VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vypíná se mi počítač

https://forum.viry.cz:443/viewtopic.php?t=139276

Stránka 1 z 2

Vypíná se mi počítač

Napsal: 22 črc 2014 17:03
od Holldir
Mám problém s tím, že se mi vypne počítač. Měl jsme za to, že to způsobovala přehřátá grafika se kterou jsem měl před časem technické problémy. Podle kámoše to dělá něco jiného tak snad by mi někdo poradil

Mám už celkem starou Ati Radeon 5770
http://www.czc.cz/msi-r5770-pmd1g-pci-e/72029/produkt

Před měsícem cca mi vypadl větrák. Kápl jsem do něj trochu oleje a zase se rozjel. Bednu jsem nechal otevřenou. Před pár dny se mi poprvé počítač vypnul a i několikrát poté. Grafiku jsem vyčistil od prachu kterým byla zahlcená. Nyní má grafika teplotu při běžícím systému kolem 52%. Bude to dle mě asi moc
Budu rád za každou pomoc:)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Frank at 2014-07-22 18:04:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 210 GB (60%) free of 350 GB
Total RAM: 8183 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:58, on 22.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
D:\Programy\Garena Plus\ggdllhost.exe
D:\Programy\Game Booster 3\gbtray.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe
D:\Programy\Torrent\utorrent.exe
D:\Programy\SpeedFan\speedfan.exe
D:\Programy\Avast\avastUi.exe
C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\AdbUpdate.exe
C:\Program Files\trend micro\Frank.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
O2 - BHO: TrustMediaViewerV1alpha3354 - {0666f299-cba0-46f0-82a3-4b4f43d9fa64} - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354.dll
O2 - BHO: VideoPlayerV3beta278 - {2592c4c9-97dc-41bc-841e-861c515d0558} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ie\VideoPlayerV3beta278.dll
O2 - BHO: Slick Savings - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Frank\AppData\Roaming\Slick Savings\Coupons.dll
O2 - BHO: MediaViewV1alpha6717 - {5d670909-08bf-4bae-9b8d-b1a651e96b83} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6717\ie\MediaViewV1alpha6717.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: MediaPlayerV1alpha876 - {b03109c3-d2bf-457d-9d39-92d074b46a8f} - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha876\ie\MediaPlayerV1alpha876.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: MediaViewV1alpha5 - {e3e2a9db-5317-421b-acc6-0b298c44ce8b} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5\ie\MediaViewV1alpha5.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MzRAMBooster] D:\Programy\Mz RAM Booster\MzRAMBooster.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Slick Savings] "C:\Users\Frank\AppData\Roaming\Slick Savings\CouponsHelper.exe"
O4 - HKCU\..\Run: [Steam] "D:\Programy\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [GarenaPlus] "D:\Programy\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: wupdate.exe
O4 - Global Startup: GamePark klient 2.lnk = D:\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Unknown owner - C:\Windows\system32\pr2agqwb.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.7 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 14192 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\Windows\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
taskeng.exe {5FE4084C-20C5-4DAB-BE9D-C98F51C90D4F}
C:\Windows\SysWOW64\netupdsrv.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {4E8BCC9F-C763-4C62-9671-34DA410A009C}
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"D:\Programy\Garena Plus\ggdllhost.exe" "D:\Programy\Garena Plus\ggspawn.dll",rundll_entry
"D:\Programy\Game Booster 3\gbtray.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"D:\Programy\Mz RAM Booster\MzRAMBooster.exe"
"C:\Program Files (x86)\Overwolf\Overwolf.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-11934913251830843408-242653796-1607248790-1084906786-1280885116-12475300112078438554
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3052
szndesktop.exe default start
"C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-1169613408-5320915821787937269166984018917899363893588623251410366938-368560106
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe" HOOK -Dwthx183.dll -IE"DefaultScope" -GC"C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Web Data" -FF"C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\Prefs.js"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
ctfmon.exe
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0" "overwolfprocid=3160"
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0\x64\OWExplorerLauncher.dll
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"D:\Programy\Torrent\utorrent.exe"
"D:\Programy\SpeedFan\speedfan.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"D:\Programy\Avast\AvastSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
D:\Programy\Avast\avastUi.exe
"C:\Program Files\Windows Sidebar\sidebar.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\AdbUpdate.exe" /cplugin

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Download\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000Core.job - C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000UA.job - C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle
C:\Windows\tasks\Registry Optimizer_DEFAULT.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -default
C:\Windows\tasks\Registry Optimizer_UPDATES.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default

prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =800236&p="
prefs.js - "keyword.url" - "http://search.yahoo.com/search?fr=green ... =800236&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Frank\AppData\Roaming\raidcall\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=D:\Programy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\extensions\
adremoveext@adremoveext.net
ascsurfingprotection@iobit.com
edauyoeae@mpdmxjws.co.uk
krvd.7dwc@zvcaieey-.co.uk
ntk2-dfj@azggj-oa.net
uoio.04k@mywzmsy-.net
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
TrustMediaViewerV1alpha3354 - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354x64.dll [2014-06-26 102912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-18 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Slick Savings - C:\Users\Frank\AppData\Roaming\Slick Savings\Coupons64.dll [2014-07-05 728424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE64.dll [2014-07-22 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll [2014-05-26 1398592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354.dll [2014-06-26 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2592c4c9-97dc-41bc-841e-861c515d0558}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ie\VideoPlayerV3beta278.dll [2014-01-07 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Slick Savings - C:\Users\Frank\AppData\Roaming\Slick Savings\Coupons.dll [2014-07-05 609128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d670909-08bf-4bae-9b8d-b1a651e96b83}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6717\ie\MediaViewV1alpha6717.dll [2014-02-27 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE.dll [2014-07-22 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll [2014-06-03 3594264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b03109c3-d2bf-457d-9d39-92d074b46a8f}]
Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha876\ie\MediaPlayerV1alpha876.dll [2014-01-28 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3e2a9db-5317-421b-acc6-0b298c44ce8b}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5\ie\MediaViewV1alpha5.dll [2014-02-26 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE64.dll [2014-05-26 1997120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll [2014-06-03 3594264]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.3\iobitappsToolbarIE.dll [2014-05-26 1398592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-03 13651672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-18 2285344]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"MzRAMBooster"=D:\Programy\Mz RAM Booster\MzRAMBooster.exe [2011-02-10 295936]
"Facebook Update"=C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-18 138096]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2014-06-10 39712]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2014-06-24 300840]
"Slick Savings"=C:\Users\Frank\AppData\Roaming\Slick Savings\CouponsHelper.exe [2014-02-13 832320]
"Steam"=D:\Programy\Steam\Steam.exe [2014-04-24 1825984]
"GarenaPlus"=D:\Programy\Garena Plus\GarenaMessenger.exe [2014-06-11 9936176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-06 102400]
"vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2014-06-03 2567192]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2014-05-26 1404736]
"AvastUI.exe"=D:\Programy\Avast\AvastUI.exe [2014-07-22 4086432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - D:\Programy\GamePark2\gpcl.exe

C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
wupdate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\hry\Loki\Loki.exe"="D:\hry\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\msdrm.dll
2014-07-22 17:27:58 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-07-22 17:27:38 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll20140722175416.dll
2014-07-22 17:27:38 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll20140722172757.dll
2014-07-22 17:27:38 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-07-22 17:27:35 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-07-22 16:40:22 ----D---- C:\Users\Frank\AppData\Roaming\AVAST Software
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-22 16:39:55 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-22 16:39:54 ----A---- C:\Windows\avastSS.scr
2014-07-22 16:38:45 ----D---- C:\ProgramData\AVAST Software
2014-07-22 16:30:04 ----SHD---- C:\Config.Msi
2014-07-22 16:21:39 ----D---- C:\Program Files\trend micro
2014-07-22 16:21:38 ----D---- C:\rsit
2014-07-22 15:30:45 ----A---- C:\awh6E2.tmp
2014-07-22 11:02:15 ----A---- C:\awh15FF.tmp
2014-07-21 19:03:11 ----A---- C:\awh2164.tmp
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\lcpmncydkypr.exe
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\dcgmncydkypr.exe
2014-07-21 18:02:39 ----AS---- C:\Windows\SYSWOW64\acumncydkypr.exe
2014-07-21 16:53:56 ----A---- C:\awh1FA0.tmp
2014-07-21 16:30:34 ----A---- C:\awh109.tmp
2014-07-21 15:36:24 ----A---- C:\awh5724.tmp
2014-07-21 10:40:58 ----A---- C:\awhA717.tmp
2014-07-20 21:18:00 ----A---- C:\awhBC7B.tmp
2014-07-20 19:20:12 ----A---- C:\awhD91F.tmp
2014-07-17 15:42:33 ----A---- C:\awh28F.tmp
2014-07-17 14:11:55 ----A---- C:\awhF862.tmp
2014-07-17 10:49:51 ----A---- C:\awh57FE.tmp
2014-07-17 10:37:45 ----A---- C:\awh5E55.tmp
2014-07-17 09:58:47 ----A---- C:\awh81DB.tmp
2014-07-16 13:07:18 ----A---- C:\awh732C.tmp
2014-07-16 05:08:21 ----SH---- C:\Trainer.dll
2014-07-16 01:39:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-15 21:05:36 ----A---- C:\awhEA0.tmp
2014-07-15 20:43:28 ----A---- C:\awhC3F.tmp
2014-07-15 18:47:00 ----A---- C:\awhE281.tmp
2014-07-15 18:37:28 ----A---- C:\awh943.tmp
2014-07-15 12:06:30 ----A---- C:\awhF8B0.tmp
2014-07-14 18:42:52 ----A---- C:\awhE629.tmp
2014-07-14 12:48:46 ----A---- C:\awh11EA.tmp
2014-07-14 00:42:10 ----A---- C:\awh646.tmp
2014-07-13 13:27:59 ----A---- C:\awh1831.tmp
2014-07-12 13:24:00 ----A---- C:\awh2DF2.tmp
2014-07-11 18:31:05 ----A---- C:\awh7169.tmp
2014-07-11 13:07:30 ----A---- C:\awh1BE8.tmp
2014-07-10 12:06:59 ----A---- C:\awh27EA.tmp
2014-07-09 13:06:40 ----A---- C:\awh2635.tmp
2014-07-09 09:28:56 ----A---- C:\Windows\system32\drivers\nethfdrv.sys
2014-07-09 09:28:30 ----A---- C:\Windows\SYSWOW64\installd.exe
2014-07-09 09:28:08 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2014-07-09 09:28:00 ----A---- C:\Windows\SYSWOW64\hfpapi.dll
2014-07-08 09:06:43 ----A---- C:\awh1C65.tmp
2014-07-07 10:06:38 ----A---- C:\awh1515.tmp
2014-07-06 12:08:44 ----A---- C:\awh6C3.tmp
2014-07-05 11:44:55 ----A---- C:\awh675.tmp
2014-07-04 15:49:19 ----A---- C:\awhE60A.tmp
2014-07-04 13:06:47 ----A---- C:\awh114E.tmp
2014-07-03 13:07:15 ----A---- C:\awh7493.tmp
2014-07-02 12:41:25 ----A---- C:\awh35CF.tmp
2014-07-02 12:39:22 ----D---- C:\Users\Frank\AppData\Roaming\QuickScan
2014-07-01 10:08:45 ----A---- C:\awh740.tmp
2014-07-01 02:37:55 ----A---- C:\awh560B.tmp
2014-07-01 01:34:23 ----A---- C:\awh56E5.tmp
2014-06-30 12:07:04 ----A---- C:\awh619F.tmp
2014-06-29 13:13:07 ----A---- C:\awh35CE.tmp
2014-06-28 18:26:04 ----D---- C:\Program Files (x86)\TrustMediaViewerV1
2014-06-28 18:09:10 ----A---- C:\awhDC8.tmp
2014-06-26 16:01:00 ----A---- C:\awh38DA.tmp
2014-06-25 17:33:11 ----A---- C:\awh1B2D.tmp
2014-06-24 15:50:30 ----A---- C:\awhDA6.tmp
2014-06-23 16:22:22 ----A---- C:\awh5E45.tmp

======List of files/folders modified in the last 1 month======

2014-07-22 18:04:57 ----D---- C:\Windows\Temp
2014-07-22 18:04:29 ----D---- C:\Users\Frank\AppData\Roaming\Skype
2014-07-22 17:54:28 ----D---- C:\Windows\system32\Tasks
2014-07-22 17:54:16 ----D---- C:\Windows\System32
2014-07-22 17:53:09 ----D---- C:\Windows\winsxs
2014-07-22 17:53:07 ----D---- C:\Windows\system32\catroot2
2014-07-22 17:53:07 ----D---- C:\Windows\system32\catroot
2014-07-22 17:48:28 ----D---- C:\Users\Frank\AppData\Roaming\TS3Client
2014-07-22 17:46:07 ----D---- C:\Users\Frank\AppData\Roaming\AIMP3
2014-07-22 17:46:05 ----SHD---- C:\Windows\Installer
2014-07-22 17:46:05 ----D---- C:\Windows\Microsoft.NET
2014-07-22 17:45:54 ----HD---- C:\ProgramData
2014-07-22 17:44:15 ----D---- C:\Programy
2014-07-22 17:40:46 ----SHD---- C:\System Volume Information
2014-07-22 17:38:23 ----D---- C:\Windows\SysWOW64
2014-07-22 17:38:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-07-22 17:38:15 ----D---- C:\Windows\inf
2014-07-22 17:38:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-22 17:37:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-22 17:37:20 ----D---- C:\Windows\system32\cs-CZ
2014-07-22 17:36:59 ----D---- C:\Windows\system32\config
2014-07-22 17:36:37 ----D---- C:\Windows\Logs
2014-07-22 17:36:37 ----D---- C:\Windows
2014-07-22 17:27:35 ----D---- C:\Windows\system32\drivers
2014-07-22 17:27:31 ----D---- C:\Program Files (x86)\IObit
2014-07-22 17:27:29 ----D---- C:\Users\Frank\AppData\Roaming\IObit
2014-07-22 17:11:45 ----D---- C:\Windows\Tasks
2014-07-22 16:40:09 ----D---- C:\Windows\Prefetch
2014-07-22 16:39:11 ----RD---- C:\Program Files
2014-07-22 16:32:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-22 16:31:42 ----D---- C:\ProgramData\MFAData
2014-07-22 16:28:11 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-07-22 16:04:02 ----SD---- C:\ProgramData\Microsoft
2014-07-22 15:30:51 ----D---- C:\Users\Frank\AppData\Roaming\Seznam.cz
2014-07-22 15:27:11 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-07-21 18:04:31 ----SD---- C:\Users\Frank\AppData\Roaming\Microsoft
2014-07-21 18:02:39 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-07-21 17:43:01 ----RSD---- C:\Windows\assembly
2014-07-17 19:09:41 ----D---- C:\ProgramData\YTD Video Downloader
2014-07-16 01:39:15 ----RD---- C:\Program Files (x86)
2014-07-16 01:04:11 ----D---- C:\Users\Frank\AppData\Roaming\vlc
2014-07-09 20:01:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-05 14:22:58 ----D---- C:\Users\Frank\AppData\Roaming\Tunngle
2014-07-05 14:22:58 ----D---- C:\ProgramData\Tunngle
2014-07-05 13:00:48 ----D---- C:\Users\Frank\AppData\Roaming\Slick Savings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-22 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pe3agqwb;Loki Environment Driver (pe3agqwb); C:\Windows\system32\drivers\pe3agqwb.sys [2007-11-14 72296]
R0 ps7agqwb;Loki Synchronization Driver (ps7agqwb); C:\Windows\system32\drivers\ps7agqwb.sys [2007-11-14 102000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-22 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-22 1041168]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-06-03 50464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-07-09 46160]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-08-07 57776]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-22 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-22 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-22 92008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-07 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-10 3640024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
R4 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R4 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R4 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R4 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R4 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-22 65776]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-22 427360]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S4 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys []
S4 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-07 202752]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-05-26 807800]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\AvastSvc.exe [2014-07-22 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-05-15 342336]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2014-06-24 430888]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-19 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vToolbarUpdater18.1.7;vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [2014-06-03 1808408]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432]
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 pr2agqwb;Loki Drivers Auto Removal (pr2agqwb); C:\Windows\system32\pr2agqwb.exe [2007-11-14 777576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-01-10 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-03 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-06-10 976672]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 TunngleService;TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 18:36
od Rudy
Zdravím?
52%, nebo °? Pokud °C, pak je to v pořádku. Z logu vyplývá, že v PC je celkem dost Adwarů a zbytečností. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 18:43
od Holldir
Ach pravda. Teplota ne procenta. Zkusím a pošlu

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 18:46
od Rudy
OK.

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 18:50
od Holldir
# AdwCleaner v3.216 - Report created 22/07/2014 at 19:46:13
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Frank - FRANK-PC
# Running from : C:\Users\Frank\Desktop\adwcleaner_3.216.exe
# Option : Scan

***** [ Services ] *****

Service Found : Application Updater
Service Found : nethfdrv
Service Found : NethxxpService
Service Found : pcsuservice
Service Found : ServiceUpdater
Service Found : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedanalysis.com_0.localstorage
File Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\Extensions\savingsslider@mybrowserbar.com.xpi
File Found : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\user.js
File Found : C:\Windows\System32\drivers\nethfdrv.sys
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Driver Booster Scan
File Found : C:\Windows\System32\Tasks\Driver Booster Update
File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
File Found : C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
File Found : C:\Windows\SysWOW64\hfpapi.dll
File Found : C:\Windows\SysWOW64\installd.exe
File Found : C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\Spigot
Folder Found : C:\Program Files (x86)\goforfiles
Folder Found : C:\Program Files (x86)\greatsaver
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Program Files (x86)\GS-Enabler
Folder Found : C:\Program Files (x86)\IObit Apps Toolbar
Folder Found : C:\Program Files (x86)\IObit\Driver Booster
Folder Found : C:\Program Files (x86)\MediaBuzzV1
Folder Found : C:\Program Files (x86)\MediaPlayerV1
Folder Found : C:\Program Files (x86)\MediaViewerV1
Folder Found : C:\Program Files (x86)\MediaViewV1
Folder Found : C:\Program Files (x86)\MediaWatchV1
Folder Found : C:\Program Files (x86)\RichMediaViewV1
Folder Found : C:\Program Files (x86)\SerialTrunc
Folder Found : C:\Program Files (x86)\VideoPlayerV3
Folder Found : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found : C:\Program Files (x86)\YoutubeAdblocker
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\DuIgiCoUpOn
Folder Found : C:\ProgramData\EExstRRaCouUppoin
Folder Found : C:\ProgramData\greatsaver
Folder Found : C:\ProgramData\House Of Soft
Folder Found : C:\ProgramData\IObit\Driver Booster
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Found : C:\ProgramData\YoutubeAdblocker
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgjinlflnhmhjbbmmpgmboacojlihge
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nimjbnflaepbckodhkjpdgnpbmkmopbb
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbpmhhddpmpjoadflpnneddedhioccn
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Frank\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Frank\AppData\Local\genienext
Folder Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found : C:\Users\Frank\AppData\Local\Mobogenie
Folder Found : C:\Users\Frank\AppData\Local\Slick Savings
Folder Found : C:\Users\Frank\AppData\Local\SwvUpdater
Folder Found : C:\Users\Frank\AppData\Local\torch
Folder Found : C:\Users\Frank\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\Frank\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Frank\AppData\Roaming\EZDownloader
Folder Found : C:\Users\Frank\AppData\Roaming\goforfiles
Folder Found : C:\Users\Frank\AppData\Roaming\IObit\Driver Booster
Folder Found : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\Extensions\krvd.7dwc@zvcaieey-.co.uk
Folder Found : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\Extensions\ntk2-dfj@azggj-oa.net
Folder Found : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\Extensions\uoio.04k@mywzmsy-.net
Folder Found : C:\Users\Frank\AppData\Roaming\newnext.me
Folder Found : C:\Users\Frank\AppData\Roaming\Nico Mak Computing
Folder Found : C:\Users\Frank\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Frank\AppData\Roaming\Slick Savings
Folder Found : C:\Users\Frank\Documents\PCSpeedUp
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgjinlflnhmhjbbmmpgmboacojlihge
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nimjbnflaepbckodhkjpdgnpbmkmopbb
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbpmhhddpmpjoadflpnneddedhioccn
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgjinlflnhmhjbbmmpgmboacojlihge
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nimjbnflaepbckodhkjpdgnpbmkmopbb
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbpmhhddpmpjoadflpnneddedhioccn
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\SerialTrunc
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Speedchecker Limited
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Search Settings
Key Found : [x64] HKCU\Software\SerialTrunc
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Speedchecker Limited
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E93A89A5-325D-4EF5-809D-819F657F498E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\Software\GS-Enabler
Key Found : HKLM\Software\MediaBuzzV1
Key Found : HKLM\Software\MediaPlayerV1
Key Found : HKLM\Software\MediaViewerV1
Key Found : HKLM\Software\MediaViewV1
Key Found : HKLM\Software\MediaWatchV1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\Software\SerialTrunc
Key Found : HKLM\Software\Speedchecker Limited
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Slick Savings]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\prefs.js ]


-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [16773 octets] - [22/07/2014 19:46:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16834 octets] ##########

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 18:53
od Rudy
Spusťte znovu ADW a klikněte na >Clean<. Pak dejte nový log RSIT.

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 19:13
od Holldir
Ok dal jsem clean a toto je novy rsit log

Logfile of random's system information tool 1.10 (written by random/random)
Run by Frank at 2014-07-22 20:11:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 210 GB (60%) free of 350 GB
Total RAM: 8183 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:58, on 22.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
D:\Programy\Garena Plus\ggdllhost.exe
D:\Programy\Game Booster 3\gbtray.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
D:\Programy\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\Torrent\utorrent.exe
C:\Program Files\trend micro\Frank.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: TrustMediaViewerV1alpha3354 - {0666f299-cba0-46f0-82a3-4b4f43d9fa64} - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354.dll
O2 - BHO: VideoPlayerV3beta278 - {2592c4c9-97dc-41bc-841e-861c515d0558} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ie\VideoPlayerV3beta278.dll (file missing)
O2 - BHO: MediaViewV1alpha6717 - {5d670909-08bf-4bae-9b8d-b1a651e96b83} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6717\ie\MediaViewV1alpha6717.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: MediaPlayerV1alpha876 - {b03109c3-d2bf-457d-9d39-92d074b46a8f} - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha876\ie\MediaPlayerV1alpha876.dll (file missing)
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: MediaViewV1alpha5 - {e3e2a9db-5317-421b-acc6-0b298c44ce8b} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5\ie\MediaViewV1alpha5.dll (file missing)
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MzRAMBooster] D:\Programy\Mz RAM Booster\MzRAMBooster.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [Steam] "D:\Programy\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [GarenaPlus] "D:\Programy\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: wupdate.exe
O4 - Global Startup: GamePark klient 2.lnk = D:\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Unknown owner - C:\Windows\system32\pr2agqwb.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12959 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Programy\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {A14A4B5A-F9AD-4436-B288-CF89CD0AD793}
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
atieclxx
taskeng.exe {6D4C068F-FFD2-4875-A521-BC63B2A8E8B1}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"D:\Programy\Garena Plus\ggdllhost.exe" "D:\Programy\Garena Plus\ggspawn.dll",rundll_entry
"D:\Programy\Game Booster 3\gbtray.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"D:\Programy\Mz RAM Booster\MzRAMBooster.exe"
szndesktop.exe default start
"C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-13817429041130719493-1485495607-1955199144-1627942772-80549276-941555115-2053981284
"C:\Program Files (x86)\Overwolf\Overwolf.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"D:\Programy\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0" "overwolfprocid=1084"
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0\x64\OWExplorerLauncher.dll
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5088.0.1999178257\1816853895" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.0.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.15.492816032\54069509" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.24.1233312480\770165297" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.25.14059294\2096309964" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.26.1885117181\256972498" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.27.1010716710\757137579" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5088.28.1586624010\1539764922" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.29.1999868160\912460335" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.30.171367189\2025683861" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.31.656787351\98923330" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.32.2103629005\1176604482" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.33.124356481\1012578155" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.34.646116375\1746600798" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/DeferBackgroundExtensionCreation/RateLimited/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="5088.35.1220426719\1824164197" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Programy\Torrent\utorrent.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\Download\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000Core.job - C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000UA.job - C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Registry Optimizer_DEFAULT.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -default
C:\Windows\tasks\Registry Optimizer_UPDATES.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default

prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =800236&p="
prefs.js - "keyword.url" - "http://search.yahoo.com/search?fr=green ... =800236&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Frank\AppData\Roaming\raidcall\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=D:\Programy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\extensions\
adremoveext@adremoveext.net
ascsurfingprotection@iobit.com
edauyoeae@mpdmxjws.co.uk
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
TrustMediaViewerV1alpha3354 - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354x64.dll [2014-06-26 102912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-18 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE64.dll [2014-07-22 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
Trust Media Viewer - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354.dll [2014-06-26 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2592c4c9-97dc-41bc-841e-861c515d0558}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta278\ie\VideoPlayerV3beta278.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d670909-08bf-4bae-9b8d-b1a651e96b83}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6717\ie\MediaViewV1alpha6717.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE.dll [2014-07-22 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b03109c3-d2bf-457d-9d39-92d074b46a8f}]
Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha876\ie\MediaPlayerV1alpha876.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3e2a9db-5317-421b-acc6-0b298c44ce8b}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5\ie\MediaViewV1alpha5.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-03 13651672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-18 2285344]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"MzRAMBooster"=D:\Programy\Mz RAM Booster\MzRAMBooster.exe [2011-02-10 295936]
"Facebook Update"=C:\Users\Frank\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-01-18 138096]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2014-06-10 39712]
"Steam"=D:\Programy\Steam\Steam.exe [2014-04-24 1825984]
"GarenaPlus"=D:\Programy\Garena Plus\GarenaMessenger.exe [2014-06-11 9936176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-06 102400]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"AvastUI.exe"=D:\Programy\Avast\AvastUI.exe [2014-07-22 4086432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - D:\Programy\GamePark2\gpcl.exe

C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
wupdate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\hry\Loki\Loki.exe"="D:\hry\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-22 19:58:33 ----SD---- C:\Windows\system32\CompatTel
2014-07-22 19:46:48 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-22 19:44:15 ----D---- C:\AdwCleaner
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\wdigest.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\schannel.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\kerberos.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\credssp.dll
2014-07-22 17:51:30 ----A---- C:\Windows\system32\aepdu.dll
2014-07-22 17:51:30 ----A---- C:\Windows\system32\aeinv.dll
2014-07-22 17:50:44 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-22 17:50:44 ----A---- C:\Windows\system32\win32k.sys
2014-07-22 17:50:44 ----A---- C:\Windows\system32\osk.exe
2014-07-22 17:50:18 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-22 17:50:18 ----A---- C:\Windows\system32\qedit.dll
2014-07-22 17:49:32 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-22 17:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-22 17:49:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-22 17:49:02 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-22 17:48:09 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-07-22 17:48:09 ----A---- C:\Windows\system32\usp10.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml6r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml6.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml3r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml3.dll
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\netio.sys
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-07-22 17:46:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-22 17:46:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-22 17:46:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-22 17:46:24 ----A---- C:\Windows\system32\mshtml.dll
2014-07-22 17:45:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-07-22 17:45:26 ----A---- C:\Windows\system32\shell32.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\winlogon.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\wincredprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\sspisrv.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\sspicli.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\secur32.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\objsel.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\lsass.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\KernelBase.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-07-22 17:44:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-07-22 17:44:40 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\dimsroam.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\cngprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\capiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\adprovider.dll
2014-07-22 17:44:39 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-07-22 17:43:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-07-22 17:42:57 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-07-22 17:42:57 ----A---- C:\Windows\system32\iologmsg.dll
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\storport.sys
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64win.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64cpu.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\ntvdm64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\kernel32.dll
2014-07-22 17:41:54 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-07-22 17:41:54 ----A---- C:\Windows\system32\wer.dll
2014-07-22 17:41:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-07-22 17:41:43 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-07-22 17:41:35 ----A---- C:\Windows\system32\wwansvc.dll
2014-07-22 17:41:25 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-07-22 17:41:25 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-07-22 17:41:25 ----A---- C:\Windows\system32\d3d10warp.dll
2014-07-22 17:41:25 ----A---- C:\Windows\system32\d2d1.dll
2014-07-22 17:38:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-22 17:38:55 ----A---- C:\Windows\system32\vbscript.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\msdrm.dll
2014-07-22 17:27:58 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-07-22 17:27:38 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-07-22 17:27:35 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-07-22 16:40:22 ----D---- C:\Users\Frank\AppData\Roaming\AVAST Software
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-22 16:39:55 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-22 16:39:54 ----A---- C:\Windows\avastSS.scr
2014-07-22 16:38:45 ----D---- C:\ProgramData\AVAST Software
2014-07-22 16:30:04 ----SHD---- C:\Config.Msi
2014-07-22 16:21:39 ----D---- C:\Program Files\trend micro
2014-07-22 16:21:38 ----D---- C:\rsit
2014-07-22 11:02:15 ----A---- C:\awh15FF.tmp
2014-07-21 19:03:11 ----A---- C:\awh2164.tmp
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\lcpmncydkypr.exe
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\dcgmncydkypr.exe
2014-07-21 18:02:39 ----AS---- C:\Windows\SYSWOW64\acumncydkypr.exe
2014-07-21 16:53:56 ----A---- C:\awh1FA0.tmp
2014-07-21 16:30:34 ----A---- C:\awh109.tmp
2014-07-21 15:36:24 ----A---- C:\awh5724.tmp
2014-07-21 10:40:58 ----A---- C:\awhA717.tmp
2014-07-20 21:18:00 ----A---- C:\awhBC7B.tmp
2014-07-20 19:20:12 ----A---- C:\awhD91F.tmp
2014-07-17 15:42:33 ----A---- C:\awh28F.tmp
2014-07-17 14:11:55 ----A---- C:\awhF862.tmp
2014-07-17 10:49:51 ----A---- C:\awh57FE.tmp
2014-07-17 10:37:45 ----A---- C:\awh5E55.tmp
2014-07-17 09:58:47 ----A---- C:\awh81DB.tmp
2014-07-16 13:07:18 ----A---- C:\awh732C.tmp
2014-07-16 05:08:21 ----SH---- C:\Trainer.dll
2014-07-16 01:39:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-15 21:05:36 ----A---- C:\awhEA0.tmp
2014-07-15 20:43:28 ----A---- C:\awhC3F.tmp
2014-07-15 18:47:00 ----A---- C:\awhE281.tmp
2014-07-15 18:37:28 ----A---- C:\awh943.tmp
2014-07-15 12:06:30 ----A---- C:\awhF8B0.tmp
2014-07-14 18:42:52 ----A---- C:\awhE629.tmp
2014-07-14 12:48:46 ----A---- C:\awh11EA.tmp
2014-07-14 00:42:10 ----A---- C:\awh646.tmp
2014-07-13 13:27:59 ----A---- C:\awh1831.tmp
2014-07-12 13:24:00 ----A---- C:\awh2DF2.tmp
2014-07-11 18:31:05 ----A---- C:\awh7169.tmp
2014-07-11 13:07:30 ----A---- C:\awh1BE8.tmp
2014-07-10 12:06:59 ----A---- C:\awh27EA.tmp
2014-07-09 13:06:40 ----A---- C:\awh2635.tmp
2014-07-09 09:28:08 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2014-07-08 09:06:43 ----A---- C:\awh1C65.tmp
2014-07-07 10:06:38 ----A---- C:\awh1515.tmp
2014-07-06 12:08:44 ----A---- C:\awh6C3.tmp
2014-07-05 11:44:55 ----A---- C:\awh675.tmp
2014-07-04 15:49:19 ----A---- C:\awhE60A.tmp
2014-07-04 13:06:47 ----A---- C:\awh114E.tmp
2014-07-03 13:07:15 ----A---- C:\awh7493.tmp
2014-07-02 12:41:25 ----A---- C:\awh35CF.tmp
2014-07-02 12:39:22 ----D---- C:\Users\Frank\AppData\Roaming\QuickScan
2014-07-01 10:08:45 ----A---- C:\awh740.tmp
2014-07-01 02:37:55 ----A---- C:\awh560B.tmp
2014-07-01 01:34:23 ----A---- C:\awh56E5.tmp
2014-06-30 12:07:04 ----A---- C:\awh619F.tmp
2014-06-29 13:13:07 ----A---- C:\awh35CE.tmp
2014-06-28 18:26:04 ----D---- C:\Program Files (x86)\TrustMediaViewerV1
2014-06-28 18:09:10 ----A---- C:\awhDC8.tmp
2014-06-26 16:01:00 ----A---- C:\awh38DA.tmp
2014-06-25 17:33:11 ----A---- C:\awh1B2D.tmp
2014-06-24 15:50:30 ----A---- C:\awhDA6.tmp
2014-06-23 16:22:22 ----A---- C:\awh5E45.tmp

======List of files/folders modified in the last 1 month======

2014-07-22 20:11:58 ----D---- C:\Windows\Temp
2014-07-22 20:07:07 ----D---- C:\Users\Frank\AppData\Roaming\Seznam.cz
2014-07-22 20:07:02 ----D---- C:\Windows\Microsoft.NET
2014-07-22 20:07:01 ----RSD---- C:\Windows\assembly
2014-07-22 20:05:50 ----D---- C:\Windows\system32\catroot2
2014-07-22 20:03:35 ----D---- C:\Users\Frank\AppData\Roaming\Skype
2014-07-22 20:01:54 ----D---- C:\Windows\Prefetch
2014-07-22 20:01:43 ----D---- C:\Windows\system32\Tasks
2014-07-22 20:01:33 ----D---- C:\Windows\winsxs
2014-07-22 20:00:52 ----D---- C:\Windows\system32\config
2014-07-22 20:00:48 ----D---- C:\Windows
2014-07-22 20:00:38 ----D---- C:\Windows\debug
2014-07-22 20:00:27 ----D---- C:\Windows\System32
2014-07-22 20:00:27 ----D---- C:\ProgramData\MFAData
2014-07-22 20:00:27 ----D---- C:\ProgramData\AVG2014
2014-07-22 20:00:01 ----D---- C:\Windows\system32\drivers
2014-07-22 19:58:33 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-22 19:58:33 ----D---- C:\Windows\SysWOW64
2014-07-22 19:58:33 ----D---- C:\Windows\system32\Dism
2014-07-22 19:58:33 ----D---- C:\Windows\system32\cs-CZ
2014-07-22 19:58:32 ----D---- C:\Windows\ehome
2014-07-22 19:58:32 ----D---- C:\Program Files\Windows Journal
2014-07-22 19:58:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-22 19:58:31 ----D---- C:\Windows\AppPatch
2014-07-22 19:58:29 ----D---- C:\Windows\system32\DriverStore
2014-07-22 19:58:29 ----D---- C:\Windows\inf
2014-07-22 19:57:45 ----D---- C:\Windows\Tasks
2014-07-22 19:57:38 ----D---- C:\Users\Frank\AppData\Roaming\IObit
2014-07-22 19:57:33 ----D---- C:\Program Files (x86)\Common Files
2014-07-22 19:57:32 ----RD---- C:\Program Files (x86)
2014-07-22 19:57:32 ----D---- C:\Program Files (x86)\IObit
2014-07-22 19:57:30 ----HD---- C:\ProgramData
2014-07-22 19:44:56 ----D---- C:\Users\Frank\AppData\Roaming\TS3Client
2014-07-22 17:53:07 ----D---- C:\Windows\system32\catroot
2014-07-22 17:46:07 ----D---- C:\Users\Frank\AppData\Roaming\AIMP3
2014-07-22 17:46:05 ----SHD---- C:\Windows\Installer
2014-07-22 17:44:15 ----D---- C:\Programy
2014-07-22 17:40:46 ----SHD---- C:\System Volume Information
2014-07-22 17:38:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-07-22 17:38:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-22 17:36:37 ----D---- C:\Windows\Logs
2014-07-22 16:39:11 ----RD---- C:\Program Files
2014-07-22 16:32:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-22 16:28:11 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-07-22 16:04:02 ----SD---- C:\ProgramData\Microsoft
2014-07-22 15:27:11 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-07-21 18:04:31 ----SD---- C:\Users\Frank\AppData\Roaming\Microsoft
2014-07-21 18:02:39 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-07-17 19:09:41 ----D---- C:\ProgramData\YTD Video Downloader
2014-07-16 01:04:11 ----D---- C:\Users\Frank\AppData\Roaming\vlc
2014-07-09 20:01:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-05 14:22:58 ----D---- C:\Users\Frank\AppData\Roaming\Tunngle
2014-07-05 14:22:58 ----D---- C:\ProgramData\Tunngle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-22 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-22 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pe3agqwb;Loki Environment Driver (pe3agqwb); C:\Windows\system32\drivers\pe3agqwb.sys [2007-11-14 72296]
R0 ps7agqwb;Loki Synchronization Driver (ps7agqwb); C:\Windows\system32\drivers\ps7agqwb.sys [2007-11-14 102000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-22 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-22 427360]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-06-03 50464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-08-07 57776]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-22 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-22 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-22 92008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-07 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-10 3640024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-07 202752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\AvastSvc.exe [2014-07-22 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-05-15 342336]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-19 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432]
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 pr2agqwb;Loki Drivers Auto Removal (pr2agqwb); C:\Windows\system32\pr2agqwb.exe [2007-11-14 777576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-01-10 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-03 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-06-10 976672]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 TunngleService;TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 20:54
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\TrustMediaViewerV1
C:\Program Files (x86)\VideoPlayerV3
C:\Program Files (x86)\MediaViewV1
C:\Program Files (x86)\MediaPlayerV1
C:\Users\Frank\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3846953067-3704150249-2008587710-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\awh*.tmp

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2592c4c9-97dc-41bc-841e-861c515d0558}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d670909-08bf-4bae-9b8d-b1a651e96b83}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b03109c3-d2bf-457d-9d39-92d074b46a8f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3e2a9db-5317-421b-acc6-0b298c44ce8b}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 21:08
od Holldir
Logfile of random's system information tool 1.10 (written by random/random)
Run by Frank at 2014-07-22 22:09:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 209 GB (60%) free of 350 GB
Total RAM: 8183 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:25, on 22.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
D:\Programy\Game Booster 3\gbtray.exe
D:\Programy\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
D:\Programy\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe
D:\Programy\Torrent\utorrent.exe
C:\Program Files\trend micro\Frank.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Programy\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MzRAMBooster] D:\Programy\Mz RAM Booster\MzRAMBooster.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [Steam] "D:\Programy\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [GarenaPlus] "D:\Programy\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\Torrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: wupdate.exe
O4 - Global Startup: GamePark klient 2.lnk = D:\Programy\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - D:\Programy\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Unknown owner - C:\Windows\system32\pr2agqwb.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11061 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"D:\Programy\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {AF95EF0A-1E6B-4B9D-AE05-DC5337A89F52}
taskeng.exe {B6F9FF5E-D376-412D-8C0C-B86896EDACD7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"D:\Programy\Game Booster 3\gbtray.exe"
"D:\Programy\Garena Plus\ggdllhost.exe" "D:\Programy\Garena Plus\ggspawn.dll",rundll_entry
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2444
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
szndesktop.exe default start
"D:\Programy\Mz RAM Booster\MzRAMBooster.exe"
"C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "362415419903936969-1897624243-1924502308-248219274-1151431130-394848884374635276
"C:\Program Files (x86)\Overwolf\Overwolf.exe" -silent
"C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"D:\Programy\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0" "overwolfprocid=1588"
"C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.76.1.0\x64\OWExplorerLauncher.dll
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"D:\Programy\Torrent\utorrent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Download\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Registry Optimizer_DEFAULT.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -default
C:\Windows\tasks\Registry Optimizer_UPDATES.job - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default

prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =800236&p="
prefs.js - "keyword.url" - "http://search.yahoo.com/search?fr=green ... =800236&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Frank\AppData\Roaming\raidcall\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=D:\Programy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=D:\Programy\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\extensions\
adremoveext@adremoveext.net
ascsurfingprotection@iobit.com
edauyoeae@mpdmxjws.co.uk
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\fjxhpoy1.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0666f299-cba0-46f0-82a3-4b4f43d9fa64}]
TrustMediaViewerV1alpha3354 - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3354\ie\TrustMediaViewerV1alpha3354x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-18 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE64.dll [2014-07-22 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - D:\Programy\Avast\aswWebRepIE.dll [2014-07-22 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-03 13651672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Frank\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Frank\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-18 2285344]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"MzRAMBooster"=D:\Programy\Mz RAM Booster\MzRAMBooster.exe [2011-02-10 295936]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2014-06-10 39712]
"Steam"=D:\Programy\Steam\Steam.exe [2014-04-24 1825984]
"GarenaPlus"=D:\Programy\Garena Plus\GarenaMessenger.exe [2014-06-11 9936176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"uTorrent"=D:\Programy\Torrent\utorrent.exe [2013-10-10 393728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-05-13 5181456]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-06 102400]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"AvastUI.exe"=D:\Programy\Avast\AvastUI.exe [2014-07-22 4086432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - D:\Programy\GamePark2\gpcl.exe

C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Frank\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
wupdate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\hry\Loki\Loki.exe"="D:\hry\Loki\Loki.exe:*:Enabled:Loki"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-22 21:59:08 ----D---- C:\_OTM
2014-07-22 19:58:33 ----SD---- C:\Windows\system32\CompatTel
2014-07-22 19:46:48 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-22 19:44:15 ----D---- C:\AdwCleaner
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-22 17:53:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\wdigest.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\schannel.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\kerberos.dll
2014-07-22 17:53:09 ----A---- C:\Windows\system32\credssp.dll
2014-07-22 17:51:30 ----A---- C:\Windows\system32\aepdu.dll
2014-07-22 17:51:30 ----A---- C:\Windows\system32\aeinv.dll
2014-07-22 17:50:44 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-22 17:50:44 ----A---- C:\Windows\system32\win32k.sys
2014-07-22 17:50:44 ----A---- C:\Windows\system32\osk.exe
2014-07-22 17:50:18 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-22 17:50:18 ----A---- C:\Windows\system32\qedit.dll
2014-07-22 17:49:32 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-22 17:49:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-22 17:49:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-22 17:49:02 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-22 17:48:09 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-07-22 17:48:09 ----A---- C:\Windows\system32\usp10.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml6r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml6.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml3r.dll
2014-07-22 17:47:33 ----A---- C:\Windows\system32\msxml3.dll
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\netio.sys
2014-07-22 17:47:09 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-07-22 17:46:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-22 17:46:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-22 17:46:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-22 17:46:24 ----A---- C:\Windows\system32\mshtml.dll
2014-07-22 17:45:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-07-22 17:45:26 ----A---- C:\Windows\system32\shell32.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\winlogon.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\wincredprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\sspisrv.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\sspicli.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\secur32.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\objsel.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\lsass.exe
2014-07-22 17:44:40 ----A---- C:\Windows\system32\KernelBase.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-07-22 17:44:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-07-22 17:44:40 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\dimsroam.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\cngprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\capiprovider.dll
2014-07-22 17:44:40 ----A---- C:\Windows\system32\adprovider.dll
2014-07-22 17:44:39 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-07-22 17:43:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-07-22 17:42:57 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-07-22 17:42:57 ----A---- C:\Windows\system32\iologmsg.dll
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\storport.sys
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-07-22 17:42:57 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\user.exe
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-07-22 17:42:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64win.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64cpu.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\wow64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\ntvdm64.dll
2014-07-22 17:42:32 ----A---- C:\Windows\system32\kernel32.dll
2014-07-22 17:41:54 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-07-22 17:41:54 ----A---- C:\Windows\system32\wer.dll
2014-07-22 17:41:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-07-22 17:41:43 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-07-22 17:41:35 ----A---- C:\Windows\system32\wwansvc.dll
2014-07-22 17:41:25 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-07-22 17:41:25 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-07-22 17:41:25 ----A---- C:\Windows\system32\d3d10warp.dll
2014-07-22 17:41:25 ----A---- C:\Windows\system32\d2d1.dll
2014-07-22 17:38:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-22 17:38:55 ----A---- C:\Windows\system32\vbscript.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc_isv.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\secproc.dll
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\RMActivate.exe
2014-07-22 17:37:18 ----A---- C:\Windows\system32\msdrm.dll
2014-07-22 17:27:58 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-07-22 17:27:38 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-07-22 17:27:35 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-07-22 16:40:22 ----D---- C:\Users\Frank\AppData\Roaming\AVAST Software
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-22 16:39:59 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-22 16:39:58 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-22 16:39:55 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-22 16:39:54 ----A---- C:\Windows\avastSS.scr
2014-07-22 16:38:45 ----D---- C:\ProgramData\AVAST Software
2014-07-22 16:30:04 ----SHD---- C:\Config.Msi
2014-07-22 16:21:39 ----D---- C:\Program Files\trend micro
2014-07-22 16:21:38 ----D---- C:\rsit
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\lcpmncydkypr.exe
2014-07-21 18:02:40 ----AS---- C:\Windows\SYSWOW64\dcgmncydkypr.exe
2014-07-21 18:02:39 ----AS---- C:\Windows\SYSWOW64\acumncydkypr.exe
2014-07-16 05:08:21 ----SH---- C:\Trainer.dll
2014-07-16 01:39:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-09 09:28:08 ----A---- C:\Windows\SYSWOW64\hfnapi.dll
2014-07-02 12:39:22 ----D---- C:\Users\Frank\AppData\Roaming\QuickScan

======List of files/folders modified in the last 1 month======

2014-07-22 22:09:24 ----D---- C:\Windows\Temp
2014-07-22 22:09:11 ----D---- C:\Users\Frank\AppData\Roaming\Skype
2014-07-22 22:07:33 ----D---- C:\Users\Frank\AppData\Roaming\Seznam.cz
2014-07-22 22:02:23 ----D---- C:\Windows\system32\Tasks
2014-07-22 21:59:48 ----D---- C:\Windows
2014-07-22 21:59:09 ----D---- C:\Windows\Tasks
2014-07-22 21:59:08 ----RD---- C:\Program Files (x86)
2014-07-22 21:55:53 ----D---- C:\Windows\Microsoft.NET
2014-07-22 21:51:25 ----RSD---- C:\Windows\assembly
2014-07-22 20:11:41 ----D---- C:\Windows\system32\config
2014-07-22 20:05:50 ----D---- C:\Windows\system32\catroot2
2014-07-22 20:01:54 ----D---- C:\Windows\Prefetch
2014-07-22 20:01:33 ----D---- C:\Windows\winsxs
2014-07-22 20:00:38 ----D---- C:\Windows\debug
2014-07-22 20:00:27 ----D---- C:\Windows\System32
2014-07-22 20:00:27 ----D---- C:\ProgramData\MFAData
2014-07-22 20:00:27 ----D---- C:\ProgramData\AVG2014
2014-07-22 20:00:01 ----D---- C:\Windows\system32\drivers
2014-07-22 19:58:33 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-22 19:58:33 ----D---- C:\Windows\SysWOW64
2014-07-22 19:58:33 ----D---- C:\Windows\system32\Dism
2014-07-22 19:58:33 ----D---- C:\Windows\system32\cs-CZ
2014-07-22 19:58:32 ----D---- C:\Windows\ehome
2014-07-22 19:58:32 ----D---- C:\Program Files\Windows Journal
2014-07-22 19:58:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-22 19:58:31 ----D---- C:\Windows\AppPatch
2014-07-22 19:58:29 ----D---- C:\Windows\system32\DriverStore
2014-07-22 19:58:29 ----D---- C:\Windows\inf
2014-07-22 19:57:38 ----D---- C:\Users\Frank\AppData\Roaming\IObit
2014-07-22 19:57:33 ----D---- C:\Program Files (x86)\Common Files
2014-07-22 19:57:32 ----D---- C:\Program Files (x86)\IObit
2014-07-22 19:57:30 ----HD---- C:\ProgramData
2014-07-22 19:44:56 ----D---- C:\Users\Frank\AppData\Roaming\TS3Client
2014-07-22 17:53:07 ----D---- C:\Windows\system32\catroot
2014-07-22 17:46:07 ----D---- C:\Users\Frank\AppData\Roaming\AIMP3
2014-07-22 17:46:05 ----SHD---- C:\Windows\Installer
2014-07-22 17:44:15 ----D---- C:\Programy
2014-07-22 17:40:46 ----SHD---- C:\System Volume Information
2014-07-22 17:38:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-07-22 17:38:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-22 17:36:37 ----D---- C:\Windows\Logs
2014-07-22 16:39:11 ----RD---- C:\Program Files
2014-07-22 16:32:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-22 16:28:11 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-07-22 16:04:02 ----SD---- C:\ProgramData\Microsoft
2014-07-22 15:27:11 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2014-07-21 18:04:31 ----SD---- C:\Users\Frank\AppData\Roaming\Microsoft
2014-07-21 18:02:39 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-07-17 19:09:41 ----D---- C:\ProgramData\YTD Video Downloader
2014-07-16 01:04:11 ----D---- C:\Users\Frank\AppData\Roaming\vlc
2014-07-09 20:01:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-05 14:22:58 ----D---- C:\Users\Frank\AppData\Roaming\Tunngle
2014-07-05 14:22:58 ----D---- C:\ProgramData\Tunngle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-22 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-22 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pe3agqwb;Loki Environment Driver (pe3agqwb); C:\Windows\system32\drivers\pe3agqwb.sys [2007-11-14 72296]
R0 ps7agqwb;Loki Synchronization Driver (ps7agqwb); C:\Windows\system32\drivers\ps7agqwb.sys [2007-11-14 102000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-22 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-22 427360]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-06-03 50464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-08-07 57776]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-22 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-22 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-22 92008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-07 195584]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-09-10 3640024]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-07 202752]
R2 avast! Antivirus;avast! Antivirus; D:\Programy\Avast\AvastSvc.exe [2014-07-22 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-05-15 342336]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-19 76888]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-05-13 3644432]
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-05-13 292424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 pr2agqwb;Loki Drivers Auto Removal (pr2agqwb); C:\Windows\system32\pr2agqwb.exe [2007-11-14 777576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-01-10 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-03 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-06-10 976672]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 TunngleService;TunngleService; D:\Programy\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 21:18
od Rudy
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Ještě doporučuji odinstalovat AdvancedSystemCare. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit . Nastala nějaká změna?

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 21:40
od Holldir
Asi jsem zapoměl v prvním komentu zmínit, že se mi vypne počítač při hraní her. Proto mě jako první napadlo přehřátí grafiky. Zkusil jsem nyní a opět se po chvíli opakovalo to co předtím. Zhasl mi počítač a po chvíli se opětovně znovu zapnul. Omlouvám se, že jsem toto opomenul zmínit

Napsal: 22 črc 2014 21:47
od Rudy
OK. Stáhněte, nainstalujte a spusťte Speedfan: http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ a v průběhu chodu kontrolujte teploty, zejména GPU a CPU. Neměly by trvale překračovat 65°C (u NB 75°C).

Re: Vypíná se mi počítač

Napsal: 22 črc 2014 21:52
od Holldir
Ten mám dneska mi ho doporučil kámoš. Při běhu systému byla standartně teplota grafiky 52 stupňů. Po spuštění hry to naskočilo na cca 67-68 stupňů. CPU čtyři jádra se mi při běhu systému drží na 38-40 stupňích průměrně. CPU při hře mě nenapadlo pozorovat

Re: Vypíná se mi počítač

Napsal: 23 črc 2014 17:02
od Rudy
Pravděpodobně bude třeba zlepšit chlazení. 68°C by už mohlo působit negativně.

Re: Vypíná se mi počítač

Napsal: 28 črc 2014 19:40
od Holldir
Bude to pravděpodobně jedna z těchto chyb v počítači jak jsem nyní prohlížel prohlížeč událostí. Zdroj a ID události

Event Log - 6008
ps7agqwb - 1
Wininit - 11
Service Control Manager - 7000, 7003, 7009
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz