsxs
2015-07-21 19:01:07 ----D---- C:\windows\SysWOW64
2015-07-18 16:04:45 ----D---- C:\windows\rescache
2015-07-17 00:00:49 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-07-17 00:00:48 ----SD---- C:\windows\SYSWOW64\GWX
2015-07-17 00:00:48 ----D---- C:\windows\SYSWOW64\en-US
2015-07-17 00:00:48 ----D---- C:\windows\system32\en-US
2015-07-17 00:00:48 ----D---- C:\windows\system32\cs-CZ
2015-07-17 00:00:48 ----D---- C:\windows\PolicyDefinitions
2015-07-17 00:00:48 ----D---- C:\Program Files\Internet Explorer
2015-07-17 00:00:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-17 00:00:46 ----SD---- C:\windows\system32\CompatTel
2015-07-17 00:00:46 ----D---- C:\windows\system32\wbem
2015-07-17 00:00:46 ----D---- C:\windows\system32\appraiser
2015-07-17 00:00:45 ----D---- C:\windows\AppPatch
2015-07-16 23:21:27 ----D---- C:\windows\Tasks
2015-07-16 22:30:32 ----D---- C:\windows\system32\MRT
2015-07-16 22:23:09 ----D---- C:\ProgramData\ProductData
2015-07-16 22:22:46 ----D---- C:\windows\system32\Tasks
2015-07-15 22:21:41 ----D---- C:\windows\system32\catroot2
2015-07-14 23:32:35 ----D---- C:\Users\Petr\AppData\Roaming\BitTorrent
2015-07-14 20:24:09 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-07-13 18:13:10 ----RD---- C:\Program Files (x86)\Skype
2015-07-13 18:13:05 ----D---- C:\ProgramData\Skype
2015-07-12 16:11:01 ----D---- C:\ProgramData\PopCap Games
2015-07-07 22:51:13 ----D---- C:\ProgramData\Package Cache
2015-07-07 22:51:03 ----D---- C:\Program Files (x86)\Avira
2015-07-06 10:59:06 ----D---- C:\Games
2015-07-05 17:36:25 ----D---- C:\Program Files (x86)\Battle.net
2015-07-03 08:43:04 ----A---- C:\windows\system32\MRT.exe
2015-06-30 22:28:45 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-30 21:11:56 ----D---- C:\windows\system32\catroot
2015-06-30 20:06:30 ----D---- C:\windows\SYSWOW64\RTCOM
2015-06-29 20:40:10 ----D---- C:\Users\Petr\AppData\Roaming\Origin
2015-06-29 20:38:24 ----D---- C:\ProgramData\Origin
2015-06-29 20:38:12 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\drivers\iusb3hcs.sys [2012-02-26 16152]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-08 283200]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-12 26528]
R1 LUMDriver;LUMDriver; \??\C:\windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2012-12-13 450136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [2015-03-05 44088]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-10-13 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\drivers\ETD.sys [2012-02-29 143144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-05-16 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2015-06-30 4496600]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-06-05 450520]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\drivers\iusb3hub.sys [2012-02-26 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\drivers\iusb3xhc.sys [2012-02-26 788760]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2015-06-30 172832]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwsw01.sys [2015-02-12 11532704]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2015-06-01 38048]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\windows\system32\DRIVERS\RtsPStor.sys [2015-02-12 359128]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2015-04-20 977624]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-15 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-11-18 16088]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-06-30 27760]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-11-18 30424]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ibtfltcoex;ibtfltcoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-06-02 217280]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-21 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-21 1104208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2012-02-27 151648]
R2 EpsonScanSvc;Epson Scanner Service; C:\windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-02 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 2429544]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-06-05 315352]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-15 127320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-15 276824]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [2012-03-16 160768]
R2 MSI Foundation Service;MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-17 12800]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-01-03 138768]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2015-03-27 76152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-15 362840]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-01-02 2448032]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-21 1304912]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-06-05 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-14 119408]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-06-29 2004488]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-11-08 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#6 Příspěvek od Masek33 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by Petr (administrator) on PETR-MSI (28-07-2015 10:35:21)
Running from C:\Users\Petr\Desktop
Loaded Profiles: UpdatusUser & Petr (Available Profiles: UpdatusUser & Petr)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [THXCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73984 2013-01-02] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-24] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-984795046-312569605-1762408917-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{3A69E1EF-6628-4BEF-909A-08185EFA1F92}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default
FF DefaultSearchEngine: Wikipedie (cs)
FF DefaultSearchUrl:
FF SelectedSearchEngine: Wikipedie (cs)
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-09-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Download Status Bar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-01-23]
FF Extension: ReloadEvery - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-03-02]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-11-06]

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-01]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-03-16] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-03-27] ()
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2448032 2013-01-02] (Check Point Software Technologies LTD)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-08] (DT Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-11-18] (Sony Mobile Communications)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-12] (REALiX(tm))
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [172832 2015-06-30] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11532704 2015-02-12] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2015-06-01] (NVIDIA Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-28 10:35 - 2015-07-28 10:35 - 00020781 _____ C:\Users\Petr\Desktop\FRST.txt
2015-07-28 10:34 - 2015-07-28 10:35 - 00000000 ____D C:\FRST
2015-07-28 10:32 - 2015-07-28 10:32 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-07-28 10:31 - 2015-07-28 10:31 - 00000000 _____ C:\Users\Petr\Downloads\FRSTLauncher.exe.u881d8a.partial
2015-07-28 10:30 - 2015-07-28 10:30 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\Nepotvrzeno 955180.crdownload
2015-07-28 10:23 - 2015-07-28 10:23 - 02146816 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-07-26 13:18 - 2015-07-26 13:18 - 00002596 _____ C:\Users\Petr\Desktop\mmm.txt
2015-07-26 12:05 - 2015-07-28 10:18 - 00001344 _____ C:\windows\setupact.log
2015-07-26 12:05 - 2015-07-26 12:05 - 00000334 _____ C:\windows\PFRO.log
2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\windows\setuperr.log
2015-07-26 04:59 - 2015-07-26 04:59 - 00000000 ____D C:\hp
2015-07-26 04:52 - 2012-10-11 05:08 - 00044928 _____ (ManyCam LLC) C:\windows\system32\Drivers\mcvidrv_x64.sys
2015-07-24 12:05 - 2015-07-24 12:05 - 00000000 ____D C:\rsit
2015-07-24 12:03 - 2015-07-24 12:03 - 00002262 _____ C:\Users\Petr\Desktop\mm.txt
2015-07-24 11:40 - 2015-07-26 12:09 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 11:40 - 2015-07-24 11:40 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-24 11:40 - 2015-07-24 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-24 11:40 - 2015-07-24 11:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-24 11:40 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-24 11:40 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-24 11:40 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-20 20:34 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-20 20:34 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-20 20:34 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-20 20:34 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-20 20:34 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-20 20:34 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-20 20:34 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-20 20:34 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-20 20:34 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-20 20:34 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-16 22:22 - 2015-07-16 22:22 - 00002150 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-07-15 22:22 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 22:22 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 22:22 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 22:22 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 22:22 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 22:22 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 22:22 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 22:22 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 22:22 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 22:22 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 22:22 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 22:22 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 22:22 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 22:22 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 22:22 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 22:22 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 22:22 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 22:22 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 22:22 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 22:22 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 22:22 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 22:22 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 22:22 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 22:22 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 22:22 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 22:22 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 22:22 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 22:22 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 22:22 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 22:22 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 22:22 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 22:22 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 22:22 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 22:22 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 22:22 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 22:22 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 22:22 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 22:22 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 22:22 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 22:22 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 22:22 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 22:22 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:22 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 22:22 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 22:22 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 22:22 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 22:22 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 22:22 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 22:22 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 22:22 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 22:22 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 22:22 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 22:22 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 22:22 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 22:22 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 22:22 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 22:22 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 22:22 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 22:22 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 22:22 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 22:22 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 22:22 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 22:22 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:22 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 22:22 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:22 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 22:22 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 22:22 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 22:22 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 22:22 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 22:22 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 22:22 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 22:22 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 22:22 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 22:22 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 22:22 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 22:22 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 22:22 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 22:22 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 22:22 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 22:22 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 22:22 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 22:22 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 22:22 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 22:22 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 22:22 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 22:22 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 22:22 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 22:22 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 22:22 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 22:22 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 22:22 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 22:22 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 22:22 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 22:22 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 22:22 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 22:22 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 22:22 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 22:22 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 22:22 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 22:22 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 22:22 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 22:22 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 22:22 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 22:22 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 22:22 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 22:22 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-15 22:22 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 22:22 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 22:22 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 22:22 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 22:22 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 22:22 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 22:22 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 22:22 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 22:22 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-15 22:22 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-15 22:22 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-15 22:22 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-15 22:21 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-15 22:21 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-15 22:21 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-15 22:21 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-15 22:21 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-15 22:21 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-15 22:21 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-15 22:21 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-06 11:03 - 2015-07-06 11:03 - 00000222 _____ C:\Users\Petr\Desktop\Company of Heroes (New Steam Version).url
2015-07-05 12:52 - 2015-07-05 12:52 - 00000620 _____ C:\Users\Petr\Desktop\CoD2MP_s – zástupce.lnk
2015-06-30 20:06 - 2015-06-30 20:06 - 04496600 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2015-06-30 20:06 - 2015-06-30 20:06 - 03234520 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2015-06-30 20:06 - 2015-06-30 20:06 - 02930904 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2015-06-30 20:06 - 2015-06-30 20:06 - 02862488 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2015-06-30 20:06 - 2015-06-30 20:06 - 02702040 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2015-06-30 20:06 - 2015-06-30 20:06 - 00172832 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2015-06-30 20:06 - 2015-06-30 20:06 - 00166616 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2015-06-30 20:05 - 2015-06-30 20:05 - 03195416 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2015-06-30 20:05 - 2015-06-30 20:05 - 01748184 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-28 10:31 - 2015-03-25 11:55 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieUserList
2015-07-28 10:31 - 2015-03-25 11:55 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieSiteList
2015-07-28 10:31 - 2015-03-25 11:55 - 00000000 __SHD C:\Users\Petr\AppData\Local\EmieBrowserModeList
2015-07-28 10:30 - 2009-07-14 06:45 - 00031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 10:30 - 2009-07-14 06:45 - 00031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 10:26 - 2015-05-15 22:15 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 10:24 - 2013-04-16 18:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 10:24 - 2012-05-15 01:11 - 00680528 _____ C:\windows\system32\perfh005.dat
2015-07-28 10:24 - 2012-05-15 01:11 - 00145496 _____ C:\windows\system32\perfc005.dat
2015-07-28 10:24 - 2009-07-14 07:13 - 01615314 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-28 10:21 - 2013-11-13 11:23 - 00000000 ____D C:\Program Files\trend micro
2015-07-28 10:21 - 2013-05-12 12:45 - 01095264 _____ C:\windows\WindowsUpdate.log
2015-07-28 10:18 - 2015-05-15 22:15 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 10:18 - 2013-08-17 15:00 - 00000434 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-07-28 10:18 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-28 01:16 - 2013-11-14 12:17 - 00000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2015-07-28 00:45 - 2012-11-07 22:36 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-07-27 15:44 - 2009-07-14 07:32 - 00000000 ____D C:\windows\system32\FxsTmp
2015-07-26 12:06 - 2015-02-12 13:16 - 00002872 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (Petr)
2015-07-26 12:05 - 2013-11-14 11:41 - 00000000 ____D C:\AdwCleaner
2015-07-26 05:02 - 2012-11-07 22:37 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-07-26 04:59 - 2012-05-15 19:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-26 04:59 - 2009-07-14 05:20 - 00000000 __RSD C:\windows\Media
2015-07-26 04:59 - 2009-07-14 04:34 - 00000411 _____ C:\windows\win.ini
2015-07-26 04:52 - 2012-11-09 15:34 - 00000000 ____D C:\ProgramData\CyberLink
2015-07-25 11:35 - 2015-04-05 23:08 - 00000000 ___SD C:\windows\system32\GWX
2015-07-24 11:40 - 2013-07-14 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-24 11:34 - 2012-11-27 12:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-21 19:01 - 2009-07-14 06:45 - 00449576 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-18 16:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-17 00:00 - 2015-04-05 23:08 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-17 00:00 - 2014-12-10 23:29 - 00000000 ____D C:\windows\system32\appraiser
2015-07-17 00:00 - 2014-05-06 22:18 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-17 00:00 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-16 23:21 - 2014-02-22 13:36 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 23:21 - 2014-02-22 13:36 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 22:30 - 2013-08-14 22:17 - 00000000 ____D C:\windows\system32\MRT
2015-07-16 22:23 - 2015-02-12 13:19 - 00000000 ____D C:\ProgramData\ProductData
2015-07-16 22:22 - 2015-02-12 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-16 22:22 - 2015-02-12 13:16 - 00003230 _____ C:\windows\System32\Tasks\Driver Booster Scan
2015-07-16 22:22 - 2015-02-12 13:16 - 00003174 _____ C:\windows\System32\Tasks\Driver Booster Update
2015-07-14 23:32 - 2012-11-08 17:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\BitTorrent
2015-07-14 20:24 - 2012-12-13 10:24 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 20:24 - 2012-05-15 19:45 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 20:24 - 2012-05-15 19:45 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 18:13 - 2014-09-29 09:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 18:13 - 2012-11-07 22:36 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 16:11 - 2014-03-07 10:21 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-07 22:51 - 2013-12-22 17:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-07 22:51 - 2012-11-06 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-07 22:51 - 2012-11-06 22:01 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-06 11:15 - 2013-10-10 20:13 - 00000000 ____D C:\Users\Petr\Documents\My Games
2015-07-06 10:59 - 2015-02-01 14:08 - 00000000 ____D C:\Games
2015-07-05 17:36 - 2013-11-14 12:16 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-07-03 08:43 - 2012-11-08 16:13 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-30 22:28 - 2012-11-08 19:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-30 20:06 - 2012-05-15 19:19 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2015-06-29 21:09 - 2013-08-16 19:28 - 00000000 ____D C:\ProgramData\Origin
2015-06-29 20:40 - 2013-08-16 19:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2015-06-29 20:38 - 2013-08-16 19:27 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2012-11-08 16:47 - 2014-11-26 11:10 - 0007642 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2012-11-10 13:31 - 2012-11-10 13:31 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\avgnt.exe
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 00:55




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS_7) (Fixed) (Total:154.79 GB) (Free:27.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:65.46 GB) (Free:10.81 GB) NTFS
Drive i: (ADATA) (Fixed) (Total:1863.02 GB) (Free:603.53 GB) NTFS

Available physical RAM: 1670.04 MB
Total physical RAM: 3992.95 MB
Percentage of memory in use: 58%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 232.9 GB) (Disk ID: E5729EF2)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=48 MB) - (Type=27)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=65.5 GB) - (Type=07 NTFS)
Disk: 1 (Size: 1863 GB) (Disk ID: 00001AAE)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 239 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray
"C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk
C:\PROGRA~2\MICROS~1\Office10\OSA.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#7 Příspěvek od Masek33 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Petr at 2015-07-28 10:35:46
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-984795046-312569605-1762408917-500 - Administrator - Disabled)
Guest (S-1-5-21-984795046-312569605-1762408917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-984795046-312569605-1762408917-1008 - Limited - Enabled)
Petr (S-1-5-21-984795046-312569605-1762408917-1001 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-984795046-312569605-1762408917-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
Aktualizace NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BisonCam (HKLM-x32\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: - )
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.)
Bombarďáci (HKLM-x32\...\Bombarďáci) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet SetupManager V2 (HKLM-x32\...\InstallShield_{485863E4-C20E-4629-A3B1-B4C8E706A7CB}) (Version: 2.2.3 - SEIKO EPSON CORPORATION)
EpsonNet SetupManager V2 (x32 Version: 2.2.3 - SEIKO EPSON CORPORATION) Hidden
FastStone Image Viewer 4.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IObit Apps Toolbar v8.3 (HKLM-x32\...\{B14D51F5-F44F-4D77-86D0-777D6CB6C235}) (Version: 8.3 - Spigot, Inc.) <==== ATTENTION
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
jetAudio 8.0.x Czech Language Pack (HKLM-x32\...\jetAudio 8.0.x Czech Language Pack) (Version: - )
jetAudio Basic VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.17 - COWON)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{92110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.12 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 cs)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Odinstalace tiskárny EPSON L355 Series (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Ovládací panel NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
S-Bar (HKLM-x32\...\{A034A12D-D9B0-4BA1-9BBB-49A2E5224A6A}) (Version: 21.012.03156 - )
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.15.201410271230 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{F9806380-BB2E-4A64-AD46-45C52182163F}) (Version: 2.0.0.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.01 - Creative Technology Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ZoneAlarm Firewall (x32 Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 11.0.000.038 - Check Point)
ZoneAlarm Security (x32 Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-984795046-312569605-1762408917-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

14-07-2015 16:57:20 Windows Update
16-07-2015 22:25:57 Windows Update
21-07-2015 17:09:50 Windows Update
26-07-2015 04:59:47 Installed BisonCam
27-07-2015 15:48:50 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2FD755E5-7E1D-4F50-9985-AFEEE1406081} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {32A677BE-3712-4D27-A35E-1A7F68B5C774} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {41A2BD99-332B-4267-A8AA-B5D270FD0310} - System32\Tasks\{0D8614BA-F978-4C52-8A6F-6D77B006319B} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/cs/g ... Error=1603
Task: {525B5C77-C084-45E9-B983-0C1649663A99} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-03-24] ()
Task: {68236722-81C4-46BF-8D1B-486AF7DB84E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {6A06C999-CEBF-4E24-90AF-04BF5E15E5C8} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {6F2E5CA2-B665-43C3-9E67-7BE9BE38D09C} - System32\Tasks\{5D96EEC1-EBAC-4543-BD18-A94F7A530524} => pcalua.exe -a "D:\_Petr\programy\AutoDesk Mechnical 2013\AutodeskDownloadManagerSetup.exe" -d "d:\_Petr\programy\AutoDesk Mechnical 2013\"
Task: {7169CF70-4239-4E02-BB29-0DB56F9F8BCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22] (Google Inc.)
Task: {7435996A-9116-46D2-A833-690B49A5F0F1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {7F3B4589-557A-4469-A6DF-8F77CE1E22B4} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe
Task: {9F7D3917-0DEF-4EF2-A467-3BA81B3B3AC7} - System32\Tasks\{2D425B21-7AE0-4E2A-BA3A-035E167CD274} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {A9C4717D-5E0D-44D7-8E14-9D02A525B02A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {BD675C2D-0618-465F-89DE-0E487754E437} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C98661A7-7E79-4218-93BB-FA6527491E68} - System32\Tasks\Driver Booster SkipUAC (Petr) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-07-01 21:43 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-05-15 19:10 - 2012-03-15 06:48 - 00127320 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-03-27 00:49 - 2015-03-27 01:01 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-05-15 19:39 - 2010-05-04 20:00 - 00237056 _____ () C:\windows\SYSTEM32\APOMgr64.DLL
2014-12-13 00:25 - 2014-12-13 00:25 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-26 04:42 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-26 04:42 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll
2014-10-17 11:37 - 2014-10-17 11:37 - 00172544 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-05-15 19:12 - 2012-02-02 01:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-15 19:10 - 2012-03-06 09:27 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-984795046-312569605-1762408917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NortonOnlineBackup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C92C20C3-64FC-463E-B1DC-D9BDB8F438CB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{54261BA7-E9DA-40C2-9301-7494B0658973}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F230454-99E2-4280-A9D0-E1B987432ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D348B74E-75F3-46A9-A6D4-3F2B0301EE84}] => (Allow) LPort=2869
FirewallRules: [{751F813A-85C2-46A3-A7C9-ADC06B34CE9B}] => (Allow) LPort=1900
FirewallRules: [{1FC6101C-4F40-4548-A222-99B42F174CDC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DBEFDEE9-324F-4580-B4B4-D0A79F37CC61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AC499AB1-719D-453A-9023-C01CE4143F11}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{C7D0FBB0-CF0D-4ECD-824D-F30EFA0A2979}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{EEBF65C8-6795-4106-985A-3B04DE9D62C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F2E737D-62C6-49E4-B68D-94FBFEC553E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F45511B6-97EE-4153-AE5D-D8B3B9EC6471}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3EE26DCB-E75B-407A-AD07-3A098BA518D7}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{43BFE0D6-3CDF-403A-AF76-90A265B7F77C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6F4F557C-62CB-43D4-B992-27FA589669FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CE40FC2C-4503-4AE8-B25A-4D56699A4EC4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{D0AA8F7D-DCCF-4C0B-B7DE-474D2FC29A17}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7B5136DC-A111-451A-8B7E-9380E0F3CF2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{010BEFA1-5C2D-427D-8E51-10A6CCFBA658}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E73A5C39-1A34-45D2-8E7F-12BE5449D2D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{489A6F5F-C766-4440-8628-2B31C95F7DE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A725EC1B-ED5F-4ABF-8623-415E3628DF56}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3836ED18-B136-482D-B8A6-8358D761789F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{844DC6AF-73E7-4775-84AE-ACA1530A20CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28B1ED2-4BBD-434A-A1C0-8714E29CB40C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2957BFDC-D744-4655-B1DD-45B5D82BFF3A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B7FE1E76-531A-4468-B551-709E70D0689D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E7637F88-AB37-4177-855B-A6CB1F816C1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3743D5F7-FCAD-4D75-98F8-9D334ADBCDE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{430630F8-CC1A-4C91-A4D0-A944F1882758}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76FF18AF-6CB0-479C-A99C-DC52F3D2F5FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{32933738-9762-4A62-BD74-215EC794AB55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D9F94B61-FDAA-44B5-897D-05F028A79340}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9962E015-64B3-4BDC-9C4F-E2837428EA3A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0F781980-80D4-42B5-B6B4-93CBA3F22D1D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3ADB0C7-A034-476F-8F2D-EB2E4411558D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E996D305-9C0E-4F4B-B856-2DD718B90E50}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{58AF28AE-927D-4BFC-9FA7-C6494AFA2C94}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{6C7B1C89-27E9-423C-B614-CB7938370DEE}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{78DFAAFE-D346-4E20-9A7E-6BACDDBEFB86}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{53ECEE3F-7B0B-47FC-966A-7431CE916437}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet SetupManager V2\SManager.exe
FirewallRules: [{9334538A-7B87-44BE-90A7-81C2EDE62154}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet SetupManager V2\SManager.exe
FirewallRules: [{8583179B-753A-485E-871B-906A22032924}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{239705E9-CEA6-4B87-8B0D-584B2C4C67CD}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{298A5F96-BE90-4FB5-A080-56EBE36B1B3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{855A443A-1803-4FFB-9ECB-C0EA300A48EC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A17395DF-35AF-4EC7-AEE1-08003187987E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3FEC1C53-04C1-427F-B59D-05191237A6A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{00F1E455-447F-4B1B-B05C-E138C29DB496}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{6043A2DF-4B71-4F21-B396-4B2FAAB292A0}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{11545B75-CA14-4842-BA73-FFB6395CB745}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{77632F4C-5939-434F-BF17-9E5632278513}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{979BB4F7-5456-498A-8F3D-2F9A35BDC1A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2015 10:23:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 na řádku C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/28/2015 10:23:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 na řádku C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/28/2015 10:19:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (07/27/2015 03:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/28/2015 10:31:51 AM) (Source: DCOM) (EventID: 10016) (User: Petr-MSI)
Description: výchozí pro počítačMístníAktivace{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Petr-MSIPetrS-1-5-21-984795046-312569605-1762408917-1001LocalHost (pomocí LRPC)

Error: (07/28/2015 10:31:49 AM) (Source: DCOM) (EventID: 10016) (User: Petr-MSI)
Description: výchozí pro počítačMístníAktivace{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Petr-MSIPetrS-1-5-21-984795046-312569605-1762408917-1001LocalHost (pomocí LRPC)

Error: (07/28/2015 10:30:58 AM) (Source: DCOM) (EventID: 10016) (User: Petr-MSI)
Description: výchozí pro počítačMístníAktivace{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Petr-MSIPetrS-1-5-21-984795046-312569605-1762408917-1001LocalHost (pomocí LRPC)

Error: (07/28/2015 10:26:16 AM) (Source: DCOM) (EventID: 10016) (User: Petr-MSI)
Description: výchozí pro počítačMístníAktivace{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Petr-MSIPetrS-1-5-21-984795046-312569605-1762408917-1001LocalHost (pomocí LRPC)

Error: (07/28/2015 10:26:01 AM) (Source: DCOM) (EventID: 10016) (User: Petr-MSI)
Description: výchozí pro počítačMístníAktivace{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Petr-MSIPetrS-1-5-21-984795046-312569605-1762408917-1001LocalHost (pomocí LRPC)

Error: (07/28/2015 10:20:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (07/28/2015 10:20:13 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/28/2015 10:17:52 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Výchozí správce prostředků transakcí na svazku \\?\Volume{de9bfcbb-04fa-11e2-897b-806e6f6e6963} zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby.

Error: (07/27/2015 04:54:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (07/27/2015 03:44:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069


Microsoft Office:
=========================
Error: (07/28/2015 10:23:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (07/28/2015 10:23:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files\CCleaner\CCleaner64.exe

Error: (07/28/2015 10:19:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path23808600

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path21808600

Error: (07/28/2015 10:17:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path18808600

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name23808600

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name21808600

Error: (07/28/2015 10:17:56 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name18808600

Error: (07/27/2015 03:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Error:
===================================
Date: 2014-07-01 21:35:34.368
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-01 21:35:34.308
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-01 21:35:34.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-01 21:35:34.178
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-09-16 05:35:40.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-09-15 11:49:41.749
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-09-14 09:16:07.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-09-13 15:19:06.924
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-09-11 15:06:32.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-09-09 16:28:44.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 58%
Total physical RAM: 3992.95 MB
Available physical RAM: 1670.04 MB
Total Virtual: 7984.1 MB
Available Virtual: 5013.09 MB

==================== Drives ================================

Drive c: (OS_7) (Fixed) (Total:154.79 GB) (Free:27.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:65.46 GB) (Free:10.81 GB) NTFS
Drive i: (ADATA) (Fixed) (Total:1863.02 GB) (Free:603.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: E5729EF2)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=48 MB) - (Type=27)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=65.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 00001AAE)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of log ============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#8 Příspěvek od Márty84 »

:arrow: Vypnete trvale Windows Defender.

:arrow: Odinstalujte IObit Apps Toolbar a nejlepe vse od IObit. Dokaze to nadelat vic skody nez uzitku.



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com

BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#9 Příspěvek od Masek33 »

Windows Defender je vpnutý, ale ten Toolbar mi nejde odinstalovat. Nemůže to najít zdroj souboru, tak nevím jestli sem ho už dříve nesmazal jiným programem...

Snad jsem to s tím FRTS udělal správně:

Fix result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by Petr (2015-07-29 12:38:20) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: UpdatusUser & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com

BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File Not ' & $found1 & '

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-22 116648]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-984795046-312569605-1762408917-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}" => key removed successfully
"HKCR\CLSID\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
Winsock: Catalog entry 000000000007 => removed successfully
Winsock: Catalog entry 000000000008 => removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
AdobeARMservice => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
AdobeFlashPlayerUpdateSvc => service removed successfully
gupdatem => service removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackup => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 639.3 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 12:38:39 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#10 Příspěvek od Márty84 »

Masek33 píše:ale ten Toolbar mi nejde odinstalovat. Nemůže to najít zdroj souboru, tak nevím jestli sem ho už dříve nesmazal jiným programem...
Zrejme ho odstrelil treba ADWCleaner. Tak to co zbylo normalne smazte.



:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#11 Příspěvek od Masek33 »

Márty84 píše:Zrejme ho odstrelil treba ADWCleaner. Tak to co zbylo normalne smazte.
Právě že ani odmazat nejde z Programů (zkoušel jsem to jako přes CCleaner, tak normálně Windows - ovládací panely - Programy a funkce)

- CCleaner používám pravidelně (cca jednou za 14 dní pročistím ntb)

- V ntb mám pouze SSD disk, takže mi odpadá defragmentování

Jinak ntb šlape jak má, jen mě zarazil ten nález v Malwarebytes... tak jsem pro jistotu napsal :)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#12 Příspěvek od Márty84 »

Masek33 píše:Právě že ani odmazat nejde z Programů (zkoušel jsem to jako přes CCleaner, tak normálně Windows - ovládací panely - Programy a funkce)
Myslel jsem smazat natvrdo. Kliknout na jeho slozku v pruzkumniku a DELETE.


Logy uz jsou ciste, takze pokud vse bezi jak ma, mame hotovo :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#13 Příspěvek od Masek33 »

V průzkumníku jsem ho nenašel.

BTW teď jsem zkoušel jen tak zběžně vyzkoušet výkon ntb, pustil jsem BF3 a nemám z toho dobrý pocit... hrozný dropy FPS. Nevím zda to je problém grafické karty. Ovladače bych měl mít ty nejnovější.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivní kontrola + nález v MB

#14 Příspěvek od Márty84 »

Zkuste ovladac preinstalovat.


:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Preventivní kontrola + nález v MB

#15 Příspěvek od Masek33 »

Ovladač přeinstalován, ještě vyzkouším jestli se něco změnilo...

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2015/07/31 14:39:10

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- Samsung SSD 840 EVO 250G
- PIONEER DVD-RW DVRTD11RS

-- Disk List ---------------------------------------------------------------
(1) Samsung SSD 840 EVO 250GB : 250,0 GB [0/0/0, pd1] - sg
(2) TOSHIBA MQ01ABB200 : 2000,3 GB [1/X/X, sa1] (V=125F, P=A31A)

----------------------------------------------------------------------------
(1) Samsung SSD 840 EVO 250GB
----------------------------------------------------------------------------
Model : Samsung SSD 840 EVO 250GB
Firmware : EXT0BB6Q
Serial Number : S1DBNSBF364674X
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 4c
Transfer Mode : SATA/600
Power On Hours : 3054 hod.
Power On Count : 567 krát
Host Writes : 4254 GB
Wear Level Count : 29
Temparature : 38 C (100 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Reallocated Sector Count
09 _99 _99 __0 000000000BEE Power-on Hours
0C _99 _99 __0 000000000237 Power-on Count
B1 _97 _97 __0 00000000001D Wear Leveling Count
B3 100 100 _10 000000000000 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 100 100 _10 000000000000 Runtime Bad Block (Total)
BB 100 100 __0 000000000000 Uncorrectable Error Count
BE _62 _49 __0 000000000026 Airflow Temperature
C3 200 200 __0 000000000000 ECC Error Rate
C7 100 100 __0 000000000000 CRC Error Count
EB _99 _99 __0 000000000002 POR Recovery Count
F1 _99 _99 __0 000213DAE21A Total LBA Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 5331 4442 4E53 4246 3336 3734 3734 5820 2020 2020
020: 0000 0000 0000 4558 5430 3651 3651 5361 6D73 756E
030: 6720 5353 4420 3834 3020 4F20 4F20 3235 3047 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 850E 850E 0046 006C 006C
080: 03FC 0039 746B 7D01 4163 BC01 BC01 4163 407F 0001
090: 0004 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 5002 5388
110: A030 79B2 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 92A5

----------------------------------------------------------------------------
(2) TOSHIBA MQ01ABB200
----------------------------------------------------------------------------
Enclosure : ADATA HV620 USB Device (V=125F, P=A31A, sa1)
Model : TOSHIBA MQ01ABB200
Firmware : AY000U
Serial Number : 53IOP39FT
Disk Size : 2000,3 GB (8,4/137,4/2000,3)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 4061 hod.
Power On Count : 936 krát
Temparature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000001359 Čas na roztočení ploten
04 100 100 __0 0000000003A8 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _90 _90 __0 000000000FDD Hodin v činnosti
0A 118 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000003A8 Počet cyklů zapnutí zařízení
BF 100 100 __0 00000000000B Počet udalostí zaznamenaných otřesovým senzorem
C0 _99 _99 __0 0000000002AA Počet vypnutí disku
C1 _98 _98 __0 000000006D87 Počet cyklů načítání/vymazání
C2 100 100 __0 002C000B001E Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _98 _98 __0 000000000486 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 00000000010D Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3349 3349 4F50 3339 4654
020: 0000 4000 0000 4159 3030 2020 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4232 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0004 004C 0040
080: 01F8 0000 746B 7D09 6163 BC09 BC09 6163 103F 00DC
090: 00DC 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 6003 6003 0000 5000 0394
110: C2D0 4D77 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4BA5
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“