Win prieskumnik nereaguje Vyřešeno

[SamerLP]

RogueKiller:

RogueKiller V10.1.2.0 (x64) [Jan 7 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Samerko [Práva správce]
Mód : Smazat -- Datum : 01/17/2015 10:24:28

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 11 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Lightshot : C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [x] -> Smazáno
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 7 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : C:\Windows\System32\Drivers\dump_iaStor.sys @ 0x3c932c0

¤¤¤ Webové prohlížeče : 6 ¤¤¤
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Language Pack Install Helper [jid0-3qAYz7se7F3gEIA63LjbuEaPEDk@jetpack] -> Smazáno
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Google Translator for Firefox [translator@zoli.bod] -> Smazáno
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Media Player for YouTube™ [jid1-dgnICqQgv2AUZw@jetpack] -> Smazáno
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Google™ Translator [jid1-dgnIBwQga0SIBw@jetpack] -> Smazáno
[FIREFX:Addon] a2z6t27b.default-1381600143778 : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD6400BPVT-80HXZT3 +++++
--- User ---
[MBR] eff11c629db3241621335bfea4f680bf
[BSP] baa58400c4105655dd5a43eaed9ccc63 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 52430848 | Size: 256054 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 576829440 | Size: 328824 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_07012014_120814.log - RKreport_SCN_01102015_150321.log - RKreport_SCN_06302014_124755.log - RKreport_SCN_07012014_120443.log
RKreport_SCN_01172015_102248.log

ComboFix:

ComboFix 15-01-08.01 - Samerko . 01. 2015 10:39:04.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4072.1690 [GMT 1:00]
Running from: c:\users\Samerko\Desktop\ComboFix.exe
Command switches used :: c:\users\Samerko\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2014-12-17 to 2015-01-17 )))))))))))))))))))))))))))))))
.
.
2015-01-17 09:57 . 2015-01-17 09:57 -------- d-----w- c:\users\Skuska\AppData\Local\temp
2015-01-17 09:57 . 2015-01-17 09:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-17 09:57 . 2015-01-17 09:57 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-17 09:57 . 2015-01-17 09:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-16 21:01 . 2015-01-16 21:17 -------- d-----w- c:\users\Samerko\AppData\Roaming\VidCoder
2015-01-16 21:00 . 2015-01-16 21:00 -------- d-----w- c:\program files\VidCoder
2015-01-16 16:59 . 2015-01-16 16:59 -------- d-----w- c:\users\Samerko\AppData\Roaming\Maxthon3
2015-01-16 16:58 . 2015-01-16 16:59 -------- d-----w- c:\program files (x86)\Maxthon
2015-01-14 17:04 . 2015-01-14 17:07 -------- d-----w- c:\users\Samerko\avidemux
2015-01-12 15:29 . 2015-01-12 15:29 -------- d-----w- c:\users\Samerko\AppData\Roaming\mkvtoolnix
2015-01-12 15:12 . 2015-01-14 15:23 -------- d-----w- C:\Temp
2015-01-12 15:12 . 2010-11-03 22:08 83456 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2015-01-12 15:12 . 2010-11-03 22:08 83456 ----a-w- c:\windows\SysWow64\i420vfw.dll
2015-01-12 15:12 . 2007-05-17 00:57 86016 ----a-w- c:\windows\SysWow64\MediaBridgeSourceFilter.ax
2015-01-12 15:12 . 2007-04-07 21:22 241664 ----a-w- c:\windows\SysWow64\PmpSplitter.ax
2015-01-12 15:12 . 2010-06-21 10:12 1527650 ----a-w- c:\windows\SysWow64\libfftw3f-3.dll
2015-01-12 15:12 . 2009-07-18 11:08 1527650 ----a-w- c:\windows\SysWow64\fftw3.dll
2015-01-12 15:12 . 2008-04-06 00:53 140288 ----a-w- c:\windows\SysWow64\avsfilter.dll
2015-01-12 15:12 . 2005-09-13 06:09 4608 ----a-w- c:\windows\SysWow64\AvsRecursion.dll
2015-01-12 15:10 . 2015-01-12 15:11 -------- d-----w- c:\program files (x86)\XviD4PSP 5
2015-01-11 20:18 . 2015-01-11 20:19 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2015-01-11 18:27 . 2015-01-16 14:17 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{513AF53C-E09F-402A-B2F3-ACE5D32B13F1}\offreg.dll
2015-01-11 17:22 . 2015-01-11 16:26 24064 ----a-w- c:\windows\zoek-delete.exe
2015-01-11 17:22 . 2015-01-17 10:10 -------- d-----w- c:\users\Samerko\AppData\Local\Temp
2015-01-11 16:26 . 2015-01-11 17:34 -------- d-----w- C:\zoek_backup
2015-01-10 15:31 . 2015-01-11 15:32 6386 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2015-01-10 14:44 . 2015-01-16 16:59 -------- d-----w- C:\CrashDumpsApp
2015-01-10 13:56 . 2015-01-17 09:16 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-01-09 20:30 . 2015-01-09 20:30 -------- d-----w- c:\users\Samerko\AppData\Local\Aegisub
2015-01-09 20:12 . 2015-01-09 20:12 -------- d-----w- c:\users\Samerko\AppData\Roaming\HandBrake
2015-01-09 20:10 . 2015-01-09 20:11 -------- d-----w- c:\program files\Handbrake
2015-01-09 13:21 . 2015-01-17 10:09 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-09 13:21 . 2015-01-09 13:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-09 13:21 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-09 13:21 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-09 13:21 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-09 13:04 . 2015-01-17 09:15 -------- d-----w- c:\users\Samerko\AppData\Local\Adobe
2015-01-09 13:02 . 2015-01-09 13:02 -------- d-----w- c:\users\Samerko\AppData\Local\ASUS
2015-01-08 19:26 . 2015-01-08 19:26 -------- d-----w- c:\users\Samerko\AppData\Local\UWebKit151
2015-01-08 13:03 . 2008-07-31 09:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2015-01-08 13:03 . 2008-07-31 09:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2015-01-08 13:03 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2015-01-08 13:03 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2015-01-08 13:03 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2015-01-06 14:50 . 2015-01-15 13:13 -------- d-----w- c:\users\Samerko\AppData\Roaming\fontconfig
2015-01-06 14:49 . 2015-01-16 14:13 -------- d-----w- c:\users\Samerko\AppData\Roaming\Aegisub
2015-01-06 14:41 . 2015-01-06 14:42 -------- d-----w- c:\program files (x86)\Aegisub
2015-01-05 14:34 . 2015-01-05 14:34 -------- d-----w- c:\users\Samerko\AppData\Roaming\Ashampoo
2015-01-05 14:33 . 2015-01-05 14:34 -------- d-----w- c:\programdata\Ashampoo
2015-01-01 12:20 . 2015-01-01 12:20 -------- d-----w- c:\program files (x86)\SkinPack
2015-01-01 12:20 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2015-01-01 12:20 . 2010-11-20 13:27 143872 ----a-w- c:\windows\system32\SndVolSSO.dll
2015-01-01 12:20 . 2010-11-20 13:27 1530368 ----a-w- c:\windows\system32\pnidui.dll
2015-01-01 12:20 . 2009-07-14 01:28 20278272 ----a-w- c:\windows\system32\imageres.dll
2015-01-01 12:19 . 2010-11-20 13:26 1865728 ----a-w- c:\windows\system32\ExplorerFrame.dll
2015-01-01 12:19 . 2010-11-20 13:25 826368 ----a-w- c:\windows\system32\batmeter.dll
2015-01-01 12:19 . 2014-06-03 10:02 1954816 ----a-w- c:\windows\system32\authui.dll
2015-01-01 12:19 . 2015-01-01 12:20 -------- d-----w- c:\program files (x86)\Win8.1 SkinPack
2014-12-31 18:59 . 2014-12-31 18:59 -------- d-s---w- c:\windows\system32\CompatTel
2014-12-31 18:59 . 2014-12-31 18:59 -------- d-----w- c:\windows\system32\appraiser
2014-12-31 17:18 . 2014-12-31 17:19 -------- d-----w- c:\program files (x86)\Bloody5
2014-12-31 16:27 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-31 16:27 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-31 16:27 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-31 16:27 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-31 16:27 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-31 16:27 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-31 16:27 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-31 16:27 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-31 16:27 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-31 16:27 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-31 16:00 . 2014-12-15 03:13 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{513AF53C-E09F-402A-B2F3-ACE5D32B13F1}\mpengine.dll
2014-12-31 15:52 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-12-31 15:52 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-12-31 15:46 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-12-31 15:46 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-12-31 15:46 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-12-31 15:46 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-12-31 15:46 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-12-31 15:46 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-12-31 15:45 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-12-31 15:45 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-12-31 15:39 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-12-31 15:38 . 2014-11-22 03:00 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2014-12-31 15:37 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-12-31 15:36 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-12-31 15:36 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-12-31 15:36 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-12-31 15:36 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-12-31 15:36 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-12-31 15:36 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-12-31 15:36 . 2014-04-12 02:22 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-12-31 15:36 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-12-31 15:36 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-12-31 15:36 . 2014-04-12 02:19 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-12-31 15:36 . 2014-04-12 02:19 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-12-31 15:36 . 2014-04-12 02:19 28160 ----a-w- c:\windows\system32\secur32.dll
2014-12-31 15:36 . 2014-04-12 02:19 31232 ----a-w- c:\windows\system32\lsass.exe
2014-12-31 15:32 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-12-31 15:32 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-12-31 15:32 . 2014-01-24 02:37 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-12-31 15:32 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-12-31 15:32 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2014-12-31 15:32 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-12-31 15:32 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-12-31 15:32 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-12-31 15:32 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-12-31 15:31 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-12-31 15:29 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-31 15:13 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-12-31 15:13 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-12-31 14:51 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-12-31 14:51 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-12-31 14:51 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-12-31 14:51 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-12-31 14:51 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-12-31 14:51 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-12-31 14:51 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-12-31 14:51 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-12-31 14:51 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-12-31 14:51 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-12-31 14:50 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-12-31 14:50 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-12-31 14:50 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-12-31 14:50 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-17 09:05 . 2012-03-15 14:09 45056 ----a-w- c:\windows\system32\acovcnt.exe
2015-01-14 19:30 . 2012-04-01 15:43 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-14 19:30 . 2012-04-01 15:43 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-01 12:15 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2015-01-01 12:15 . 2011-02-18 19:49 2851840 ----a-w- c:\windows\system32\themeui.dll
2015-01-01 12:12 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2014-11-27 15:40 . 2012-09-02 18:36 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-24 13:04 . 2012-10-06 08:04 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"instanteyedropper"="c:\program files (x86)\InstantEyedropper\InstantEyedropper.exe" [2007-10-17 352256]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-1 548528]
Newgen.lnk - c:\program files (x86)\Win8.1 SkinPack\Newgen\Newgen.exe [2013-5-19 9792000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdatp.sys [x]
R3 cpuz137;cpuz137;c:\users\Samerko\AppData\Local\Temp\cpuz137\cpuz137_x64.sys;c:\users\Samerko\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [x]
R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe;c:\program files\Echobit\Evolve\EvoSvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-15 12:57 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31 19:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-12-22 15:28 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-12-22 15:28 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-12-22 15:28 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-12-22 15:28 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-12-22 15:28 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 4090824]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"MRT"="c:\windows\system32\MRT.exe" [2014-11-27 112710672]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}\3514D45425B4F40534: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}\3514D45425B4F4D20534F5E4564777F627B6: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}\3516D65627: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}\77966696D2140503134393: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-ExpressBurn - c:\program files (x86)\NCH Software\ExpressBurn\expressburn.exe
AddRemove-MC Titan Minecraft Feed the Beast - c:\users\Samerko\AppData\Roaming\MC Titan FTB\Odinstalovat.exe
AddRemove-MoodEditor - c:\program files (x86)\Pamela RichMood Editor\Uninst.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\uninst.exe
AddRemove-{4fcf070a-daac-45e9-a8b0-6850941f7ed8} - c:\programdata\Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
AddRemove-{90ffcee5-8608-4e94-8c18-a4feb4f83fb8} - c:\programdata\Package Cache\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}\vcredist_x64.exe
AddRemove-{9dba0447-b749-41ea-90bc-2aa19a9eb580} - c:\programdata\Package Cache\{9dba0447-b749-41ea-90bc-2aa19a9eb580}\vcredist_x86.exe
AddRemove-{c7ed0d4c-89c5-47fc-9e89-1088affe63f3} - c:\programdata\Package Cache\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{11DD827F-635D-DE0D-5CEB-58115E6B51E7}*]
"hadjjoikbibhklpa"=hex:6a,61,6d,70,62,6e,6d,6a,6f,65,66,64,6d,6d,61,67,6a,61,
6c,69,00,00
"ianjpldjgmmbeibbfe"=hex:63,61,61,70,67,6c,00,01
"iabmhbdlgkpjfahpbd"=hex:6b,61,6d,70,6f,6c,68,6f,63,69,66,65,6f,61,63,61,69,6f,
65,6b,69,69,00,00
"dbkmihpkjlelnhiiebpjffhciejbpbncmalhgfio"=hex:68,61,65,6c,70,65,61,65,64,62,
68,6c,62,69,70,6a,00,00
"jbkmihpkjlelnhiiebpjeacamcfmopablmfcdfhbkbplfmfpjkam"=hex:68,61,65,6c,70,65,
61,65,64,62,68,6c,62,69,70,6a,00,00
"dbkmihpkjlelnhiiebpjcpkegkkmdofcaecnmkgn"=hex:6a,62,64,70,67,6f,62,69,69,6a,
6e,67,70,64,70,64,66,63,62,70,64,64,61,6a,63,6f,65,6e,69,66,68,64,6b,65,66,\
.
[HKEY_USERS\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\SecuROM\License information*]
"datasecu"=hex:62,ce,a6,b3,d0,95,71,77,12,45,76,31,93,50,d1,66,e7,6a,be,67,9d,
53,ce,79,08,96,9f,11,69,0a,4d,7e,3c,3c,ad,19,40,4d,ad,35,a1,12,bd,5f,3c,85,\
"rkeysecu"=hex:1c,b1,63,2b,a6,6f,5c,ec,a3,f5,8b,58,ba,e4,62,25
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2015-01-17 11:19:10 - machine was rebooted
ComboFix-quarantined-files.txt 2015-01-17 10:19
ComboFix2.txt 2015-01-16 13:35
.
Pre-Run: 70 295 388 160 bytes free
Post-Run: 70 094 606 336 bytes free
.
- - End Of File - - 17D5D6FDCBE2666B5B8DBF789E919C87

Nový log HJT (te veci čo som mal s hjt vymazať sú vymazané):

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:08, on 17. 1. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

FIREFOX: 33.1.1 (x86 sk)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Users\Samerko\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [instanteyedropper] "C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Newgen.lnk = C:\Program Files (x86)\Win8.1 SkinPack\Newgen\Newgen.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11050 bytes

[Reklama]

[Orcus]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[SamerLP]

ComboFix odinštalovaný

CCleaner použil som ho, inak ho používam.

Čo sa týka problémov musím povedať ani nič moc stále to robí a vôbec nemôžem robiť dlhodobú prácu v disku ako napríklad triediť veci a takto proste sa to nedá :(

DelFix:

# DelFix v10.8 - Logfile created 17/01/2015 at 13:33:58
# Updated 29/07/2014 by Xplode
# Username : Samerko - SAMERKO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\Combofix
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.2.8.16.0_04.04.2014_16.21.22_log.txt
Deleted : C:\TDSSKiller.3.0.0.39_01.07.2014_12.11.35_log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Samerko\Desktop\aswmbr.exe
Deleted : C:\Users\Samerko\Desktop\HijackThis.exe
Deleted : C:\Users\Samerko\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Samerko\Desktop\zoek.exe
Deleted : C:\Users\Samerko\Downloads\adwcleaner.exe
Deleted : C:\Users\Samerko\Downloads\ComboFix.exe
Deleted : C:\Users\Samerko\Downloads\JRT.exe
Deleted : C:\Users\Samerko\Downloads\hijackthis.log
Deleted : C:\Users\Samerko\Downloads\OTL.exe
Deleted : C:\Users\Samerko\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Samerko\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #520 [zoek.exe restore point | 01/11/2015 16:32:07]
Deleted : RP #522 [Revo Uninstaller Pro's restore point - McAfee Security Scan Plus | 01/12/2015 19:00:55]
Deleted : RP #523 [ComboFix created restore point | 01/14/2015 14:22:12]
Deleted : RP #524 [ComboFix created restore point | 01/16/2015 12:58:15]

New restore point created !

########## - EOF - ##########

[Orcus]

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

====================================================

Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Nemáš málo volného místa na disku?

====================================================

Stáhni HWMonitor a nainstaluj jej.
- Spusť a uveď PC do zatížení (tjs. aspoň 10 minut toho při čem to padá).
- Udělej screenshot a ten sem vlož, tak jak je popsáno v návodu k tomuto fóru.

[SamerLP]

Memtest, mám 4GB ram tak koľko dať prosím?

Asi pred 1 týždnom som testoval HDD aj defragmentoval a v pohode s diskom problém nebol.

CrystalDiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2015/01/18 15:40:23

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- WDC WD6400BPVT-80HXZT3
- Slimtype DVD A DS8A5SH

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BPVT-80HXZT3 : 640,1 GB [0/0/0, pd1] - wd
(2) WDC WD7500AAKS-00RBA0 : 750,1 GB [1/X/X, sa1] (V=1058, P=0910) - wd

----------------------------------------------------------------------------
(1) WDC WD6400BPVT-80HXZT3
----------------------------------------------------------------------------
Model : WDC WD6400BPVT-80HXZT3
Firmware : 01.01A01
Serial Number : WD-WX81A81W7549
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 7224 hod.
Power On Count : 2795 krát
Temperature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 177 174 _21 00000000084D Čas na roztočení ploten
04 _97 _97 __0 000000000EC7 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001C38 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000AEB Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000001179 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 0000000000A5 Počet vypnutí disku
C1 162 162 __0 00000001C209 Počet cyklů načítání/vymazání
C2 108 _90 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3831 4138 3157 3735 3439
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3634 3030 4250 5654 2D38 3048 585A 5433 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0044
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0050
090: 0050 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AC41 669D 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 37A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 01 00 00 00 00 00 00 03 27
010: 00 B1 AE 4D 08 00 00 00 00 00 04 32 00 61 61 C7
020: 0E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 38 1C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 EB 0A 00 00 00 00 00 BF 32
070: 00 01 01 79 11 00 00 00 00 00 C0 32 00 C8 C8 A5
080: 00 00 00 00 00 00 C1 32 00 A2 A2 09 C2 01 00 00
090: 00 00 C2 22 00 6C 5A 27 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A4 3D 01 7B
170: 03 00 01 00 02 9B 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

----------------------------------------------------------------------------
(2) WDC WD7500AAKS-00RBA0
----------------------------------------------------------------------------
Enclosure : WD 7500AAK External USB Device (V=1058, P=0910, sa1) - wd
Model : WDC WD7500AAKS-00RBA0
Firmware : 30.04G30
Serial Number : WD-WCAPT0344034
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : Neznámy údaj
Interface : USB (Serial ATA)
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 7083 hod.
Power On Count : 122 krát
Temperature : 48 C (118 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 180 __1 _21 000000001F2F Čas na roztočení ploten
04 _97 _97 __0 000000000D0D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001BAB Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000007A Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000023 Počet vypnutí disku
C1 199 199 __0 000000000D0C Počet cyklů načítání/vymazání
C2 104 _85 __0 000000000030 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4150 5430 3334 3430 3334
020: 0000 8000 0032 3330 2E30 3447 3330 5744 4320 5744
030: 3735 3030 4141 4B53 2D30 3052 4241 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 00FE 0000 746B 7F61 4123 7469 BE41 4123 407F 0055
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 55D0 D36D 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0001 0000
130: 0000 0000 0000 1689 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 25A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 B4 01 2F 1F 00 00 00 00 00 04 32 00 61 61 0D
020: 0D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B AB 1B 00 00 00 00 00 0A 12 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 7A 00 00 00 00 00 00 C0 32
070: 00 C8 C8 23 00 00 00 00 00 00 C1 32 00 C7 C7 0C
080: 0D 00 00 00 00 00 C2 22 00 68 55 30 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 12
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 10 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 A0 41 01 7B
170: 03 00 01 00 02 CF 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 08 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DA

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 C8 C8 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 64 64 64 64 64 64 64 64 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 C8 C8 C8 C8 C8 C8 C8 C8 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51

Na disku C systémovom mám volných skoro 80GB a v disku D ktorý som pre niekoľkými týždnami formátoval takže je skoro prázdne a potom ešte mám externý disk a ten má cca 700GB a tam je volného skoro 300GB.

HWMonitor, nedá sa stiahnuť na tej stránke píše, že je odstránený alebo čo skúšal som stahovať aj cez iný pehliadač ale nejde stiahnuť nijak.

[memphisto]

Nespadl ti ten 640 GB WD? Má zaznamenáno spoustu otřesů...

[SamerLP]

Nie je ten druhý väčší? lebo ako viem 640GB je tuším spolu disk C,D čo je v notebooku... a ten WD externý nie nespadol...

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[SamerLP]

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Samerko (administrator) on SAMERKO-PC on 19-01-2015 14:47:56
Running from C:\Users\Samerko\Desktop
Loaded Profiles: Samerko (Available profiles: Samerko & Skuska & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
() C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent, Inc.) C:\Users\Samerko\AppData\Roaming\uTorrent\utorrent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4090824 2012-11-16] (ESET)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [112710672 2014-11-27] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [352256 2007-10-17] ()
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Newgen.lnk
ShortcutTarget: Newgen.lnk -> C:\Program Files (x86)\Win8.1 SkinPack\Newgen\Newgen.exe (NS)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1676706566-1539175069-4259669011-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{61EDEC6D-2042-4239-8A87-F973F3ABAA32}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1676706566-1539175069-4259669011-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Samerko\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1676706566-1539175069-4259669011-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Extension: Slovak (SK) Language Pack - C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\Extensions\langpack-sk@firefox.mozilla.org.xpi [2014-09-14]
FF Extension: Adblock Plus - C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-17]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Samerko\AppData\Roaming\Mozilla\Firefox\Profiles\a2z6t27b.default-1381600143778\extensions\detgdp@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts= ... W7549W7549
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419700720&from=wpm12233&uid=WDCXWD6400BPVT-80HXZT3_WD-WX81A81W7549W7549"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Dokumenty Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Disk Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Hľadať v Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Tabuľky Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Peňaženka Google) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Gmail) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR Profile: C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-01]
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2013-12-12]
CHR Extension: (YouTube) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-01]
CHR Extension: (Google Search) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-01]
CHR Extension: (Skype Click to Call) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-01]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-07-01]
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgafcinpmmpklohkojmllohdhomoefph [2012-12-01]
CHR Extension: (Gmail) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-01]
CHR Profile: C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-01]
CHR Extension: (YouTube) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-01]
CHR Extension: (Google Search) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-01]
CHR Extension: (Skype Click to Call) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-01]
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pgafcinpmmpklohkojmllohdhomoefph [2012-12-01]
CHR Extension: (Gmail) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2012-12-05] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2012-12-05] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913184 2012-11-16] (ESET)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580448 2014-12-02] (Echobit LLC)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368896 2012-09-12] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [229392 2012-09-13] (Nitro PDF Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-11] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-04] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-04] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-01-01] (Microsoft Corporation) [File not signed]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-07] () [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2012-12-05] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-04] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209808 2012-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-18] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-04] (Duplex Secure Ltd.)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57856 2014-09-09] () [File not signed]
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2012-03-19] (ShiningMorning Inc.)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\Samerko\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 14:47 - 2015-01-19 14:49 - 00024026 _____ () C:\Users\Samerko\Desktop\FRST.txt
2015-01-19 14:47 - 2015-01-19 14:48 - 00000000 ____D () C:\FRST
2015-01-19 14:47 - 2015-01-19 14:47 - 02126848 _____ (Farbar) C:\Users\Samerko\Desktop\FRST64.exe
2015-01-19 14:41 - 2015-01-19 14:49 - 531356863 _____ () C:\Users\Samerko\Desktop\[Chyuu] Kuroshitsuji - Book of Circus - 01 [720p][DDA40973].mkv
2015-01-18 19:49 - 2015-01-18 19:49 - 00007375 _____ () C:\Users\Samerko\Desktop\[AnimAls] Military! - 02.ass
2015-01-18 18:08 - 2015-01-18 18:08 - 00087329 _____ () C:\Users\Samerko\Desktop\BebopFilm.ass
2015-01-18 18:01 - 2015-01-18 18:01 - 00043757 _____ () C:\Users\Samerko\Desktop\[AnimAls] NyanKoi01.ass
2015-01-18 16:06 - 2015-01-18 16:06 - 00034502 _____ () C:\Users\Samerko\Desktop\Kuro1.ass
2015-01-18 15:35 - 2015-01-18 15:36 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2015-01-18 15:35 - 2015-01-18 15:35 - 02997112 _____ (Crystal Dew World ) C:\Users\Samerko\Desktop\CrystalDiskInfo6_2_2-en.exe
2015-01-18 15:35 - 2015-01-18 15:35 - 00001152 _____ () C:\Users\Samerko\Desktop\CrystalDiskInfo.lnk
2015-01-18 15:35 - 2015-01-18 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-01-18 15:30 - 2015-01-18 15:30 - 00015201 _____ () C:\Users\Samerko\Desktop\MemTest.zip
2015-01-18 09:29 - 2015-01-19 13:54 - 00000224 _____ () C:\Windows\setupact.log
2015-01-18 09:29 - 2015-01-18 09:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-17 15:20 - 2015-01-17 22:12 - 00000000 ____D () C:\Users\Samerko\AppData\Local\VidCoder
2015-01-17 11:27 - 2015-01-17 11:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-16 22:14 - 2015-01-16 22:14 - 00023208 _____ () C:\Users\Samerko\Desktop\Bebop25.ass
2015-01-16 22:14 - 2015-01-16 22:14 - 00014990 _____ () C:\Users\Samerko\Desktop\Bebop26.ass
2015-01-16 22:01 - 2015-01-19 14:35 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\VidCoder
2015-01-16 22:00 - 2015-01-16 22:00 - 09724922 _____ (RandomEngy ) C:\Users\Samerko\Desktop\VidCoder-1.5.31-x64.exe
2015-01-16 22:00 - 2015-01-16 22:00 - 00000826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VidCoder.lnk
2015-01-16 22:00 - 2015-01-16 22:00 - 00000000 ____D () C:\Program Files\VidCoder
2015-01-16 17:59 - 2015-01-16 17:59 - 00003596 _____ () C:\Windows\System32\Tasks\Maxthon Update
2015-01-16 17:59 - 2015-01-16 17:59 - 00001047 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-01-16 17:59 - 2015-01-16 17:59 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Maxthon3
2015-01-16 17:59 - 2015-01-16 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-01-16 17:58 - 2015-01-16 17:59 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2015-01-16 14:46 - 2015-01-16 14:46 - 00030515 _____ () C:\Users\Samerko\Desktop\TERRA FORMARS - 01_tmp_15b6.ass
2015-01-15 18:50 - 2015-01-15 18:50 - 00007800 _____ () C:\Users\Samerko\Desktop\[AnimAls] Military! - 01.ass
2015-01-14 18:06 - 2015-01-14 18:06 - 00000000 _____ () C:\Users\Samerko\.gtk-bookmarks
2015-01-14 18:04 - 2015-01-14 18:07 - 00000000 ____D () C:\Users\Samerko\avidemux
2015-01-13 19:01 - 2015-01-13 19:01 - 00072246 _____ () C:\Users\Samerko\Desktop\[TAT_a]Saint-Seiya_-Legend-of-Sanctuary.ass
2015-01-12 16:29 - 2015-01-12 16:29 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\mkvtoolnix
2015-01-12 16:12 - 2015-01-14 16:23 - 00000000 ____D () C:\Temp
2015-01-12 16:12 - 2015-01-12 16:12 - 00000987 _____ () C:\Users\Public\Desktop\XviD4PSP 5.lnk
2015-01-12 16:12 - 2015-01-12 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD4PSP 5
2015-01-12 16:12 - 2010-11-03 23:08 - 00083456 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2015-01-12 16:12 - 2010-11-03 23:08 - 00083456 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2015-01-12 16:12 - 2010-06-21 11:12 - 01527650 _____ () C:\Windows\SysWOW64\libfftw3f-3.dll
2015-01-12 16:12 - 2009-07-18 12:08 - 01527650 _____ () C:\Windows\SysWOW64\fftw3.dll
2015-01-12 16:12 - 2008-04-06 01:53 - 00140288 _____ () C:\Windows\SysWOW64\avsfilter.dll
2015-01-12 16:12 - 2007-05-17 01:57 - 00086016 _____ (MyCompanyName) C:\Windows\SysWOW64\MediaBridgeSourceFilter.ax
2015-01-12 16:12 - 2007-04-07 22:22 - 00241664 _____ (cooleyes) C:\Windows\SysWOW64\PmpSplitter.ax
2015-01-12 16:12 - 2005-09-13 07:09 - 00004608 _____ () C:\Windows\SysWOW64\AvsRecursion.dll
2015-01-12 16:10 - 2015-01-12 16:11 - 00000000 ____D () C:\Program Files (x86)\XviD4PSP 5
2015-01-11 21:18 - 2015-01-11 21:19 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2015-01-11 21:18 - 2015-01-11 21:18 - 10420256 _____ (CCCP Project ) C:\Users\Samerko\Desktop\Combined-Community-Codec-Pack-2014-07-13.exe
2015-01-11 21:18 - 2015-01-11 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2015-01-11 18:22 - 2015-01-11 17:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-10 16:31 - 2015-01-11 16:32 - 00006386 _____ () C:\Windows\system32\PerfStringBackup.TMP
2015-01-10 15:44 - 2015-01-18 18:52 - 00000000 ____D () C:\CrashDumpsApp
2015-01-10 14:56 - 2015-01-17 10:16 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-01-09 21:30 - 2015-01-09 21:30 - 00000000 ____D () C:\Users\Samerko\AppData\Local\Aegisub
2015-01-09 21:12 - 2015-01-09 21:12 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\HandBrake
2015-01-09 21:10 - 2015-01-09 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-01-09 21:10 - 2015-01-09 21:11 - 00000000 ____D () C:\Program Files\Handbrake
2015-01-09 21:10 - 2015-01-09 21:10 - 00000826 _____ () C:\Users\Skuska\Desktop\Handbrake.lnk
2015-01-09 21:10 - 2015-01-09 21:10 - 00000826 _____ () C:\Users\Samerko\Desktop\Handbrake.lnk
2015-01-09 21:10 - 2015-01-09 21:10 - 00000826 _____ () C:\Users\Guest\Desktop\Handbrake.lnk
2015-01-09 21:10 - 2015-01-09 21:10 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-01-09 20:40 - 2015-01-09 20:40 - 00056476 _____ () C:\Users\Samerko\Desktop\Nyan_Koi_1 - Nepreložené.ass
2015-01-09 14:21 - 2015-01-19 13:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 14:21 - 2015-01-09 14:21 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-09 14:21 - 2015-01-09 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-09 14:21 - 2015-01-09 14:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-09 14:21 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-09 14:21 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-09 14:21 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-09 14:04 - 2015-01-19 14:04 - 00000000 ____D () C:\Users\Samerko\AppData\Local\Adobe
2015-01-09 14:02 - 2015-01-09 14:02 - 00000000 ____D () C:\Users\Samerko\AppData\Local\ASUS
2015-01-08 20:26 - 2015-01-08 20:26 - 00000688 _____ () C:\Users\Public\Desktop\Shards of War.lnk
2015-01-08 20:26 - 2015-01-08 20:26 - 00000000 ____D () C:\Users\Samerko\AppData\Local\UWebKit151
2015-01-08 20:26 - 2015-01-08 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shards of War
2015-01-08 17:21 - 2015-01-08 17:21 - 00000992 _____ () C:\Users\Samerko\Desktop\ErrorReportingEnable.reg
2015-01-08 14:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-08 14:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-08 14:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-08 14:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-08 14:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-08 14:02 - 2015-01-08 14:02 - 00001319 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2015-01-08 14:02 - 2015-01-08 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-01-07 13:23 - 2015-01-07 13:23 - 00001155 _____ () C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2015-01-07 11:54 - 2015-01-07 11:54 - 00002298 _____ () C:\Users\Samerko\AppData\Roaming\ASSDraw3.cfg
2015-01-06 15:49 - 2015-01-18 21:53 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Aegisub
2015-01-06 15:41 - 2015-01-06 15:42 - 00000000 ____D () C:\Program Files (x86)\Aegisub
2015-01-06 15:41 - 2015-01-06 15:41 - 00001072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASSDraw3.lnk
2015-01-06 15:41 - 2015-01-06 15:41 - 00001043 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aegisub.lnk
2015-01-05 15:35 - 2015-01-05 15:35 - 00000000 ____D () C:\Users\Samerko\Documents\Ashampoo Burning Studio FREE
2015-01-05 15:34 - 2015-01-05 15:34 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Ashampoo
2015-01-05 15:33 - 2015-01-05 15:34 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-01-03 16:38 - 2015-01-03 16:38 - 00000694 _____ () C:\Users\Public\Desktop\Bus Driver.lnk
2015-01-03 16:38 - 2015-01-03 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Driver
2015-01-03 16:21 - 2015-01-03 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Driver SK
2015-01-02 15:23 - 2015-01-02 15:23 - 00017419 _____ () C:\Users\Samerko\Desktop\Akuma no Riddle.torrent
2015-01-01 13:20 - 2015-01-01 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win8.1 SkinPack
2015-01-01 13:20 - 2015-01-01 13:20 - 00000000 ____D () C:\Program Files (x86)\SkinPack
2015-01-01 13:20 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-01-01 13:20 - 2010-11-20 14:27 - 01530368 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-01-01 13:20 - 2010-11-20 14:27 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2015-01-01 13:20 - 2009-07-14 02:28 - 20278272 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2015-01-01 13:19 - 2015-01-01 13:20 - 00000000 ____D () C:\Program Files (x86)\Win8.1 SkinPack
2015-01-01 13:19 - 2014-06-03 11:02 - 01954816 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-01 13:19 - 2010-11-20 14:26 - 01865728 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-01-01 13:19 - 2010-11-20 14:25 - 00826368 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-12-31 21:36 - 2014-12-31 21:36 - 00000853 _____ () C:\Users\Samerko\Desktop\Fotky opekačka - odkaz.lnk
2014-12-31 21:36 - 2014-12-31 21:36 - 00000817 _____ () C:\Users\Samerko\Desktop\Fotky hrad.lnk
2014-12-31 21:35 - 2014-12-31 21:35 - 00000853 _____ () C:\Users\Samerko\Desktop\Fotky opekačka.lnk
2014-12-31 21:32 - 2014-12-31 21:32 - 00000970 _____ () C:\Users\Samerko\Desktop\uTorrent221.lnk
2014-12-31 21:30 - 2014-12-31 21:30 - 00000583 _____ () C:\Users\Samerko\Desktop\Trinity Seven.lnk
2014-12-31 21:18 - 2014-12-31 21:18 - 00000871 _____ () C:\Users\Samerko\Desktop\Bratislava-Výlet.lnk
2014-12-31 21:15 - 2014-12-31 21:15 - 00001032 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-31 21:15 - 2014-12-31 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-12-31 19:59 - 2014-12-31 19:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-31 19:59 - 2014-12-31 19:59 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-31 18:18 - 2014-12-31 18:19 - 00000000 ____D () C:\Program Files (x86)\Bloody5
2014-12-31 17:27 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-31 17:27 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-31 17:27 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-31 17:27 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-31 17:27 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-31 17:27 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-31 17:27 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-31 17:27 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-31 17:27 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-31 17:27 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-31 16:52 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-12-31 16:52 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-12-31 16:46 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-31 16:46 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-31 16:46 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-31 16:46 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-31 16:46 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

[SamerLP]

2014-12-31 16:46 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-31 16:45 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-31 16:45 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-31 16:40 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-31 16:40 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-31 16:40 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-31 16:40 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-31 16:40 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-31 16:40 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-31 16:40 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-31 16:40 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-31 16:40 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-12-31 16:40 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-12-31 16:40 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-12-31 16:40 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-12-31 16:40 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-12-31 16:39 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-31 16:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-31 16:39 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-31 16:39 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-31 16:39 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-31 16:39 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-31 16:39 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-31 16:39 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-31 16:39 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-31 16:39 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-31 16:39 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-31 16:39 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-31 16:39 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-31 16:39 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-31 16:39 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-31 16:39 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-31 16:39 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-31 16:39 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-31 16:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-31 16:39 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-31 16:39 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-31 16:39 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-31 16:39 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-31 16:39 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-31 16:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-31 16:39 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-31 16:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-31 16:39 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-31 16:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-31 16:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-31 16:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-31 16:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-31 16:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-31 16:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-31 16:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-31 16:39 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-31 16:39 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-31 16:39 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-31 16:39 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-31 16:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-31 16:39 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-31 16:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-31 16:39 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-31 16:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-31 16:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-31 16:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-31 16:39 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-31 16:39 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-31 16:39 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-31 16:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-31 16:39 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-31 16:39 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-31 16:39 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-31 16:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-31 16:39 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-31 16:39 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-31 16:39 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-12-31 16:38 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-31 16:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-31 16:38 - 2014-03-04 10:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-31 16:38 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-12-31 16:38 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-31 16:38 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-12-31 16:38 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-12-31 16:38 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-12-31 16:38 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-12-31 16:38 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-12-31 16:38 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-12-31 16:38 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-12-31 16:38 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-12-31 16:38 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-12-31 16:38 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-12-31 16:38 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-31 16:38 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-12-31 16:38 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-12-31 16:38 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-12-31 16:38 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-12-31 16:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-12-31 16:38 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-12-31 16:38 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-12-31 16:38 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-12-31 16:38 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-12-31 16:38 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-12-31 16:38 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-12-31 16:38 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-12-31 16:38 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-12-31 16:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-12-31 16:38 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-12-31 16:38 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-12-31 16:38 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-12-31 16:38 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-12-31 16:38 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-12-31 16:38 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-12-31 16:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-31 16:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-31 16:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-31 16:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-31 16:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-31 16:37 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-31 16:37 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-31 16:37 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-12-31 16:37 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-31 16:37 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-31 16:37 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-31 16:37 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-31 16:37 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-12-31 16:37 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-31 16:37 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-12-31 16:37 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-12-31 16:37 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-12-31 16:37 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-12-31 16:37 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-31 16:37 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-12-31 16:37 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-12-31 16:36 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-31 16:36 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-31 16:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-31 16:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-31 16:36 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-31 16:36 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-31 16:36 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-12-31 16:36 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-12-31 16:36 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-12-31 16:36 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-12-31 16:36 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-12-31 16:36 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-12-31 16:36 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-12-31 16:35 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-31 16:35 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-31 16:35 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-31 16:35 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-31 16:35 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-31 16:35 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-31 16:35 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-31 16:35 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-31 16:35 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-31 16:35 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-31 16:35 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-31 16:35 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-12-31 16:35 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-12-31 16:35 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-31 16:35 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-31 16:35 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-31 16:35 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-12-31 16:35 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-31 16:35 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-12-31 16:35 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-12-31 16:35 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-12-31 16:35 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-12-31 16:35 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-12-31 16:35 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-31 16:35 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-31 16:35 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-12-31 16:35 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-12-31 16:35 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-12-31 16:35 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-12-31 16:35 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-12-31 16:35 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-12-31 16:35 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-12-31 16:35 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-12-31 16:35 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-12-31 16:35 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-12-31 16:35 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-12-31 16:35 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-31 16:32 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-31 16:32 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-31 16:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-31 16:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-12-31 16:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-12-31 16:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-12-31 16:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-31 16:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-31 16:32 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-12-31 16:31 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-31 16:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-31 16:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-31 16:30 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-31 16:30 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-31 16:30 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-31 16:30 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-31 16:30 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-31 16:30 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-31 16:30 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-31 16:30 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-31 16:30 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-31 16:30 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-31 16:30 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-31 16:30 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-12-31 16:30 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-31 16:30 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-31 16:30 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-12-31 16:30 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-12-31 16:30 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-31 16:30 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-12-31 16:30 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-12-31 16:30 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-12-31 16:30 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-12-31 16:30 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-12-31 16:30 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-31 16:30 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-12-31 16:30 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-12-31 16:30 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-12-31 16:30 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-12-31 16:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-31 16:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-31 16:29 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-31 16:29 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-31 16:29 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-31 16:29 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-31 16:29 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-31 16:29 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-31 16:29 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-31 16:29 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-31 16:29 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-31 16:29 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-31 16:29 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-31 16:29 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-31 16:29 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-31 16:13 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-31 16:13 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-31 15:51 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-12-31 15:51 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-12-31 15:51 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-31 15:51 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-31 15:51 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-31 15:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-31 15:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-31 15:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-31 15:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-31 12:18 - 2014-12-31 12:18 - 00000000 ____D () C:\Users\Samerko\Downloads\[K&I] Blood C-The Last Dark
2014-12-31 12:06 - 2014-12-31 12:06 - 00000000 ____D () C:\Users\Samerko\Downloads\useron
2014-12-31 11:54 - 2014-12-31 11:54 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-12-31 11:51 - 2014-12-31 12:22 - 00000000 ____D () C:\Users\Samerko\AppData\Local\JDownloader v2.0
2014-12-31 11:48 - 2014-12-31 11:55 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 11:48 - 2014-12-31 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2014-12-31 11:48 - 2014-12-31 11:48 - 00000000 ____D () C:\Program Files\MKVToolNix
2014-12-30 22:29 - 2014-12-30 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
2014-12-30 22:29 - 2014-12-30 22:29 - 00000000 ____D () C:\Program Files (x86)\Gabest
2014-12-30 22:27 - 2014-12-30 22:28 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-12-30 22:27 - 2014-12-30 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-12-30 22:27 - 2011-05-30 14:42 - 00255488 _____ () C:\Windows\system32\xvidvfw.dll
2014-12-30 22:27 - 2011-05-30 14:42 - 00240640 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-30 22:27 - 2011-05-23 10:52 - 00153088 _____ () C:\Windows\SysWOW64\xvid.ax
2014-12-30 22:27 - 2011-05-23 08:49 - 00173568 _____ () C:\Windows\system32\xvid.ax
2014-12-30 22:27 - 2011-05-23 08:46 - 00645632 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-30 22:27 - 2011-05-23 08:45 - 00696832 _____ () C:\Windows\system32\xvidcore.dll
2014-12-30 22:26 - 2014-12-30 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-12-30 22:26 - 2014-12-30 22:26 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-12-30 22:26 - 2014-12-30 22:26 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-12-30 18:42 - 2014-12-30 18:42 - 00001286 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-12-30 18:42 - 2014-12-30 18:42 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-12-30 18:42 - 2014-12-30 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-12-30 18:36 - 2014-12-30 18:36 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\XMedia Recode
2014-12-30 17:52 - 2014-12-30 17:52 - 00001033 _____ () C:\Users\Public\Desktop\XMedia Recode.lnk
2014-12-30 17:52 - 2014-12-30 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-12-30 17:52 - 2014-12-30 17:52 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-12-30 17:44 - 2014-12-30 17:52 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\avidemux
2014-12-30 17:07 - 2014-12-30 17:07 - 00000000 ____D () C:\Program Files (x86)\Hokage.cz Tools
2014-12-28 23:16 - 2014-12-28 23:16 - 00000000 ____D () C:\Users\Samerko\Documents\Electronic Arts
2014-12-28 17:00 - 2014-12-28 17:00 - 00001570 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-12-28 17:00 - 2014-12-28 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-12-28 17:00 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-12-28 16:08 - 2014-12-28 16:08 - 00000000 ____D () C:\Hry
2014-12-28 14:55 - 2014-12-28 14:55 - 00002119 _____ () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2014-12-28 14:51 - 2014-12-28 14:57 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\MediaInfo
2014-12-28 14:48 - 2015-01-02 15:56 - 00001315 _____ () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2014-12-28 14:48 - 2014-12-28 14:48 - 00000000 ____D () C:\Program Files\MediaInfo
2014-12-28 13:55 - 2015-01-17 13:29 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Media Player Classic
2014-12-27 22:31 - 2014-12-28 12:59 - 00000000 ____D () C:\Users\Samerko\Downloads\The Sims 4
2014-12-27 18:24 - 2014-12-27 18:24 - 00001079 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-12-27 18:24 - 2014-12-27 18:24 - 00000000 ____D () C:\Users\Samerko\AppData\Local\VS Revo Group
2014-12-27 18:24 - 2014-12-27 18:24 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-12-27 18:24 - 2014-12-27 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-12-27 18:24 - 2014-12-27 18:24 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-27 18:24 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-12-27 18:21 - 2014-12-27 18:21 - 00000000 ____D () C:\Users\Samerko\Downloads\Revo Uninstaller Pro 3.1.1 Multilingual
2014-12-24 13:01 - 2014-12-24 13:01 - 00000943 _____ () C:\Users\Samerko\Desktop\µTorrent.lnk
==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 14:50 - 2013-08-03 16:16 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\uTorrent
2015-01-19 14:42 - 2012-04-01 16:37 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Skype
2015-01-19 14:30 - 2014-02-20 22:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-19 14:29 - 2012-09-26 17:32 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\vlc
2015-01-19 14:02 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 14:02 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 13:58 - 2014-11-04 13:52 - 01523269 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 13:55 - 2014-09-19 20:03 - 00000000 ____D () C:\Users\Samerko\AppData\Local\LogMeIn Hamachi
2015-01-19 13:54 - 2014-06-08 19:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-19 13:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 13:54 - 2009-07-14 05:45 - 05431832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-18 15:36 - 2014-11-04 13:51 - 00135752 _____ () C:\Users\Samerko\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-18 09:29 - 2014-09-14 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-17 13:36 - 2014-02-02 13:33 - 00001702 _____ () C:\DelFix.txt
2015-01-17 13:29 - 2014-02-07 23:17 - 06973440 ___SH () C:\Users\Samerko\Desktop\Thumbs.db
2015-01-17 13:29 - 2013-12-26 13:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-17 13:29 - 2013-08-01 16:38 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\DAEMON Tools Lite
2015-01-17 13:26 - 2013-11-10 12:02 - 00000000 ____D () C:\Windows\erdnt
2015-01-17 12:49 - 2014-05-31 19:39 - 00002273 _____ () C:\Users\Samerko\Desktop\ftp.txt
2015-01-17 11:10 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-17 10:58 - 2009-07-14 03:34 - 21757952 _____ () C:\Windows\system32\config\system.bak
2015-01-17 10:58 - 2009-07-14 03:34 - 103886848 _____ () C:\Windows\system32\config\software.bak
2015-01-17 10:58 - 2009-07-14 03:34 - 00401408 _____ () C:\Windows\system32\config\default.bak
2015-01-17 10:58 - 2009-07-14 03:34 - 00098304 _____ () C:\Windows\system32\config\sam.bak
2015-01-17 10:58 - 2009-07-14 03:34 - 00032768 _____ () C:\Windows\system32\config\security.bak
2015-01-17 10:56 - 2012-04-01 16:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 10:05 - 2012-03-15 15:09 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-01-15 13:58 - 2014-06-29 22:03 - 00002157 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-14 20:30 - 2013-10-31 11:13 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 20:30 - 2012-04-01 16:43 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 20:30 - 2012-04-01 16:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 18:06 - 2012-04-01 15:56 - 00000000 ____D () C:\Users\Samerko
2015-01-11 16:30 - 2012-10-14 10:06 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Nitro PDF
2015-01-11 16:17 - 2011-02-19 06:44 - 00000000 ____D () C:\Windows\sl-SI
2015-01-10 13:38 - 2014-09-14 20:06 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-10 13:38 - 2014-09-14 20:06 - 00001015 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-10 13:38 - 2014-06-29 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-10 13:38 - 2012-04-01 15:57 - 00000993 _____ () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-10 13:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-01-09 14:21 - 2013-10-06 07:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-08 19:11 - 2013-11-25 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-08 16:43 - 2014-06-15 18:52 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\.minecraft
2015-01-08 16:21 - 2013-06-01 13:12 - 00000000 ____D () C:\Users\Samerko\AppData\Local\PMB Files
2015-01-08 16:20 - 2013-06-01 13:12 - 00000000 ____D () C:\ProgramData\PMB Files
2015-01-08 16:04 - 2014-09-18 13:15 - 00005475 _____ () C:\Windows\system32\lvcoinst.log
2015-01-08 15:27 - 2012-04-01 16:37 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 14:04 - 2014-06-16 13:27 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Riot Games
2015-01-07 14:45 - 2013-09-13 13:17 - 00000000 ____D () C:\Users\Samerko\Documents\Euro Truck Simulator 2
2015-01-07 13:28 - 2014-12-15 14:39 - 00000000 ____D () C:\Users\Samerko\Documents\ETS2MP
2015-01-07 13:23 - 2014-12-15 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2015-01-07 13:23 - 2014-12-15 14:39 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2015-01-05 17:25 - 2012-12-06 18:49 - 00000000 ____D () C:\Users\Samerko\Documents\Bus Driver
2015-01-04 12:39 - 2012-11-16 22:04 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-01-03 18:41 - 2013-07-04 13:12 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\FileZilla
2015-01-01 13:23 - 2012-03-15 13:11 - 00003398 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-01-01 13:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2015-01-01 13:15 - 2011-02-18 20:49 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-01-01 13:15 - 2009-07-14 00:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-01-01 13:12 - 2009-07-14 00:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-01-01 00:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-12-31 21:15 - 2012-09-26 17:31 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-12-31 20:42 - 2012-04-01 15:57 - 00000503 _____ () C:\Users\Samerko\Downloads\Desktop.lnk
2014-12-31 20:07 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-31 19:59 - 2009-07-14 08:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-31 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-31 19:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-31 19:46 - 2012-12-11 15:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-31 18:27 - 2013-08-14 21:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-31 17:19 - 2013-03-15 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-31 17:16 - 2013-03-15 18:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-31 17:16 - 2013-03-15 18:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-30 22:01 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-30 18:43 - 2013-04-13 17:04 - 00000000 ____D () C:\Users\Samerko\Documents\Freemake
2014-12-30 18:43 - 2013-04-13 17:04 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-30 18:42 - 2013-04-13 17:02 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-12-28 17:00 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-28 13:15 - 2014-01-13 21:16 - 00000000 ____D () C:\Users\Samerko\.smplayer
2014-12-27 19:40 - 2013-04-27 19:27 - 00000000 ____D () C:\Windows\pss
2014-12-27 18:14 - 2013-06-05 12:28 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-27 18:10 - 2013-08-03 16:46 - 00000000 ____D () C:\Windows\Minidump
2014-12-27 18:10 - 2013-03-29 20:02 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\TS3Client
2014-12-27 17:45 - 2014-05-20 16:29 - 00000000 ____D () C:\Games
2014-12-27 17:29 - 2012-09-12 21:02 - 00000000 ____D () C:\Program Files\Paint.NET
2014-12-27 17:13 - 2014-08-17 14:38 - 00000000 ____D () C:\ProgramData\Nero
2014-12-27 16:35 - 2013-03-31 09:31 - 00000000 ____D () C:\ProgramData\TechSmith
2014-12-27 16:30 - 2014-05-29 15:03 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-26 21:29 - 2014-08-04 11:22 - 00000649 _____ () C:\Users\Samerko\Desktop\FB.txt
2014-12-25 15:58 - 2013-12-26 13:34 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-24 13:01 - 2013-08-03 16:16 - 00000000 ____D () C:\Users\Samerko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent

==================== Files in the root of some directories =======
2014-07-14 19:43 - 2014-07-14 19:49 - 0000132 _____ () C:\Users\Samerko\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2013-09-11 17:44 - 2014-11-27 17:36 - 0000132 _____ () C:\Users\Samerko\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-03-12 19:32 - 2014-03-12 19:40 - 0000132 _____ () C:\Users\Samerko\AppData\Roaming\Adobe GIF Format CC Prefs
2014-03-01 19:07 - 2014-05-11 16:39 - 0000132 _____ () C:\Users\Samerko\AppData\Roaming\Adobe PNG Format CC Prefs
2015-01-07 11:54 - 2015-01-07 11:54 - 0002298 _____ () C:\Users\Samerko\AppData\Roaming\ASSDraw3.cfg
2014-11-12 17:04 - 2014-11-12 17:04 - 0000132 _____ () C:\Users\Samerko\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2014-07-29 19:38 - 2014-07-29 19:38 - 0004608 _____ () C:\Users\Samerko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-31 14:05 - 2014-08-16 16:06 - 0000600 _____ () C:\Users\Samerko\AppData\Local\PUTTY.RND
2014-11-22 22:39 - 2014-11-22 22:39 - 0001896 _____ () C:\Users\Samerko\AppData\Local\recently-used.xbel
2014-03-07 21:13 - 2014-03-07 21:13 - 0000003 _____ () C:\Users\Samerko\AppData\Local\updater.log
2014-03-07 21:13 - 2014-12-18 17:17 - 0000425 _____ () C:\Users\Samerko\AppData\Local\UserProducts.xml
2012-03-15 13:13 - 2012-03-15 13:14 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-15 13:13 - 2012-03-15 13:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2015-01-01 13:20] - [2011-02-25 07:19] - 2871808 ____A (Microsoft Corporation) 9A7D6A395E5EBA6F4B1C7D91A0B075FA

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-16 18:49

==================== End Of Log ============================

[SamerLP]

Addition.txt :

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Samerko at 2015-01-19 14:51:13
Running from C:\Users\Samerko\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Akamai NetSession Interface (HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATI AVIVO64 Codecs (Version: 11.6.0.10419 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D9D7384A-8014-EE99-279E-E9BA3F6C4836}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.)
Bus Driver (HKLM-x32\...\Bus Driver_is1) (Version: - TopWare Poland Sp. z o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.2.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.2 - Crystal Dew World)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
ESET NOD32 Antivirus (HKLM\...\{76C0D03F-44AB-4D57-A6B9-5E3F6AEFA0FD}) (Version: 5.2.15.1 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.2 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.2 R2 Alpha - ETS2MP Team)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.9 - Echobit, LLC)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FileZilla Client 3.7.3 (HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Freemake Video Converter verzia 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Goodgame Empire (HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3) (Version: v1.1.5 - Pokki)
Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX)
IcoFX 2.5 (HKLM-x32\...\IcoFX 2_is1) (Version: - )
Instant Eyedropper 1.75 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.0 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
Malwarebytes Anti-Malware verzia 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
MediaInfo 0.7.71 (HKLM\...\MediaInfo) (Version: 0.7.71 - MediaArea.net)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metropolis Hippo Viewer version 0.6.3 (HKLM-x32\...\{0C24676C-7381-4D94-899A-8B2BE8CBFCD4}_is1) (Version: 0.6.3 - Metropolis Metaversum)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Minecraft (HKLM-x32\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
Mozilla Firefox 35.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 sk)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Program version 1.5 (HKLM-x32\...\My Program_is1) (Version: 1.5 - )
Nero 9 Essentials (HKLM-x32\...\{6f61f3cf-95c7-4987-8d3b-ed3eda0847dc}) (Version: - Nero AG)
Nitro Reader 2 (HKLM\...\{C30BB9AD-F9E4-4506-B416-57C03702998D}) (Version: 2.5.0.45 - Nitro PDF Software)
Notification Center (HKLM-x32\...\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}) (Version: 0.7.8.829 - BlueStack Systems, Inc.)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Shards of War (HKLM-x32\...\1d128bf6-25c8-4b8a-bfa2-12b013ab230e_is1) (Version: 59459 - Bigpoint GmbH)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.1 - Synaptics Incorporated)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VidCoder 1.5.31 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.5.31 - RandomEngy)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VirtualDJ PRO Full (HKLM-x32\...\{74F28F11-404B-4CEA-92FF-37BF476F239E}) (Version: 7.0.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
Win8.1 SkinPack X64 (HKLM-x32\...\Win8.1 SkinPack) (Version: X64 - SkinPack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
wxDev-C++ 7.4 (HKLM-x32\...\wxdevcpp) (Version: - )
XMedia Recode version 3.2.0.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.4 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
XviD4PSP 5.10.330.0 (HKLM-x32\...\XviD4PSP5_is1) (Version: - Winnydows & fcp team)
Zoner Photo Studio 12 (HKLM-x32\...\ZonerPhotoStudio12_CZ_is1) (Version: 12.0.1.7 - ZONER software)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1676706566-1539175069-4259669011-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1676706566-1539175069-4259669011-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files (x86)\Zoner\Photo Studio 12\Program\SHELLEXT64.DLL (ZONER software)

==================== Restore Points =========================

17-01-2015 13:35:31 End of disinfection

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-17 11:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09459878-1FA3-4495-87B6-DDF134186ADB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: {0AEA5E84-B991-4CC6-A657-65ACA448F165} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {1C1DA28E-DB53-4DC6-A5D1-9219E484C352} - System32\Tasks\{9267B099-6ACE-4931-9A39-8A28EA541925} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Setup.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {240C4B27-CA1B-4D9E-B68D-A5E3B949C9D4} - System32\Tasks\NCH Software\ExpressBurnReminder => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe
Task: {2586D28F-25FC-443A-97B7-E55ED694382A} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: {379BDC9B-A06D-4873-91D3-D117BAEC46CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {3A4A97CF-FE6D-467E-8537-949FF5EA0344} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {44B4F28A-F259-49F3-9585-2A6D082234CA} - \Registry Optimizer No Task File <==== ATTENTION
Task: {457FBAE4-E059-4B9F-8583-C75504FB0821} - System32\Tasks\AdobeAAMUpdater-1.0-Samerko-PC-Samerko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {5D85B9D1-4388-4E35-A3BC-B5107CA6C14F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)
Task: {75B171CE-F266-478D-B804-7AF85969A8E7} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {7DC5799A-2733-449B-91FE-7B23464E991C} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {9DBD14B0-2CF2-400B-AF7C-9E563EB071E6} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {B8D00ABB-1A3D-4D6F-8163-8D529135A8A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E2985AD4-029F-4E4E-B66B-F8449DB4689A} - System32\Tasks\NCH Software\ExpressBurnDowngrade => C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EFD742DA-A207-4066-BEAB-90055BC47A22} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {F3D8DE67-D0A9-4C1E-8DC0-0580D7C20738} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {F8F128D2-4776-4ED4-B845-9CE6F35A8B90} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {F9D20E85-2E63-4763-9223-54018F5097A9} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2010-12-18] (ASUSTek Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2014-06-04 16:10 - 2014-06-04 16:10 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-06-04 16:10 - 2014-06-04 16:10 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-07 17:56 - 2013-09-07 17:56 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-11-02 15:00 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-09-01 13:27 - 2007-10-17 15:22 - 00352256 _____ () C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
2014-02-11 03:21 - 2014-02-11 03:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-08-31 15:33 - 2011-08-31 15:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2013-11-02 15:00 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2015-01-17 11:27 - 2015-01-17 11:27 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-01-14 20:30 - 2015-01-14 20:30 - 16844464 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1676706566-1539175069-4259669011-500 - Administrator - Disabled)
Guest (S-1-5-21-1676706566-1539175069-4259669011-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1676706566-1539175069-4259669011-1002 - Limited - Enabled)
Samerko (S-1-5-21-1676706566-1539175069-4259669011-1000 - Administrator - Enabled) => C:\Users\Samerko
Skuska (S-1-5-21-1676706566-1539175069-4259669011-1005 - Limited - Enabled) => C:\Users\Skuska

==================== Faulty Device Manager Devices =============

Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 01:54:06 PM) (Source: BstHdLogRotatorSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at BlueStacks.hyperDroid.LogRotatorService.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/18/2015 09:55:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: InsOnSrv.exe, verzia: 1.0.0.1, časová značka: 0x4db7e771
Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000
Identifikácia chybného procesu: 0x780
Čas spustenia chybnej aplikácie: 0xInsOnSrv.exe0
Cesta chybnej aplikácie: InsOnSrv.exe1
Cesta chybného modulu: InsOnSrv.exe2
Identifikácia hlásenia: InsOnSrv.exe3

Error: (01/18/2015 06:52:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.exe, verzia: 6.1.7601.17567, časová značka: 0x4d672ee4
Názov chybového modulu: ASUSWSShellExt64.dll, verzia: 1.1.0.27, časová značka: 0x4c7f631d
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000051da
Identifikácia chybného procesu: 0x18f4
Čas spustenia chybnej aplikácie: 0xExplorer.exe0
Cesta chybnej aplikácie: Explorer.exe1
Cesta chybného modulu: Explorer.exe2
Identifikácia hlásenia: Explorer.exe3

Error: (01/18/2015 09:29:55 AM) (Source: BstHdLogRotatorSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at BlueStacks.hyperDroid.LogRotatorService.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/17/2015 11:23:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: explorer.exe, verzia: 6.1.7601.17567, časová značka: 0x4d672ee4
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.18247, časová značka: 0x521eaf24
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000c4102
Identifikácia chybného procesu: 0x1144
Čas spustenia chybnej aplikácie: 0xexplorer.exe0
Cesta chybnej aplikácie: explorer.exe1
Cesta chybného modulu: explorer.exe2
Identifikácia hlásenia: explorer.exe3

Error: (01/17/2015 11:04:50 AM) (Source: BstHdLogRotatorSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at BlueStacks.hyperDroid.LogRotatorService.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/17/2015 10:59:46 AM) (Source: BstHdLogRotatorSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at BlueStacks.hyperDroid.LogRotatorService.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/17/2015 10:05:15 AM) (Source: BstHdLogRotatorSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at BlueStacks.hyperDroid.LogRotatorService.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/16/2015 05:59:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.exe, verzia: 6.1.7601.17567, časová značka: 0x4d672ee4
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.18247, časová značka: 0x521eaf24
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000053290
Identifikácia chybného procesu: 0xb3c
Čas spustenia chybnej aplikácie: 0xExplorer.exe0
Cesta chybnej aplikácie: Explorer.exe1
Cesta chybného modulu: Explorer.exe2
Identifikácia hlásenia: Explorer.exe3

Error: (01/16/2015 03:58:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: Explorer.exe, verzia: 6.1.7601.17567, časová značka: 0x4d672ee4
Názov chybového modulu: ASUSWSShellExt64.dll, verzia: 1.1.0.27, časová značka: 0x4c7f631d
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000051da
Identifikácia chybného procesu: 0x16d4
Čas spustenia chybnej aplikácie: 0xExplorer.exe0
Cesta chybnej aplikácie: Explorer.exe1
Cesta chybného modulu: Explorer.exe2
Identifikácia hlásenia: Explorer.exe3


System errors:
=============
Error: (01/19/2015 01:54:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby BlueStacks Hypervisor, od ktorej závisí služba BlueStacks Android Service, zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (01/19/2015 01:54:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WebcamMax, WDM Video Capture zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (01/19/2015 01:54:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Log Rotator Service bola ukončená s nasledujúcou chybou:
%%1064

Error: (01/19/2015 01:54:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby BlueStacks Hypervisor zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (01/19/2015 01:54:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Microsoft Antimalware Service bola ukončená s nasledujúcou chybou:
%%-2147024894

Error: (01/18/2015 09:54:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/18/2015 09:54:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/18/2015 06:33:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (01/18/2015 09:30:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby BlueStacks Hypervisor, od ktorej závisí služba BlueStacks Android Service, zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (01/18/2015 09:30:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WebcamMax, WDM Video Capture zlyhalo kvôli nasledujúcej chybe:
%%1058


Microsoft Office Sessions:
=========================
Error: (11/19/2014 02:31:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 310 seconds with 240 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2015-01-17 10:56:36.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:56:35.517
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:56:34.675
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:56:33.832
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:38:45.160
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:38:44.364
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:38:43.522
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-17 10:38:42.633
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-16 14:20:35.394
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-01-16 14:20:34.614
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B800 @ 1.50GHz
Percentage of memory in use: 54%
Total physical RAM: 4072.13 MB
Available physical RAM: 1852.62 MB
Total Pagefile: 8142.44 MB
Available Pagefile: 5439.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:250.05 GB) (Free:74.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:321.12 GB) (Free:305.36 GB) NTFS
Drive h: (ExternyHardDisk) (Fixed) (Total:698.64 GB) (Free:409.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 596.2 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=250.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=321.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 7242CF91)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[jaro3]

Stáhni si FindAWF

Stáhni si FindAWF
a ulož si ho na plochu.Poklepej na něj (u 64bit. systémů klikněte pravým a vyberte „odstranit problémy s kompatibilitou , „zkusit doporučená nastavení., spustit program), otevře se , požádá Tě o stisknutí kterékoliv klávesy k pokračování..Dostaneš se na menu, zvol 1 a potom Enter. AWF začne skenování.Může to trvat několik minut. Když skončí sken automaticky se objeví text.soubor AWF.txt, ten sem prosím zkopíruj.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1676706566-1539175069-4259669011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1676706566-1539175069-4259669011-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-17]
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts= ... W7549W7549
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1419700720&from=wpm12233&uid=WDCXWD6400BPVT-80HXZT3_WD-WX81A81W7549W7549"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2013-12-12]
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgafcinpmmpklohkojmllohdhomoefph [2012-12-01]
CHR Extension: (No Name) - C:\Users\Samerko\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pgafcinpmmpklohkojmllohdhomoefph [2012-12-01]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Users\Public\Downloads\Norton
C:\ProgramData\Norton
Task: {44B4F28A-F259-49F3-9585-2A6D082234CA} - \Registry Optimizer No Task File <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\explorer.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/