Prosím o kontrolu

[Halen]

Dobrý den, požádal bych o kontrolu logů. Počítač mi několikrát havaroval v IDLE režimu do BSOD při poslechu hudby - měl jsem spuštěný pouze Foobar. Mám podezření na nesprávné chování AVAST antiviru, při pokusu o opravu tato sice proběhla, ale s chybou language.dll a to opakovaně. Další změnu, kterou jsem v poslední době dělal byla úplná přeinstalace ovladačů grafiky. Vkládám pro první posouzení log z RSIT. Předem děkuji za váš čas.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Terazky at 2016-02-24 11:33:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 199 GB (84%) free of 238 GB
Total RAM: 16365 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:37, on 24.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Terazky\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
C:\Program Files\trend micro\Terazky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SystemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKLM\..\Run: [Sound Blaster Z-Series Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [f.lux] "C:\Users\Terazky\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{601C94DA-D57B-454D-B011-726132B06EAE}: NameServer = 89.190.64.20,89.190.65.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{601C94DA-D57B-454D-B011-726132B06EAE}: NameServer = 89.190.64.20,89.190.65.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{601C94DA-D57B-454D-B011-726132B06EAE}: NameServer = 89.190.64.20,89.190.65.200
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Sound Blaster Audio Service (CtHdaSvc) - Creative Technology Ltd - C:\Windows\sysWow64\CtHdaSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9897 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe"
C:\Windows\sysWow64\CtHdaSvc.exe
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\System32\wbem\WmiPrvSE.exe
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
taskeng.exe {954CED32-6C91-47C2-A79A-A9ADDC2A6D9C}
\??\C:\Windows\system32\conhost.exe "188676745-13981477926129820891760941684-1636812462-936146253407497983771205773
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Users\Terazky\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\System32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4796.0.1844447559\1597835820" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4796 "\\.\pipe\gecko-crash-server-pipe.4796" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe" --proxy-stub-channel=Flash1328.63EFF3E8.13632 --host-broker-channel=Flash1328.63EFF3E8.18278 --host-pid=1328 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe" --channel=2808.0041F3D4.2029438893 --proxy-stub-channel=Flash1328.63EFF3E8.13632 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll" --host-npapi-version=28 --type=renderer
taskeng.exe {863B4363-3AB6-4F0A-A2A3-D9DC9562BED5}
C:\Windows\system32\AUDIODG.EXE 0xdc
"C:\Users\Terazky\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\5gebmm3b.default-1446055506919

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.74.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\5gebmm3b.default-1446055506919\extensions\
cs@dictionaries.addons.mozilla.org
youtubeunblocker@unblocker.yt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-11 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-09 462432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-11 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2015-07-02 14601160]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-01-23 2787264]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-01-23 1859936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Terazky\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 595504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"SystemExplorerAutoStart"=C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2015-08-19 3389160]
"Sound Blaster Z-Series Control Panel"=C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [2014-11-24 877056]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-23 7139768]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PAexec]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x99000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-24 11:33:33 ----D---- C:\rsit
2016-02-24 11:33:33 ----D---- C:\Program Files\trend micro
2016-02-24 11:23:04 ----D---- C:\FRST
2016-02-24 11:06:19 ----A---- C:\Windows\system32\aswBoot.exe
2016-02-24 10:28:12 ----N---- C:\bootsqm.dat
2016-02-23 18:33:19 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-02-23 18:32:24 ----D---- C:\Program Files\VideoLAN
2016-02-23 18:29:28 ----D---- C:\Users\Terazky\AppData\Roaming\NVIDIA
2016-02-23 17:37:08 ----D---- C:\Users\Terazky\AppData\Roaming\Thunderbird
2016-02-23 17:13:19 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2016-02-23 17:13:19 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2016-02-23 17:13:19 ----A---- C:\Windows\system32\nvspcap64.dll
2016-02-23 17:13:19 ----A---- C:\Windows\system32\nvspbridge64.dll
2016-02-23 17:13:19 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-23 17:13:06 ----D---- C:\ProgramData\NVIDIA
2016-02-23 17:12:56 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvvsvc.exe
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvsvcr.dll
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvsvc64.dll
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvshext.dll
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvmctray.dll
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nvcpl.dll
2016-02-23 17:12:47 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-02-23 17:12:39 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-02-23 17:12:39 ----A---- C:\Windows\system32\OpenCL.dll
2016-02-23 17:12:36 ----D---- C:\ProgramData\NVIDIA Corporation
2016-02-23 17:12:33 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-02-23 17:11:49 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-02-23 17:11:49 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-02-23 17:11:49 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-02-23 17:11:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvopencl.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvoglv64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvinitx.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\NvIFR64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvhdap64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\NvFBC64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvdispgenco6436191.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvdispco6436191.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvcuvid.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvcuda.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvcompiler.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\nvapi64.dll
2016-02-23 17:11:48 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-02-23 17:11:48 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2016-02-23 17:10:30 ----D---- C:\Program Files\NVIDIA Corporation
2016-02-23 17:05:02 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-02-23 16:06:51 ----D---- C:\AdwCleaner
2016-02-23 15:59:30 ----RD---- C:\Program Files (x86)\Skype
2016-02-23 01:51:17 ----D---- C:\ProgramData\Passmark
2016-02-23 01:51:14 ----D---- C:\Program Files\PerformanceTest
2016-02-23 01:49:27 ----D---- C:\Windows\SYSWOW64\PolicyDefinitions
2016-02-23 01:49:26 ----D---- C:\Program Files (x86)\Spybot Anti-Beacon
2016-02-23 01:46:04 ----D---- C:\Program Files\PeerBlock
2016-02-23 01:44:24 ----D---- C:\Program Files (x86)\AMD
2016-02-23 01:34:36 ----A---- C:\Windows\system32\drivers\HWiNFO64A.SYS
2016-02-23 01:29:03 ----D---- C:\Program Files (x86)\FinalWire
2016-02-23 01:01:18 ----D---- C:\Users\Terazky\AppData\Roaming\foobar2000
2016-02-23 00:41:42 ----D---- C:\Program Files\CPUID
2016-02-15 03:56:14 ----D---- C:\Program Files (x86)\PrivaZer
2016-02-12 01:38:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-11 19:20:04 ----D---- C:\Program Files (x86)\Windows Sidebar
2016-02-11 19:18:01 ----HD---- C:\ProgramData\Common Files
2016-02-11 19:18:01 ----D---- C:\ProgramData\Avg
2016-02-11 18:06:09 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-02-11 17:56:48 ----D---- C:\Windows\Minidump
2016-02-11 14:35:40 ----D---- C:\Program Files (x86)\ESET
2016-02-11 14:24:23 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-11 13:43:05 ----D---- C:\Users\Terazky\AppData\Roaming\AVAST Software
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswNetSec.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-02-11 13:42:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-02-11 13:42:43 ----A---- C:\Windows\avastSS.scr
2016-02-11 13:42:41 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2016-02-11 13:42:15 ----D---- C:\Program Files\AVAST Software
2016-02-11 13:40:08 ----D---- C:\ProgramData\AVAST Software
2016-02-11 13:10:46 ----SD---- C:\Windows\SYSWOW64\Microsoft
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-11 12:13:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-11 12:13:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-11 12:13:53 ----A---- C:\Windows\system32\inseng.dll
2016-02-11 12:13:53 ----A---- C:\Windows\system32\iernonce.dll
2016-02-11 12:13:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-11 12:13:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-11 12:13:53 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-11 12:13:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-11 12:13:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-11 12:13:52 ----A---- C:\Windows\system32\occache.dll
2016-02-11 12:13:52 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-11 12:13:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-11 12:13:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-11 12:13:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-11 12:13:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-11 12:13:51 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-11 12:13:51 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-11 12:13:51 ----A---- C:\Windows\system32\iesetup.dll
2016-02-11 12:13:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-11 12:13:51 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-11 12:13:51 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-11 12:13:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-11 12:13:50 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-11 12:13:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-11 12:13:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-11 12:13:50 ----A---- C:\Windows\system32\vbscript.dll
2016-02-11 12:13:50 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-11 12:13:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-11 12:13:49 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-11 12:13:49 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-11 12:13:49 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\wininet.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\webcheck.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\jscript9.dll
2016-02-11 12:13:48 ----A---- C:\Windows\system32\jscript.dll
2016-02-11 12:13:47 ----A---- C:\Windows\system32\msrating.dll
2016-02-11 12:13:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-11 12:13:41 ----A---- C:\Windows\system32\ole32.dll
2016-02-11 12:13:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-11 12:13:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-11 12:13:35 ----A---- C:\Windows\system32\iertutil.dll
2016-02-11 12:13:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-11 12:13:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-11 12:13:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-11 12:13:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-11 12:13:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-11 12:13:33 ----A---- C:\Windows\system32\urlmon.dll
2016-02-11 12:13:33 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-11 12:13:33 ----A---- C:\Windows\system32\ieui.dll
2016-02-11 12:13:33 ----A---- C:\Windows\system32\ieframe.dll
2016-02-11 12:13:32 ----A---- C:\Windows\system32\mshtml.dll
2016-02-11 12:13:30 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-11 12:13:30 ----A---- C:\Windows\system32\InkEd.dll
2016-02-11 12:13:28 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-11 12:13:28 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-11 12:13:28 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-11 12:13:28 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-11 12:13:28 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-11 12:13:28 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-11 12:13:28 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-11 12:13:28 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-11 12:13:26 ----A---- C:\Windows\system32\win32k.sys
2016-02-11 12:13:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-11 12:13:25 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-11 12:13:25 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-11 12:13:25 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-11 12:12:13 ----A---- C:\Windows\system32\EncDec.dll
2016-02-11 12:12:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-11 12:12:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-11 12:12:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-11 12:12:12 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-11 12:12:12 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-11 12:12:12 ----A---- C:\Windows\system32\ntdll.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\kernel32.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\kerberos.dll
2016-02-11 12:12:12 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-11 12:12:11 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\wow64win.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\wow64.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\winsrv.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\wdigest.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\sspicli.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\srcore.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\smss.exe
2016-02-11 12:12:11 ----A---- C:\Windows\system32\schannel.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\lsass.exe
2016-02-11 12:12:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-11 12:12:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-11 12:12:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-11 12:12:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-11 12:12:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-11 12:12:11 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-11 12:12:11 ----A---- C:\Windows\system32\conhost.exe
2016-02-11 12:12:11 ----A---- C:\Windows\system32\advapi32.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 12:12:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-11 12:12:10 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\srclient.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\secur32.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\rstrui.exe
2016-02-11 12:12:10 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\msobjs.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\msaudite.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\credssp.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\auditpol.exe
2016-02-11 12:12:10 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-11 12:12:10 ----A---- C:\Windows\system32\adtschema.dll
2016-02-09 18:36:44 ----D---- C:\Users\Terazky\AppData\Roaming\XMedia Recode
2016-02-09 18:08:37 ----D---- C:\Program Files (x86)\XMedia Recode
2016-02-07 17:31:45 ----D---- C:\Program Files (x86)\Asoftech
2016-02-07 17:27:01 ----D---- C:\Program Files (x86)\iCare Data Recovery Pro
2016-02-02 21:09:59 ----D---- C:\ProgramData\privazer
2016-02-02 18:31:41 ----A---- C:\Windows\system32\PuranFD.exe
2016-02-02 18:31:41 ----A---- C:\Windows\system32\PuranDefragS.exe
2016-02-02 18:31:41 ----A---- C:\Windows\system32\PuranDefragBT.exe
2016-02-02 18:31:41 ----A---- C:\Windows\system32\PuranDefrag.dll
2016-02-02 18:31:41 ----A---- C:\Windows\system32\PuranDC.exe
2016-02-02 18:31:40 ----D---- C:\Program Files\Puran Defrag

======List of files/folders modified in the last 1 month======

2016-02-24 11:33:37 ----D---- C:\Temp
2016-02-24 11:33:34 ----D---- C:\Windows\Temp
2016-02-24 11:33:33 ----RD---- C:\Program Files
2016-02-24 11:29:50 ----D---- C:\Windows\system32\config
2016-02-24 11:23:59 ----D---- C:\Windows
2016-02-24 11:21:42 ----D---- C:\Windows\inf
2016-02-24 11:21:02 ----D---- C:\Windows\System32
2016-02-24 11:21:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-24 11:19:30 ----D---- C:\Windows\SoftwareDistribution
2016-02-24 11:16:49 ----D---- C:\Program Files (x86)\SpeedFan
2016-02-24 11:15:23 ----D---- C:\Windows\system32\Tasks
2016-02-24 11:13:16 ----D---- C:\Windows\system32\drivers
2016-02-24 11:06:34 ----D---- C:\Windows\system32\DriverStore
2016-02-24 11:06:33 ----SHD---- C:\System Volume Information
2016-02-24 10:08:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-23 19:22:18 ----D---- C:\ProgramData\Origin
2016-02-23 18:34:13 ----D---- C:\Users\Terazky\AppData\Roaming\Notepad++
2016-02-23 18:33:24 ----RD---- C:\Program Files (x86)
2016-02-23 18:32:34 ----D---- C:\Users\Terazky\AppData\Roaming\vlc
2016-02-23 18:30:08 ----D---- C:\Program Files (x86)\FileHippo.com
2016-02-23 18:29:20 ----D---- C:\Windows\SysWOW64
2016-02-23 18:29:20 ----D---- C:\Program Files (x86)\Bandicam
2016-02-23 18:29:18 ----D---- C:\Program Files (x86)\BandiMPEG1
2016-02-23 18:28:29 ----D---- C:\Program Files (x86)\Notepad++
2016-02-23 17:13:06 ----HD---- C:\ProgramData
2016-02-23 17:12:46 ----D---- C:\Windows\Help
2016-02-23 16:52:40 ----D---- C:\Program Files\totalcmd
2016-02-23 16:43:25 ----D---- C:\Windows\winsxs
2016-02-23 16:43:19 ----D---- C:\Windows\system32\CatRoot2
2016-02-23 16:30:52 ----D---- C:\Program Files (x86)\WTFast
2016-02-23 16:21:39 ----D---- C:\Users\Terazky\AppData\Roaming\GHISLER
2016-02-23 15:59:58 ----D---- C:\Users\Terazky\AppData\Roaming\Skype
2016-02-23 15:59:33 ----SHD---- C:\Windows\Installer
2016-02-23 15:59:33 ----D---- C:\ProgramData\Skype
2016-02-23 15:59:31 ----D---- C:\Program Files (x86)\Common Files
2016-02-23 03:03:31 ----D---- C:\Users\Terazky\AppData\Roaming\Stellarium
2016-02-23 01:34:35 ----D---- C:\Windows\SYSWOW64\drivers
2016-02-23 01:34:31 ----D---- C:\Program Files\HWiNFO64
2016-02-23 01:28:05 ----D---- C:\Program Files (x86)\MSI Afterburner
2016-02-15 03:54:21 ----D---- C:\Users\Terazky\AppData\Roaming\uTorrent
2016-02-12 05:18:21 ----D---- C:\Windows\rescache
2016-02-12 02:20:28 ----D---- C:\Windows\Tasks
2016-02-12 02:20:28 ----D---- C:\Windows\system32\wfp
2016-02-12 02:20:28 ----D---- C:\Windows\system32\Msdtc
2016-02-12 02:20:28 ----D---- C:\Windows\pss
2016-02-12 02:20:28 ----D---- C:\ProgramData\SystemExplorer
2016-02-12 02:20:27 ----D---- C:\Windows\system32\wbem
2016-02-12 02:20:23 ----D---- C:\Users\Terazky\AppData\Roaming\Winamp
2016-02-12 02:20:22 ----SHD---- C:\$Recycle.Bin
2016-02-12 02:20:22 ----D---- C:\Program Files (x86)\IrfanView
2016-02-12 02:20:20 ----D---- C:\Windows\registration
2016-02-12 02:11:53 ----D---- C:\Windows\system32\LogFiles
2016-02-11 23:43:36 ----D---- C:\Windows\Microsoft.NET
2016-02-11 20:25:24 ----RSD---- C:\Windows\assembly
2016-02-11 19:21:54 ----D---- C:\Windows\system32\sysprep
2016-02-11 13:48:51 ----D---- C:\Windows\debug
2016-02-11 12:27:51 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-11 12:27:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-11 12:27:51 ----D---- C:\Program Files\Internet Explorer
2016-02-11 12:27:51 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 12:27:50 ----RSD---- C:\Windows\Fonts
2016-02-11 12:27:50 ----D---- C:\Windows\system32\en-US
2016-02-11 12:27:50 ----D---- C:\Windows\system32\cs-CZ
2016-02-11 12:27:50 ----D---- C:\Windows\AppPatch
2016-02-11 12:23:33 ----D---- C:\Windows\system32\MRT
2016-02-11 12:20:31 ----A---- C:\Windows\system32\MRT.exe
2016-02-11 12:16:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-11 01:44:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-09 21:44:17 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-02-09 21:44:09 ----D---- C:\Program Files (x86)\Java
2016-02-09 18:49:14 ----D---- C:\Users\Terazky\AppData\Roaming\Mp3tag
2016-02-09 06:41:25 ----A---- C:\Windows\system32\nv3dappshext.dll
2016-02-07 17:35:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-04 21:27:05 ----D---- C:\Program Files (x86)\Mp3tag
2016-02-03 22:43:00 ----D---- C:\Program Files (x86)\Origin
2016-02-02 20:56:35 ----D---- C:\Windows\Prefetch
2016-02-02 20:25:41 ----D---- C:\Windows\system32\NDF
2016-01-25 16:54:54 ----D---- C:\Program Files (x86)\Samsung
2016-01-25 16:54:52 ----D---- C:\Windows\system32\RAPID

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-03-30 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-03-30 43720]
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2016-02-11 478128]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-02-11 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-02-11 287016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-02-11 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-02-11 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-02-11 1065720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2016-02-23 27552]
R1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2013-02-18 633680]
R1 Uim_VIM;UIM Virtual Image Plugin; C:\Windows\System32\Drivers\uim_vimx64.sys [2013-02-18 390352]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2013-02-18 90960]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2014-09-19 60104]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-02-11 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-02-11 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-02-11 165344]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R3 cthda;Sound Blaster Audio Driver; C:\Windows\system32\drivers\cthda.sys [2014-11-17 1065728]
R3 cthdb;Sound Blaster Audio Controller Driver; C:\Windows\system32\DRIVERS\cthdb.sys [2014-11-17 34048]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2014-02-12 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2014-02-12 94208]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2015-06-11 37408]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS); C:\Windows\system32\drivers\LGJoyXlCore.sys [2015-06-11 68384]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [2013-05-30 41752]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2015-06-11 26912]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-02-11 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-01-23 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-06-02 13536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2014-05-03 34816]
S1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2016-02-23 552880]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2015-08-22 44640]
S3 BioNTDrv;BioNTDrv; \??\C:\Program Files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\BioNTDrv.SYS [2013-02-18 19792]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [2015-03-10 31376]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-12-02 25640]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 tap0901cn;Speedify Virtual Adapter; C:\Windows\system32\DRIVERS\tap0901cn.sys [2015-07-29 39544]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2015-08-24 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-29 23200]
S4 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys [2000-02-03 24608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2014-09-19 137584]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-11 237096]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-02-11 119128]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2012-10-08 423424]
R2 CtHdaSvc;Sound Blaster Audio Service; C:\Windows\sysWow64\CtHdaSvc.exe [2014-11-17 114176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-01-23 1163200]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-01-23 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-01-23 4812736]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-09 1264696]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-02-09 426040]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-01-23 6308288]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2015-08-22 79360]
S3 Crypkey License;Crypkey License; crypserv.exe []
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-02-03 2104840]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-02-04 835152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-08-22 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11 269504]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Roli]

Zdravím, nejdříve uklidíme.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Když Avast stopneš, děje se to také ?

Ovladače zvukovky si také aktualizoval ?

[Halen]

CCleaner používám pravidelně, je uklizeno. Vypínat Avast jsem nezkoušel, ale zkoušel jsem jej přes správu programů opravit a oprava skončila s hláškou "Failed to load language.dll language path:1033\UILangRes.dll". Při běžné činnosti se PC chová dobře, odezvy jsou v pořádku, žádné procesy nevytěžují procesor, teploty jsou v cajku. Ovladače zvukovky jsou aktuální poslední dostupné pro W7-64, ale už dost vousaté. Spadne to náhodně pouze tehdy, kdy není vyvíjena žádná interakce přes klávesnici nebo myš. Ještě jsem prohlížel soubor DMP a je tam chyba, kterou jsem se snažil odstranit pomocí CHKDSK s kompletní kontrolou, ale žádné chyby to nenašlo. Tady je výpis. A log z AdwCleaneru.
==================================================
Dump File : 022416-8221-01.dmp
Crash Time : 24.2.2016 6:02:35
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 00000000`001904fb
Parameter 2 : fffff880`0c822eb8
Parameter 3 : fffff880`0c822710
Parameter 4 : fffff800`02cd04f4
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+4211
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+743c0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : D:\BSOD\022416-8221-01.dmp
Processors Count : 8
Major Version : 15
Minor Version : 7601
Dump File Size : 391 408
Dump File Time : 24.2.2016 10:08:09
==================================================

# AdwCleaner v5.036 - Logfile created 24/02/2016 at 18:46:58
# Updated 22/02/2016 by Xplode
# Database : 2016-02-24.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Terazky - TERAZKY-PC
# Running from : C:\Users\Terazky\Desktop\adwcleaner_5.036.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [621 bytes] - [24/02/2016 18:46:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [693 bytes] ##########

[Roli]

Zrovna tahle chyba se blbě hledá, může se jednat o problém s hardware nebo software.

Zkus jet nějakou dobu se stopnutým Avastem.

Ještě můžem pro jistotu mrknout hlouběji na breberky.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[Halen]

Děkuji za váš čas a podporu. Spustil jsem Combofix, vše proběhlo, chtěl restart, dal jsem a vyskočily dvě chybové hlášky, které sem připíšu.

Unable to create a backup of the current registry file
C:\Windows\System32\Config\System
Continue restoration of this file A/N a vzalo to pouze "N"

Error restoring
C:\Windows\erdat\subs\system to
C:\Windows\System32\Config\System
Continue with the next file?
[ RegReplaceKey:5 - přístup byl odepřen ]

ComboFix 16-02-23.01 - Terazky 25.02.2016 17:48:43.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.16365.13954 [GMT 1:00]
Spuštěný z: c:\users\Terazky\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\temp\sfamcc00001.dll
c:\temp\sfareca00001.dll
c:\windows\SysWow64\SYSTEM32.INI
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-25 do 2016-02-25 )))))))))))))))))))))))))))))))
.
.
2016-02-24 17:50 . 2016-02-11 12:42 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-24 17:46 . 2016-02-24 17:46 -------- d-----w- C:\AdwCleaner
2016-02-24 10:33 . 2016-02-24 10:33 -------- d-----w- C:\rsit
2016-02-24 10:33 . 2016-02-24 10:33 -------- d-----w- c:\program files\trend micro
2016-02-24 10:23 . 2016-02-24 10:24 -------- d-----w- C:\FRST
2016-02-24 04:54 . 2016-02-24 04:54 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D8874DE-EFBF-4753-8A3E-5BFAD05D91D0}\offreg.3488.dll
2016-02-23 21:41 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D8874DE-EFBF-4753-8A3E-5BFAD05D91D0}\mpengine.dll
2016-02-23 17:33 . 2016-02-23 17:33 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-02-23 17:32 . 2016-02-23 17:32 -------- d-----w- c:\program files\VideoLAN
2016-02-23 17:29 . 2016-02-23 17:29 -------- d-----w- c:\users\Terazky\AppData\Roaming\NVIDIA
2016-02-23 16:37 . 2016-02-23 17:07 -------- d-----w- c:\users\Terazky\AppData\Roaming\Thunderbird
2016-02-23 16:14 . 2016-02-23 16:14 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA Corporation
2016-02-23 16:13 . 2016-02-23 16:13 -------- d-----w- c:\users\Terazky\AppData\Local\NVIDIA
2016-02-23 16:13 . 2016-01-23 02:54 1542600 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-02-23 16:13 . 2016-01-23 02:54 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-02-23 16:13 . 2016-01-23 02:53 1859936 ----a-w- c:\windows\system32\nvspcap64.dll
2016-02-23 16:13 . 2016-01-23 02:53 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-02-23 16:13 . 2016-01-23 02:53 112216 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-02-23 16:11 . 2015-12-18 06:11 47760 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-02-23 16:10 . 2016-02-23 16:13 -------- d-----w- c:\program files\NVIDIA Corporation
2016-02-23 14:59 . 2016-02-23 14:59 -------- d-----w- c:\program files (x86)\Common Files\Skype
2016-02-23 14:59 . 2016-02-23 14:59 -------- d-----r- c:\program files (x86)\Skype
2016-02-23 14:52 . 2016-02-23 14:52 -------- d-----w- c:\users\Terazky\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2016-02-23 00:51 . 2016-02-23 00:51 -------- d-----w- c:\users\Terazky\AppData\Local\PassMark
2016-02-23 00:51 . 2016-02-23 00:51 -------- d-----w- c:\programdata\Passmark
2016-02-23 00:51 . 2016-02-23 00:51 -------- d-----w- c:\program files\PerformanceTest
2016-02-23 00:49 . 2016-02-23 00:49 -------- d-----w- c:\windows\SysWow64\PolicyDefinitions
2016-02-23 00:49 . 2016-02-23 00:49 -------- d-----w- c:\program files (x86)\Spybot Anti-Beacon
2016-02-23 00:46 . 2016-02-23 00:47 -------- d-----w- c:\program files\PeerBlock
2016-02-23 00:44 . 2016-02-23 00:44 -------- d-----w- c:\program files (x86)\AMD
2016-02-23 00:34 . 2016-02-23 00:34 27552 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2016-02-23 00:29 . 2016-02-23 00:29 -------- d-----w- c:\program files (x86)\FinalWire
2016-02-23 00:01 . 2016-02-25 16:45 -------- d-----w- c:\users\Terazky\AppData\Roaming\foobar2000
2016-02-22 23:41 . 2016-02-22 23:41 -------- d-----w- c:\program files\CPUID
2016-02-15 02:56 . 2016-02-15 02:56 -------- d-----w- c:\program files (x86)\PrivaZer
2016-02-11 18:20 . 2016-02-11 18:20 -------- d-----w- c:\program files (x86)\Windows Sidebar
2016-02-11 18:18 . 2016-02-11 18:32 -------- d-----w- c:\programdata\Avg
2016-02-11 18:18 . 2016-02-11 18:18 -------- d--h--w- c:\programdata\Common Files
2016-02-11 18:17 . 2016-02-11 18:19 -------- d-----w- c:\users\Terazky\AppData\Local\Avg
2016-02-11 17:06 . 2016-02-11 17:06 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-02-11 13:35 . 2016-02-11 13:35 -------- d-----w- c:\program files (x86)\ESET
2016-02-11 13:24 . 2016-02-11 13:33 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-02-11 12:43 . 2016-02-11 12:43 -------- d-----w- c:\users\Terazky\AppData\Roaming\AVAST Software
2016-02-11 12:42 . 2016-02-23 14:32 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-11 12:42 . 2016-02-23 14:32 552880 ----a-w- c:\windows\system32\drivers\aswNetSec.sys
2016-02-11 12:42 . 2016-02-11 12:42 287016 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-02-11 12:42 . 2016-02-11 12:42 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-11 12:42 . 2016-02-11 12:42 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-11 12:42 . 2016-02-11 12:42 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-11 12:42 . 2016-02-11 12:42 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-11 12:42 . 2016-02-11 12:42 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-11 12:42 . 2016-02-11 12:42 1065720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-02-11 12:42 . 2016-02-11 12:42 52184 ----a-w- c:\windows\avastSS.scr
2016-02-11 12:42 . 2016-02-11 12:42 478128 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2016-02-11 12:42 . 2016-02-12 01:20 -------- d-----w- c:\program files\AVAST Software
2016-02-11 12:40 . 2016-02-12 01:20 -------- d-----w- c:\programdata\AVAST Software
2016-02-11 12:10 . 2016-02-11 12:10 -------- d-s---w- c:\windows\SysWow64\Microsoft
2016-02-11 11:12 . 2016-01-22 06:18 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-02-09 20:44 . 2016-02-09 20:44 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-02-09 17:36 . 2016-02-09 17:36 -------- d-----w- c:\users\Terazky\AppData\Roaming\XMedia Recode
2016-02-09 17:08 . 2016-02-09 17:08 -------- d-----w- c:\program files (x86)\XMedia Recode
2016-02-07 16:31 . 2016-02-07 16:31 -------- d-----w- c:\program files (x86)\Asoftech
2016-02-07 16:27 . 2016-02-07 16:34 -------- d-----w- c:\program files (x86)\iCare Data Recovery Pro
2016-02-02 20:09 . 2016-02-23 15:59 -------- d-----w- c:\users\Terazky\AppData\Local\PrivaZer
2016-02-02 20:09 . 2016-02-12 01:20 -------- d-----w- c:\programdata\privazer
2016-02-02 17:31 . 2014-01-23 18:56 287616 ----a-w- c:\windows\system32\PuranDC.exe
2016-02-02 17:31 . 2013-08-15 15:39 256896 ----a-w- c:\windows\system32\PuranDefrag.dll
2016-02-02 17:31 . 2013-08-15 15:39 132480 ----a-w- c:\windows\system32\PuranDefragBT.exe
2016-02-02 17:31 . 2013-08-15 15:39 292736 ----a-w- c:\windows\system32\PuranDefragS.exe
2016-02-02 17:31 . 2013-08-15 15:39 1367424 ----a-w- c:\windows\system32\PuranFD.exe
2016-02-02 17:31 . 2016-02-02 19:23 -------- d-----w- c:\program files\Puran Defrag
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-23 15:01 . 2015-08-22 02:22 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-22 22:56 . 2015-08-22 03:26 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2016-02-11 11:20 . 2015-08-22 01:50 146614896 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 00:44 . 2015-08-22 03:30 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-02-11 00:44 . 2015-08-22 03:30 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-09 20:44 . 2015-12-31 19:12 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-02-09 05:41 . 2015-12-21 23:42 530368 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-01-22 06:19 . 2016-02-11 11:12 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:05 . 2016-02-11 11:12 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-01-22 05:59 . 2016-02-11 11:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-08 21:54 . 2016-01-15 16:53 902144 ----a-w- c:\windows\SysWow64\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 815616 ----a-w- c:\windows\SysWow64\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-15 16:53 740352 ----a-w- c:\windows\SysWow64\wmpmde.dll
2015-12-08 21:54 . 2016-01-15 16:53 739328 ----a-w- c:\windows\SysWow64\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 665088 ----a-w- c:\windows\SysWow64\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 541184 ----a-w- c:\windows\SysWow64\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 1568768 ----a-w- c:\windows\SysWow64\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 358400 ----a-w- c:\windows\SysWow64\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-15 16:53 1325056 ----a-w- c:\windows\SysWow64\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-15 16:53 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-15 16:53 154112 ----a-w- c:\windows\SysWow64\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-15 16:53 206848 ----a-w- c:\windows\SysWow64\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-15 16:53 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-12-08 21:53 . 2016-01-15 16:53 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-12-08 21:53 . 2016-01-15 16:53 206848 ----a-w- c:\windows\SysWow64\qasf.dll
2015-12-08 21:53 . 2016-01-15 16:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2015-12-08 21:53 . 2016-01-15 16:53 970240 ----a-w- c:\windows\SysWow64\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-15 16:53 829952 ----a-w- c:\windows\SysWow64\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-15 16:53 241152 ----a-w- c:\windows\SysWow64\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-15 16:53 79872 ----a-w- c:\windows\SysWow64\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-15 16:53 415744 ----a-w- c:\windows\SysWow64\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-15 16:53 241152 ----a-w- c:\windows\SysWow64\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-15 16:53 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-12-08 21:53 . 2016-01-15 16:53 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-12-08 21:53 . 2016-01-15 16:53 609280 ----a-w- c:\windows\SysWow64\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-15 16:53 53248 ----a-w- c:\windows\SysWow64\mfvdsp.dll
2015-12-08 21:53 . 2016-01-15 16:53 4608 ----a-w- c:\windows\SysWow64\ksuser.dll
2015-12-08 21:53 . 2016-01-15 16:53 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-12-08 21:53 . 2016-01-15 16:53 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-12-08 21:53 . 2016-01-15 16:53 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2015-12-08 21:53 . 2016-01-15 16:53 153600 ----a-w- c:\windows\SysWow64\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-15 16:53 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-12-08 21:53 . 2016-01-15 16:53 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-12-08 21:53 . 2016-01-15 16:53 193536 ----a-w- c:\windows\SysWow64\ksproxy.ax
2015-12-08 21:52 . 2016-01-15 16:53 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-12-08 21:50 . 2016-01-15 16:53 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2015-12-08 19:07 . 2016-01-15 16:53 978944 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 666112 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1232896 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 642048 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 447488 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1955328 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1575424 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 19:07 . 2016-01-15 16:53 1153024 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1026048 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 19:07 . 2016-01-15 16:53 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 19:07 . 2016-01-15 16:53 292352 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 19:07 . 2016-01-15 16:53 378880 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 19:07 . 2016-01-15 16:53 225792 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1573888 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 19:07 . 2016-01-15 16:53 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 19:07 . 2016-01-15 16:53 254464 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 19:07 . 2016-01-15 16:53 624640 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 19:07 . 2016-01-15 16:53 1307136 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 19:07 . 2016-01-15 16:53 1160192 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 19:07 . 2016-01-15 16:53 4121600 ----a-w- c:\windows\system32\mf.dll
2015-12-08 19:07 . 2016-01-15 16:53 653824 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 484864 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 19:07 . 2016-01-15 16:53 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 19:07 . 2016-01-15 16:53 224768 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 223744 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 1010688 ----a-w- c:\windows\system32\mcmde.dll
2015-12-08 19:07 . 2016-01-15 16:53 70144 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 19:07 . 2016-01-15 16:53 206848 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 19:07 . 2016-01-15 16:53 100864 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 19:07 . 2016-01-15 16:53 5120 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 19:07 . 2016-01-15 16:53 632320 ----a-w- c:\windows\system32\evr.dll
2015-12-08 19:07 . 2016-01-15 16:53 405504 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 19:07 . 2016-01-15 16:53 76288 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 19:07 . 2016-01-15 16:53 189952 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 19:07 . 2016-01-15 16:53 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 19:06 . 2016-01-15 16:53 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 19:06 . 2016-01-15 16:53 250880 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 19:04 . 2016-01-15 16:53 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 18:54 . 2016-01-15 16:53 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 18:12 . 2016-01-15 16:53 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 18:11 . 2016-01-15 16:53 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2015-12-02 20:02 . 2015-08-22 01:21 25640 ----a-w- c:\windows\gdrv.sys
2015-12-02 12:18 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-08-20 15:44 . 2015-08-22 03:44 40 ---h--w- c:\program files (x86)\d710d8bd.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\Terazky\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" [2015-08-19 3389160]
"Sound Blaster Z-Series Control Panel"="c:\program files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" [2014-11-24 877056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-02-22 7139768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
.
R1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 BioNTDrv;BioNTDrv;c:\program files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\BioNTDrv.SYS;c:\program files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\BioNTDrv.SYS [x]
R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 tap0901cn;Speedify Virtual Adapter;c:\windows\system32\DRIVERS\tap0901cn.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901cn.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe;c:\windows\SYSNATIVE\PuranDefragS.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.3.0;AODDriver4.3.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 CtHdaSvc;Sound Blaster Audio Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 LGCoreTemp;Logitech CPU Core Tempurature;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 cthda;Sound Blaster Audio Driver;c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]
S3 cthdb;Sound Blaster Audio Controller Driver;c:\windows\system32\DRIVERS\cthdb.sys;c:\windows\SYSNATIVE\DRIVERS\cthdb.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);c:\windows\system32\drivers\LGJoyXlCore.sys;c:\windows\SYSNATIVE\drivers\LGJoyXlCore.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - RTCORE64
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-22 00:44]
.
2016-02-25 c:\windows\Tasks\MSIAfterburner.job
- c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-06-02 01:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-11 12:42 905248 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-07-02 14601160]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-01-23 2787264]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-01-23 1859936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: Interfaces\{601C94DA-D57B-454D-B011-726132B06EAE}: NameServer = 8.8.8.8,89.190.64.20,89.190.65.200
FF - ProfilePath - c:\users\Terazky\AppData\Roaming\Mozilla\Firefox\Profiles\5gebmm3b.default-1446055506919\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-PAexec
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\SpeedFan\speedfan.exe
.
**************************************************************************
.
Celkový čas: 2016-02-25 17:59:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-25 16:59
.
Před spuštěním: Volných bajtů: 207 891 070 976
Po spuštění: Volných bajtů: 207 680 020 480
.
- - End Of File - - D70013FE8DB33546EDABAE73DEDC9F5F
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

K té hlášce, ComboFix nemohl udělat zálohu registru, protože mu byl odepřen přístup ke složce.


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Koukám, že si tam instaloval X antivirů, to není úplně dobré, protože každý z nich zanechá v systému po sobě dost nepořádku a pak může docházet k různým problémům.


Ještě k tomu Avastu, zkus jej pomocí Avastclearu v Nouzáku odinstalovat a posléze nainstalovat znovu.


Pak dej vědět jak to s PC vypadá.

[Halen]

Všechno jsem provedl, při čisté instalaci Avast Premier to nehlásí nic. Ty jiné antiviráky?
- AVG PC TuneUp, mám licenci na starší verzi TuneUP, licence není přenositelná, takže jsem to odinstaloval.
- Malwarebytes Anti-Malware používám na scan
- Spybot Anti-Beacon je součást boje proti GWX a snaze Microsoftu mi vnutit W10 místo drahých a funkčních W7-64 SP1 Ultimate
- ESET bylo projetí PC online scanerem
-----------------
Opravdu bych netušil, kolik toho v PC po sobě programy i po ODINSTALACI nechají. Nicméně, dnes mi přišla nová deska, mám na tu starou podezření, přeci jen je to letitá babička z roku 2012, takže budu přeinstalovávat A znovu aktivovat Windows a už teď se děsím, jak zase strávím spoustu času nad tím, abych přemluvil k normálnímu fungování aktualizace Windows po ČISTÉ instalaci z instalačního DVD.
Editace, takže nakonec to šlo bez přeinstalace, windows bez problémů schrouply jinou desku, jen jsem odinstaloval ovladače staré desky a nainstaloval ovladače k nové desce a aktivoval Windows přes telefon a PC je stabilní, takže to byla HW chyba.

Téma je možné uzavřít, moc děkuji za váš čas.

[Roli]

Téma je možné uzavřít, moc děkuji za váš čas.

Není zač a