Kontrola

[kaiser3]

Dobrý den,
prosím o kontrolu logu. Pc beží bez problému, ale program Advanced SystemCare 7 pravidelně nachází malware red sheriff a data miner a občas tracking cookie. Zkusil jsem pc vyčistit programem spy bot, ale malware se pořád drží. Používám antivir avast. Předem děkuji za Váš čas.

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-08-09 11:57:26
Microsoft Windows 7 Ultimate
System drive C: has 178 GB (37%) free of 477 GB
Total RAM: 4095 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:35, on 9.8.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Programy\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Programy\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8121 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {65313DC1-7856-4E69-BE0F-BAAA23D36864}
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Petr\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverDoc_UPDATES.job - C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Programy\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\
ascsurfingprotection@iobit.com

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\searchplugins\
absearch-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\Programy\IObit Uninstaller\UninstallExplorer64.dll [2014-08-02 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-02 13672152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\Programy\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2011-07-21 36864]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-09 11:55:25 ----D---- C:\rsit
2014-08-03 07:06:53 ----A---- C:\Windows\DTLite.INI
2014-08-03 07:02:08 ----SD---- C:\Windows\system32\CompatTel
2014-08-03 00:44:27 ----A---- C:\Windows\system32\aepdu.dll
2014-08-03 00:44:27 ----A---- C:\Windows\system32\aeinv.dll
2014-08-03 00:43:37 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\tsgqec.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\mstscax.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\aaclient.dll
2014-08-03 00:40:38 ----A---- C:\Windows\system32\win32k.sys
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-08-03 00:39:43 ----A---- C:\Windows\system32\smss.exe
2014-08-03 00:39:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-08-03 00:39:43 ----A---- C:\Windows\system32\csrsrv.dll
2014-08-03 00:38:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-08-03 00:37:38 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-08-03 00:33:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-08-03 00:33:40 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\user.exe
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64win.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\winsrv.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\ntvdm64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\KernelBase.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\kernel32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\conhost.exe
2014-08-03 00:27:14 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-08-03 00:27:14 ----A---- C:\Windows\system32\usp10.dll
2014-08-03 00:26:02 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-08-03 00:26:02 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-08-03 00:26:02 ----A---- C:\Windows\system32\Wpc.dll
2014-08-03 00:26:02 ----A---- C:\Windows\system32\gameux.dll
2014-08-03 00:22:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-08-03 00:22:42 ----A---- C:\Windows\system32\win32spl.dll
2014-08-03 00:18:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-08-03 00:18:18 ----A---- C:\Windows\system32\ncrypt.dll
2014-08-03 00:12:24 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-08-03 00:12:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-08-03 00:12:24 ----A---- C:\Windows\system32\msxml6.dll
2014-08-03 00:12:24 ----A---- C:\Windows\system32\msxml3.dll
2014-08-03 00:11:41 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-08-03 00:11:41 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-08-03 00:11:41 ----A---- C:\Windows\system32\atmlib.dll
2014-08-03 00:11:41 ----A---- C:\Windows\system32\atmfd.dll
2014-08-03 00:10:59 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-03 00:10:59 ----A---- C:\Windows\system32\tzres.dll
2014-08-03 00:08:04 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-08-03 00:08:04 ----A---- C:\Windows\system32\dpnet.dll
2014-08-03 00:07:33 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-08-03 00:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\system32\jscript.dll
2014-08-03 00:05:54 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-08-03 00:05:54 ----A---- C:\Windows\system32\synceng.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFx.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFHost.exe
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-08-03 00:05:04 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-08-03 00:04:11 ----A---- C:\Windows\system32\Wdfres.dll
2014-08-03 00:04:11 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-08-03 00:04:11 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-08-02 23:56:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-08-02 23:56:51 ----A---- C:\Windows\system32\kerberos.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\cryptsvc.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\cryptnet.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\crypt32.dll
2014-08-02 23:54:45 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-08-02 23:54:45 ----A---- C:\Windows\system32\srcore.dll
2014-08-02 23:53:08 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-08-02 23:53:08 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\netapi32.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\browser.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\browcli.dll
2014-08-02 23:52:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-08-02 23:52:31 ----A---- C:\Windows\system32\wintrust.dll
2014-08-02 23:51:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-08-02 23:51:57 ----A---- C:\Windows\system32\d3d10level9.dll
2014-08-02 23:51:22 ----A---- C:\Windows\system32\localspl.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-08-02 23:50:46 ----A---- C:\Windows\system32\schannel.dll
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\cng.sys
2014-08-02 23:50:09 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-02 23:50:09 ----A---- C:\Windows\system32\shell32.dll
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdpwsx.dll
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-08-02 23:48:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-08-02 23:48:12 ----A---- C:\Windows\system32\profsvc.dll
2014-08-02 23:47:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-02 23:47:50 ----A---- C:\Windows\system32\msi.dll
2014-08-02 23:47:07 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\DWrite.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10warp.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10_1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d2d1.dll
2014-08-02 23:40:28 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-08-02 23:40:28 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\wmi.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\imagehlp.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-08-02 23:40:07 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-08-02 23:40:07 ----A---- C:\Windows\system32\rdpcore.dll
2014-08-02 23:40:07 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-08-02 23:34:54 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-08-02 23:34:54 ----A---- C:\Windows\system32\ntshrui.dll
2014-08-02 23:34:19 ----A---- C:\Windows\system32\drivers\afd.sys
2014-08-02 23:34:08 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-08-02 23:34:08 ----A---- C:\Windows\system32\msvcrt.dll
2014-08-02 23:33:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-08-02 23:33:55 ----A---- C:\Windows\system32\ntdll.dll
2014-08-02 23:33:40 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\webio.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\sspisrv.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\sspicli.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\secur32.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\lsass.exe
2014-08-02 23:33:40 ----A---- C:\Windows\system32\lsasrv.dll
2014-08-02 23:33:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-08-02 23:33:23 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-08-02 23:33:23 ----A---- C:\Windows\system32\quartz.dll
2014-08-02 23:33:23 ----A---- C:\Windows\system32\qdvd.dll
2014-08-02 23:33:10 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-08-02 23:33:10 ----A---- C:\Windows\system32\packager.dll
2014-08-02 23:29:27 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-08-02 23:29:27 ----A---- C:\Windows\system32\EncDec.dll
2014-08-02 23:28:38 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-08-02 23:28:38 ----A---- C:\Windows\system32\psisdecd.dll
2014-08-02 23:28:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-08-02 23:28:24 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-08-02 23:28:24 ----A---- C:\Windows\system32\oleaut32.dll
2014-08-02 23:28:24 ----A---- C:\Windows\system32\oleacc.dll
2014-08-02 23:14:39 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-08-02 23:14:39 ----A---- C:\Windows\system32\xmllite.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbctrac.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccu32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccr32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccp32.dll
2014-08-02 23:11:21 ----A---- C:\Windows\system32\FntCache.dll
2014-08-02 23:10:32 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-08-02 22:16:24 ----A---- C:\Windows\system32\sdnclean64.exe
2014-08-02 22:16:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-08-02 22:16:14 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-02 22:15:28 ----D---- C:\Users\Petr\AppData\Roaming\ProductData
2014-08-02 11:38:15 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2014-08-02 11:23:25 ----A---- C:\Windows\system32\drivers\jraid.sys
2014-08-02 11:21:29 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-08-02 11:21:28 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-08-02 11:21:28 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-08-02 11:21:28 ----A---- C:\Windows\system32\nvopencl.dll
2014-08-02 11:21:28 ----A---- C:\Windows\system32\nvoglv64.dll
2014-08-02 11:21:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-08-02 11:21:26 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-08-02 11:21:26 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\NvIFR64.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\NvFBC64.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuvid.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuda.dll
2014-08-02 11:21:24 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-08-02 11:21:24 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-08-02 11:21:24 ----A---- C:\Windows\system32\nvcompiler.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\YamahaAE.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\tossaeapo64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\toseaeapo64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\tosasfapo64.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tosade.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tepeqapo64.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tadefxapo264.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tadefxapo.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\SStudio.dll
2014-08-02 11:20:03 ----A---- C:\Windows\system32\sltech64.dll
2014-08-02 11:20:03 ----A---- C:\Windows\system32\slprp64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\slcnt64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\sl3apo64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFSS_APO.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFNHK64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFCOM64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\SFAPO64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-08-02 11:20:01 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-08-02 11:20:00 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2014-08-02 11:20:00 ----A---- C:\Windows\system32\RtkApi64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RTCOM64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RltkAPO64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-08-02 11:19:58 ----A---- C:\Windows\system32\RCoRes64.dat
2014-08-02 11:19:58 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-08-02 11:19:58 ----A---- C:\Windows\system32\R4EEP64A.dll
2014-08-02 11:19:58 ----A---- C:\Windows\system32\R4EEL64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EEG64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EED64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EEA64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\MISS_APO.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-08-02 11:19:52 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\SYSWOW64\MaxxAudioAPOShell.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\KAAPORT64.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2014-08-02 11:19:46 ----A---- C:\Windows\system32\FMAPO64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPP64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPO64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPD64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPA64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\audioLibVc.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\AERTAR64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\AERTAC64.dll
2014-08-02 11:19:44 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2014-08-02 11:07:22 ----D---- C:\Users\Petr\AppData\Roaming\Apple Computer
2014-08-02 11:07:16 ----D---- C:\ProgramData\ProductData
2014-08-02 11:07:15 ----D---- C:\Program Files (x86)\IObit
2014-08-02 11:06:56 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-02 11:06:54 ----D---- C:\ProgramData\IObit
2014-08-02 11:05:48 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2014-08-02 10:49:03 ----D---- C:\Users\Petr\AppData\Roaming\Might & Magic Heroes VI
2014-07-30 16:51:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-17 17:08:05 ----D---- C:\ProgramData\Riot Games

======List of files/folders modified in the last 1 month======

2014-08-09 11:57:34 ----D---- C:\Windows\Temp
2014-08-09 11:57:34 ----D---- C:\Program Files\trend micro
2014-08-09 11:57:13 ----D---- C:\Windows\Prefetch
2014-08-09 11:42:14 ----D---- C:\ProgramData\PMB Files
2014-08-09 11:41:48 ----D---- C:\Windows
2014-08-09 11:13:40 ----D---- C:\ProgramData\NVIDIA
2014-08-08 19:38:42 ----D---- C:\Program Files (x86)\Hry
2014-08-08 09:44:09 ----D---- C:\Windows\system32\config
2014-08-08 00:28:14 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-08-07 23:10:16 ----D---- C:\Windows\system32\catroot2
2014-08-06 12:46:25 ----D---- C:\Windows\SoftwareDistribution
2014-08-04 12:21:28 ----SHD---- C:\Windows\Installer
2014-08-04 12:21:27 ----HD---- C:\Config.Msi
2014-08-04 12:21:11 ----D---- C:\Program Files (x86)\Programy
2014-08-04 12:20:48 ----D---- C:\Windows\SysWOW64
2014-08-03 10:00:40 ----D---- C:\Windows\rescache
2014-08-03 07:37:13 ----D---- C:\Windows\system32\Tasks
2014-08-03 07:20:49 ----D---- C:\Windows\Microsoft.NET
2014-08-03 07:20:14 ----RSD---- C:\Windows\assembly
2014-08-03 07:19:13 ----D---- C:\Windows\inf
2014-08-03 07:15:17 ----D---- C:\Windows\winsxs
2014-08-03 07:02:08 ----D---- C:\Windows\system32\drivers
2014-08-03 07:02:08 ----D---- C:\Windows\System32
2014-08-03 07:02:08 ----D---- C:\Windows\AppPatch
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-03 07:02:07 ----D---- C:\Windows\system32\sk-SK
2014-08-03 07:02:07 ----D---- C:\Windows\system32\en-US
2014-08-03 07:02:07 ----D---- C:\Windows\system32\cs-CZ
2014-08-03 07:02:02 ----RSD---- C:\Windows\Fonts
2014-08-03 07:02:02 ----D---- C:\Windows\system32\wbem
2014-08-03 07:02:02 ----D---- C:\Windows\system32\drivers\en-US
2014-08-03 07:02:02 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-08-03 07:02:00 ----D---- C:\Windows\ehome
2014-08-03 07:02:00 ----D---- C:\Program Files\Internet Explorer
2014-08-03 07:02:00 ----D---- C:\Program Files\Common Files\System
2014-08-03 07:02:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-03 07:00:59 ----D---- C:\Windows\system32\DriverStore
2014-08-03 00:44:21 ----D---- C:\Windows\system32\catroot
2014-08-03 00:35:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-03 00:22:05 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-08-02 23:37:15 ----SHD---- C:\System Volume Information
2014-08-02 23:11:49 ----RD---- C:\Program Files (x86)
2014-08-02 23:10:08 ----D---- C:\Windows\Logs
2014-08-02 22:16:31 ----SD---- C:\ProgramData\Microsoft
2014-08-02 22:16:22 ----HD---- C:\ProgramData
2014-08-02 20:10:50 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2014-08-02 11:37:58 ----D---- C:\Windows\Panther
2014-08-02 11:37:57 ----D---- C:\Windows\Minidump
2014-08-02 11:36:12 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-08-02 11:22:49 ----D---- C:\TEMP
2014-08-02 11:22:37 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-02 11:21:29 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-08-02 11:21:24 ----A---- C:\Windows\system32\nvapi64.dll
2014-08-02 11:20:54 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-08-02 10:49:02 ----D---- C:\ProgramData\Orbit
2014-07-31 12:55:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-26 13:55:19 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-26 13:55:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 10:52:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2014-08-02 123704]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-08 530488]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet - adaptér; C:\Windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-08-02 3962840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 awh7vibj;awh7vibj; C:\Windows\system32\drivers\awh7vibj.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-01-05 21712]
S3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2009-10-12 14648]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-03 76888]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Programy\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-23 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Márty84]

Zdravim


Advanced SystemCare a nejlepe vse od IObit radeji odinstalujte. Dela to vic skody nez uzitku

Odinstalujte i Spybota, program je zastaraly a v podstate k nicemu.


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[kaiser3]

Proč je lepší vše od IObit odinstalovat? Moc se v oblasti programů nevyznám.

Log z AdwCleaner:

# AdwCleaner v3.304 - Report created 09/08/2014 at 16:21:45
# Updated 08/08/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Petr - PETRPC
# Running from : C:\Users\Petr\Desktop\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files (x86)\Astroburn Toolbar
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Users\Petr\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Petr\AppData\Roaming\Solvusoft
File Deleted : C:\Users\Petr\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_directx_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_directx_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Solvusoft
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Solvusoft

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16800


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

*************************

AdwCleaner[R0].txt - [4009 octets] - [09/08/2014 16:05:59]
AdwCleaner[R1].txt - [4069 octets] - [09/08/2014 16:21:21]
AdwCleaner[S0].txt - [3766 octets] - [09/08/2014 16:21:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3826 octets] ##########

[Márty84]

Proč je lepší vše od IObit odinstalovat?

Treba zde http://forum.viry.cz/viewtopic.php?f=14&t=127320



Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[kaiser3]

U Advanced SystemCare 7 jsem dal kopletní scan udělal nějaké opravy a aktualizace ovladačů a výkon se mi opravdu zvýšil (rychlejší start win, větší fps u některých her...), tak jsem myslel jak je to super program. Po přečtení http://forum.viry.cz/viewtopic.php?f=14&t=127320 ho raději přestanu používat . Dík za radu nikdy by mě nenapadlo, že může poškodit systém.

Log z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10.8.2014
Scan Time: 10:27:26
Logfile: Log MLB.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.10.01
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Petr

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 559069
Time Elapsed: 1 hr, 37 min, 35 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.Conduit.A, C:\Users\Petr\AppData\Local\Temp\CT1750559, , [e702754f9ae17eb8341adad981818a76],

Files: 2
Trojan.VirTool, C:\Program Files (x86)\Hry\FIFA 13\Game\rld.dll, , [6a7fdaea88f31620d211ab80be44758b],
Trojan.VirTool, C:\Program Files (x86)\Hry\Mortal Kombat Komplete Edition\DiscContentPC\steam_api.dll, , [3dac873d710abc7a9c449da3f21023dd],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

U Advanced SystemCare 7 jsem dal kopletní scan udělal nějaké opravy a aktualizace ovladačů a výkon se mi opravdu zvýšil (rychlejší start win, větší fps u některých her...), tak jsem myslel jak je to super program. Po přečtení viewtopic.php?f=14&t=127320 ho raději přestanu používat . Dík za radu nikdy by mě nenapadlo, že může poškodit systém.

Prave to je ten problem. On obcas vazne funguje, ale je hrozne nepredvidatelny a casto udela chybu, kterou nekdy opravi az reinstal. Proto ho nedporucujeme



Nalezy MBAM hodte do karanteny. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[kaiser3]

Omlouvám se, že odpovídám po delší době byl jsem služebně mimo. Další sken s MBAM byl čistý a program nevytvořl žádný log. Předpokládám, že je vše v pořádku. Moc dík za pomoc.

[Márty84]

MBAM odinstalujte a dejte jeste novy log z RSIT. Docistime drobnosti, pokud tedy chcete

Jinak nemate zac

[kaiser3]

Tak to dočistíme.

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-08-15 13:20:41
Microsoft Windows 7 Ultimate
System drive C: has 177 GB (37%) free of 477 GB
Total RAM: 4095 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:20:51, on 15.8.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Programy\Reader\Reader_sl.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Programy\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Programy\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7643 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e0
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Programy\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {B1B1C039-232A-4725-A033-1B343183C2AA}
"C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe" -rem
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Programy\Reader\Reader_sl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverDoc_UPDATES.job - C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Programy\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\
ascsurfingprotection@iobit.com

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\searchplugins\
absearch-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\Programy\IObit Uninstaller\UninstallExplorer64.dll [2014-08-02 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-02 13672152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\Programy\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2011-07-21 36864]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\Programy\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-13 11:14:03 ----D---- C:\Users\Petr\AppData\Roaming\Solvusoft
2014-08-10 10:25:19 ----D---- C:\ProgramData\Malwarebytes
2014-08-09 16:05:53 ----D---- C:\AdwCleaner
2014-08-09 15:54:18 ----A---- C:\Windows\wininit.ini
2014-08-09 11:55:25 ----D---- C:\rsit
2014-08-03 07:06:53 ----A---- C:\Windows\DTLite.INI
2014-08-03 07:02:08 ----SD---- C:\Windows\system32\CompatTel
2014-08-03 00:44:27 ----A---- C:\Windows\system32\aepdu.dll
2014-08-03 00:44:27 ----A---- C:\Windows\system32\aeinv.dll
2014-08-03 00:43:37 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-08-03 00:42:25 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\tsgqec.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\mstscax.dll
2014-08-03 00:42:25 ----A---- C:\Windows\system32\aaclient.dll
2014-08-03 00:40:38 ----A---- C:\Windows\system32\win32k.sys
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-08-03 00:39:43 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-08-03 00:39:43 ----A---- C:\Windows\system32\smss.exe
2014-08-03 00:39:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-08-03 00:39:43 ----A---- C:\Windows\system32\csrsrv.dll
2014-08-03 00:38:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-08-03 00:37:38 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-08-03 00:33:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-08-03 00:33:40 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 00:32:41 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\user.exe
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64win.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\wow64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\winsrv.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\ntvdm64.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\KernelBase.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\kernel32.dll
2014-08-03 00:32:41 ----A---- C:\Windows\system32\conhost.exe
2014-08-03 00:27:14 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-08-03 00:27:14 ----A---- C:\Windows\system32\usp10.dll
2014-08-03 00:26:02 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-08-03 00:26:02 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-08-03 00:26:02 ----A---- C:\Windows\system32\Wpc.dll
2014-08-03 00:26:02 ----A---- C:\Windows\system32\gameux.dll
2014-08-03 00:22:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-08-03 00:22:42 ----A---- C:\Windows\system32\win32spl.dll
2014-08-03 00:18:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-08-03 00:18:18 ----A---- C:\Windows\system32\ncrypt.dll
2014-08-03 00:12:24 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-08-03 00:12:24 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-08-03 00:12:24 ----A---- C:\Windows\system32\msxml6.dll
2014-08-03 00:12:24 ----A---- C:\Windows\system32\msxml3.dll
2014-08-03 00:11:41 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-08-03 00:11:41 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-08-03 00:11:41 ----A---- C:\Windows\system32\atmlib.dll
2014-08-03 00:11:41 ----A---- C:\Windows\system32\atmfd.dll
2014-08-03 00:10:59 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-03 00:10:59 ----A---- C:\Windows\system32\tzres.dll
2014-08-03 00:08:04 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-08-03 00:08:04 ----A---- C:\Windows\system32\dpnet.dll
2014-08-03 00:07:33 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-08-03 00:06:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\system32\vbscript.dll
2014-08-03 00:06:27 ----A---- C:\Windows\system32\jscript.dll
2014-08-03 00:05:54 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-08-03 00:05:54 ----A---- C:\Windows\system32\synceng.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFx.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFHost.exe
2014-08-03 00:05:04 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-08-03 00:05:04 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-08-03 00:05:04 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-08-03 00:04:11 ----A---- C:\Windows\system32\Wdfres.dll
2014-08-03 00:04:11 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-08-03 00:04:11 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-08-02 23:56:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-08-02 23:56:51 ----A---- C:\Windows\system32\kerberos.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-08-02 23:56:12 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\cryptsvc.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\cryptnet.dll
2014-08-02 23:56:12 ----A---- C:\Windows\system32\crypt32.dll
2014-08-02 23:54:45 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-08-02 23:54:45 ----A---- C:\Windows\system32\srcore.dll
2014-08-02 23:53:08 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-08-02 23:53:08 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\netapi32.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\browser.dll
2014-08-02 23:53:08 ----A---- C:\Windows\system32\browcli.dll
2014-08-02 23:52:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-08-02 23:52:31 ----A---- C:\Windows\system32\wintrust.dll
2014-08-02 23:51:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-08-02 23:51:57 ----A---- C:\Windows\system32\d3d10level9.dll
2014-08-02 23:51:22 ----A---- C:\Windows\system32\localspl.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-08-02 23:50:46 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-08-02 23:50:46 ----A---- C:\Windows\system32\schannel.dll
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-08-02 23:50:46 ----A---- C:\Windows\system32\drivers\cng.sys
2014-08-02 23:50:09 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-02 23:50:09 ----A---- C:\Windows\system32\shell32.dll
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdpwsx.dll
2014-08-02 23:48:56 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-08-02 23:48:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-08-02 23:48:12 ----A---- C:\Windows\system32\profsvc.dll
2014-08-02 23:47:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-02 23:47:50 ----A---- C:\Windows\system32\msi.dll
2014-08-02 23:47:07 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\DWrite.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10warp.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d3d10_1.dll
2014-08-02 23:41:16 ----A---- C:\Windows\system32\d2d1.dll
2014-08-02 23:40:28 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-08-02 23:40:28 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\wmi.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\imagehlp.dll
2014-08-02 23:40:28 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-08-02 23:40:07 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-08-02 23:40:07 ----A---- C:\Windows\system32\rdpcore.dll
2014-08-02 23:40:07 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-08-02 23:34:54 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-08-02 23:34:54 ----A---- C:\Windows\system32\ntshrui.dll
2014-08-02 23:34:19 ----A---- C:\Windows\system32\drivers\afd.sys
2014-08-02 23:34:08 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-08-02 23:34:08 ----A---- C:\Windows\system32\msvcrt.dll
2014-08-02 23:33:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-08-02 23:33:55 ----A---- C:\Windows\system32\ntdll.dll
2014-08-02 23:33:40 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\webio.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\sspisrv.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\sspicli.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\secur32.dll
2014-08-02 23:33:40 ----A---- C:\Windows\system32\lsass.exe
2014-08-02 23:33:40 ----A---- C:\Windows\system32\lsasrv.dll
2014-08-02 23:33:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-08-02 23:33:23 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-08-02 23:33:23 ----A---- C:\Windows\system32\quartz.dll
2014-08-02 23:33:23 ----A---- C:\Windows\system32\qdvd.dll
2014-08-02 23:33:10 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-08-02 23:33:10 ----A---- C:\Windows\system32\packager.dll
2014-08-02 23:29:27 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-08-02 23:29:27 ----A---- C:\Windows\system32\EncDec.dll
2014-08-02 23:28:38 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-08-02 23:28:38 ----A---- C:\Windows\system32\psisdecd.dll
2014-08-02 23:28:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-08-02 23:28:24 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-08-02 23:28:24 ----A---- C:\Windows\system32\oleaut32.dll
2014-08-02 23:28:24 ----A---- C:\Windows\system32\oleacc.dll
2014-08-02 23:14:39 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-08-02 23:14:39 ----A---- C:\Windows\system32\xmllite.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbctrac.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccu32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccr32.dll
2014-08-02 23:12:02 ----A---- C:\Windows\system32\odbccp32.dll
2014-08-02 23:11:21 ----A---- C:\Windows\system32\FntCache.dll
2014-08-02 23:10:32 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2014-08-02 22:16:22 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-08-02 22:15:28 ----D---- C:\Users\Petr\AppData\Roaming\ProductData
2014-08-02 11:38:15 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2014-08-02 11:23:25 ----A---- C:\Windows\system32\drivers\jraid.sys
2014-08-02 11:21:29 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-08-02 11:21:28 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-08-02 11:21:28 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-08-02 11:21:28 ----A---- C:\Windows\system32\nvopencl.dll
2014-08-02 11:21:28 ----A---- C:\Windows\system32\nvoglv64.dll
2014-08-02 11:21:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-08-02 11:21:26 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-08-02 11:21:26 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\NvIFR64.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\NvFBC64.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-08-02 11:21:26 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-08-02 11:21:25 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuvid.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-08-02 11:21:25 ----A---- C:\Windows\system32\nvcuda.dll
2014-08-02 11:21:24 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-08-02 11:21:24 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-08-02 11:21:24 ----A---- C:\Windows\system32\nvcompiler.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\YamahaAE.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\tossaeapo64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\toseaeapo64.dll
2014-08-02 11:20:05 ----A---- C:\Windows\system32\tosasfapo64.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tosade.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tepeqapo64.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tadefxapo264.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\tadefxapo.dll
2014-08-02 11:20:04 ----A---- C:\Windows\system32\SStudio.dll
2014-08-02 11:20:03 ----A---- C:\Windows\system32\sltech64.dll
2014-08-02 11:20:03 ----A---- C:\Windows\system32\slprp64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\slcnt64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\sl3apo64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFSS_APO.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFNHK64.dll
2014-08-02 11:20:02 ----A---- C:\Windows\system32\SFCOM64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\SFAPO64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-08-02 11:20:01 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-08-02 11:20:01 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-08-02 11:20:00 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2014-08-02 11:20:00 ----A---- C:\Windows\system32\RtkApi64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RTCOM64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\RltkAPO64.dll
2014-08-02 11:19:59 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-08-02 11:19:58 ----A---- C:\Windows\system32\RCoRes64.dat
2014-08-02 11:19:58 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-08-02 11:19:58 ----A---- C:\Windows\system32\R4EEP64A.dll
2014-08-02 11:19:58 ----A---- C:\Windows\system32\R4EEL64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EEG64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EED64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\R4EEA64A.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-08-02 11:19:57 ----A---- C:\Windows\system32\MISS_APO.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2014-08-02 11:19:53 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-08-02 11:19:52 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\SYSWOW64\MaxxAudioAPOShell.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2014-08-02 11:19:51 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\KAAPORT64.dll
2014-08-02 11:19:50 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2014-08-02 11:19:46 ----A---- C:\Windows\system32\FMAPO64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPP64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPO64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPD64A.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\DDPA64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\audioLibVc.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\AERTAR64.dll
2014-08-02 11:19:45 ----A---- C:\Windows\system32\AERTAC64.dll
2014-08-02 11:19:44 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2014-08-02 11:07:22 ----D---- C:\Users\Petr\AppData\Roaming\Apple Computer
2014-08-02 11:07:16 ----D---- C:\ProgramData\ProductData
2014-08-02 11:07:15 ----D---- C:\Program Files (x86)\IObit
2014-08-02 11:06:56 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-02 11:06:54 ----D---- C:\ProgramData\IObit
2014-08-02 11:05:48 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2014-08-02 10:49:03 ----D---- C:\Users\Petr\AppData\Roaming\Might & Magic Heroes VI
2014-07-30 16:51:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-17 17:08:05 ----D---- C:\ProgramData\Riot Games

======List of files/folders modified in the last 1 month======

2014-08-15 13:20:51 ----D---- C:\Windows\Prefetch
2014-08-15 13:20:48 ----D---- C:\Program Files\trend micro
2014-08-15 13:19:55 ----D---- C:\Windows\Temp
2014-08-15 13:19:35 ----D---- C:\ProgramData\NVIDIA
2014-08-15 13:19:32 ----D---- C:\Windows
2014-08-15 13:19:23 ----D---- C:\Windows\system32\config
2014-08-15 13:16:38 ----D---- C:\Windows\system32\catroot2
2014-08-15 13:09:37 ----RD---- C:\Program Files (x86)
2014-08-15 13:09:37 ----D---- C:\Windows\system32\drivers
2014-08-15 12:56:29 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-08-15 12:04:36 ----SHD---- C:\Windows\Installer
2014-08-15 12:04:36 ----D---- C:\ProgramData\Skype
2014-08-15 12:04:34 ----HD---- C:\Config.Msi
2014-08-15 12:04:32 ----D---- C:\Program Files (x86)\Common Files
2014-08-15 11:21:47 ----D---- C:\Windows\system32\Tasks
2014-08-15 00:40:01 ----D---- C:\ProgramData\PMB Files
2014-08-13 15:53:22 ----D---- C:\Windows\SysWOW64
2014-08-13 11:14:32 ----D---- C:\Windows\inf
2014-08-13 11:14:15 ----D---- C:\Windows\Tasks
2014-08-10 17:27:18 ----SHD---- C:\System Volume Information
2014-08-10 14:41:09 ----D---- C:\Windows\Web
2014-08-10 13:45:15 ----D---- C:\Windows\SoftwareDistribution
2014-08-10 10:25:19 ----HD---- C:\ProgramData
2014-08-09 19:29:34 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2014-08-09 15:54:24 ----D---- C:\Windows\System32
2014-08-09 15:54:23 ----SD---- C:\ProgramData\Microsoft
2014-08-08 19:38:42 ----D---- C:\Program Files (x86)\Hry
2014-08-04 12:21:11 ----D---- C:\Program Files (x86)\Programy
2014-08-03 10:00:40 ----D---- C:\Windows\rescache
2014-08-03 07:20:49 ----D---- C:\Windows\Microsoft.NET
2014-08-03 07:20:14 ----RSD---- C:\Windows\assembly
2014-08-03 07:15:17 ----D---- C:\Windows\winsxs
2014-08-03 07:02:08 ----D---- C:\Windows\AppPatch
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-03 07:02:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-03 07:02:07 ----D---- C:\Windows\system32\sk-SK
2014-08-03 07:02:07 ----D---- C:\Windows\system32\en-US
2014-08-03 07:02:07 ----D---- C:\Windows\system32\cs-CZ
2014-08-03 07:02:02 ----RSD---- C:\Windows\Fonts
2014-08-03 07:02:02 ----D---- C:\Windows\system32\wbem
2014-08-03 07:02:02 ----D---- C:\Windows\system32\drivers\en-US
2014-08-03 07:02:02 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-08-03 07:02:00 ----D---- C:\Windows\ehome
2014-08-03 07:02:00 ----D---- C:\Program Files\Internet Explorer
2014-08-03 07:02:00 ----D---- C:\Program Files\Common Files\System
2014-08-03 07:02:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-03 07:00:59 ----D---- C:\Windows\system32\DriverStore
2014-08-03 00:44:21 ----D---- C:\Windows\system32\catroot
2014-08-03 00:35:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-03 00:22:05 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-08-02 23:10:08 ----D---- C:\Windows\Logs
2014-08-02 11:37:58 ----D---- C:\Windows\Panther
2014-08-02 11:37:57 ----D---- C:\Windows\Minidump
2014-08-02 11:36:12 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-08-02 11:22:49 ----D---- C:\TEMP
2014-08-02 11:22:37 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-02 11:21:29 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-08-02 11:21:24 ----A---- C:\Windows\system32\nvapi64.dll
2014-08-02 11:20:54 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-08-02 10:49:02 ----D---- C:\ProgramData\Orbit
2014-07-31 12:55:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-26 13:55:19 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-26 13:55:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 10:52:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2014-08-02 123704]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-08 530488]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet - adaptér; C:\Windows\system32\DRIVERS\l160x64.sys [2009-06-25 58368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-08-02 3962840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S3 ang7xj52;ang7xj52; C:\Windows\system32\drivers\ang7xj52.sys []
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-01-05 21712]
S3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2009-10-12 14648]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\Programy\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-03 76888]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Programy\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-23 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
AdvancedSystemCareService7
SkypeUpdate
LiveUpdateSvc
Nero BackItUp Scheduler 4.0
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverDoc_UPDATES.job
C:\ProgramData\Malwarebytes
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\ascsurfingprotection@iobit.com
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\searchplugins\absearch-search.xml
C:\ProgramData\Spybot - Search & Destroy

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[kaiser3]

Log zde:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petr
->Temp folder emptied: 39084269 bytes
->Temporary Internet Files folder emptied: 7520903 bytes
->Java cache emptied: 374805 bytes
->FireFox cache emptied: 165217507 bytes
->Flash cache emptied: 20619 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1048576 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67776 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 203,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdvancedSystemCareService7 stopped successfully!
Service AdvancedSystemCareService7 deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
File/Folder C:\Windows\tasks\DriverDoc_UPDATES.job not found.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\ascsurfingprotection@iobit.com\chrome\content folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\ascsurfingprotection@iobit.com\chrome folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\extensions\ascsurfingprotection@iobit.com folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\6aqakqnt.default\searchplugins\absearch-search.xml moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 08162014_130950

Files moved on Reboot...
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8394c8fd8a83d_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8394c8fd8a83d_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Petr\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.




11.10. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975