Preventivní kontrola logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 15 pro 2014 12:44

Opět nejde stáhnout - chyba sítě
+
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:43:52, on 15. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Startup: Dropbox.lnk = Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem35.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11567 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod jaro3 » 15 pro 2014 18:16

Ani exe ani zip nebo rar?

Vlož nový log z HJT
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 15 pro 2014 18:21

ani jedno.
Zkoušel sem i jiný prohlížeč

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod jaro3 » 15 pro 2014 18:46

Divný..

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 09:48

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16. 12. 2014
Scan Time: 9:21:00
Logfile: d.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.16.02
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Petr

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 353690
Time Elapsed: 13 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Riskware.Injector.DC, C:\Users\Petr\Downloads\Black Screen Fix.7z, , [4a381f44c7b5f442142b7481778a2ad6],

Physical Sectors: 0
(No malicious items detected)


(end)

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 09:52

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Petr (administrator) on IDEA-PC on 16-12-2014 09:49:18
Running from C:\Users\Petr\Downloads
Loaded Profile: Petr (Available profiles: Petr)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-11-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-11-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-16] (AVAST Software)
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Run: [uTorrent] => C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe [3054592 2014-07-11] (BitTorrent Inc.)
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {0e6d7fd9-098f-11e4-be82-20689d9d3e54} - "F:\INSTALL.EXE"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {2ad221e5-0909-11e4-be7b-20689d9d3e54} - "D:\setup.exe"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {08147645-13B7-4C78-BDCD-C94429DC9B55} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {14CFA927-8F40-4058-B2AD-7548D69AE3DB} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {31FF311C-91D5-4E09-A58C-23A3DA030935} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {78664159-9473-4B31-9178-BB0C41D6678E} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {AF7E3649-6C76-42EE-BEFC-035D066D37F4} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {B23D6150-6DCE-4F61-9EE7-3E0CC2BEAAB8} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {C47D0C45-E116-43F6-B183-70B23181B522} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {F278C8F9-4EE7-4B26-B6E5-A7207D7BF74E} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3164711548-3657898618-3245913010-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Petr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-11]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-16]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-10]
CHR HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-16] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-07] (Broadcom Corporation.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-16] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-11] (Disc Soft Ltd)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-16] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-26] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 09:49 - 2014-12-16 09:50 - 00022099 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-12-16 09:49 - 2014-12-16 09:49 - 00000000 ____D () C:\FRST
2014-12-16 09:48 - 2014-12-16 09:49 - 02119168 _____ (Farbar) C:\Users\Petr\Downloads\FRST64 (1).exe
2014-12-16 09:48 - 2014-12-16 09:48 - 00084588 _____ () C:\Users\Petr\Downloads\SupaNovaBeats XP Vol.1.rar
2014-12-16 09:45 - 2014-12-16 09:45 - 54043360 _____ () C:\Users\Petr\Downloads\Nepotvrzeno 616814.crdownload
2014-12-16 09:37 - 2014-12-16 09:37 - 00001116 _____ () C:\Users\Petr\Desktop\d.txt
2014-12-16 09:21 - 2014-12-16 09:21 - 02119168 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2014-12-15 20:26 - 2014-12-15 21:54 - 40635140 _____ () C:\Users\Petr\Desktop\HHB45.12.flp
2014-12-15 19:52 - 2014-12-15 20:30 - 452433859 _____ () C:\Users\Petr\Downloads\Lex Luger Drum Kit.zip
2014-12-15 19:46 - 2014-12-15 19:46 - 00082024 _____ () C:\Users\Petr\Downloads\241-Bassguitars.SF2
2014-12-15 19:20 - 2014-12-15 19:22 - 20699131 _____ () C:\Users\Petr\Downloads\FreeDrumKits.net - Swizz Beatz Kit.zip
2014-12-15 17:25 - 2014-12-15 20:49 - 00101588 _____ () C:\Users\Petr\Desktop\orchestralní.flp
2014-12-15 13:39 - 2014-12-15 17:56 - 00102461 _____ () C:\Users\Petr\Desktop\TRAP15.12.flp
2014-12-15 12:43 - 2014-12-15 21:54 - 00011630 _____ () C:\Users\Petr\Downloads\hijackthis.log
2014-12-15 12:43 - 2014-12-15 12:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis.exe
2014-12-14 15:36 - 2014-12-14 21:08 - 31629498 _____ () C:\Users\Petr\Desktop\MPD.flp
2014-12-14 13:02 - 2014-12-14 13:02 - 00098195 _____ () C:\Users\Petr\Downloads\binkw32.zip
2014-12-14 12:55 - 2014-12-14 12:55 - 01065930 _____ () C:\Users\Petr\Downloads\Black Screen Fix.7z
2014-12-14 12:46 - 2014-12-14 14:00 - 01702160 _____ () C:\Users\Petr\Desktop\orchestr 100BPM-2.flp
2014-12-14 12:02 - 2014-12-14 12:02 - 00176967 _____ () C:\Users\Petr\Downloads\msvcp100.zip
2014-12-14 10:52 - 2014-12-14 10:52 - 18315864 _____ () C:\Users\Petr\Downloads\RogueKillerX64.exe
2014-12-14 10:09 - 2014-12-14 10:09 - 01707646 _____ (Thisisu) C:\Users\Petr\Downloads\JRT.exe
2014-12-14 10:01 - 2014-12-14 10:01 - 02166272 _____ () C:\Users\Petr\Downloads\adwcleaner_4.105 (1).exe
2014-12-13 22:00 - 2014-12-13 22:00 - 01702133 _____ () C:\Users\Petr\Desktop\orch_2 - 100bpm.flp
2014-12-13 21:39 - 2014-12-13 21:40 - 06754352 _____ (SpeedyPC Software) C:\Users\Petr\Downloads\SpeedyPC Pro Installer_e8cb199_.exe
2014-12-13 21:18 - 2014-12-13 21:18 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-13 21:14 - 2014-12-13 21:15 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Petr\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 21:10 - 2014-12-14 10:04 - 00000000 ____D () C:\AdwCleaner
2014-12-13 21:10 - 2014-12-13 21:10 - 02166272 _____ () C:\Users\Petr\Downloads\adwcleaner_4.105.exe
2014-12-13 21:08 - 2014-12-13 21:08 - 00448512 _____ (OldTimer Tools) C:\Users\Petr\Downloads\TFC.exe
2014-12-13 21:08 - 2014-12-13 21:08 - 00050688 _____ (Atribune.org) C:\Users\Petr\Downloads\ATF-Cleaner.exe
2014-12-13 20:02 - 2014-12-14 18:08 - 25222706 _____ () C:\Users\Petr\Desktop\samploo.flp
2014-12-13 18:41 - 2014-12-13 18:41 - 00043970 _____ () C:\Users\Petr\cc_20141213_184127.reg
2014-12-13 11:50 - 2014-12-13 18:32 - 00000000 ____D () C:\Users\Petr\Desktop\FL studio uložené projekty
2014-12-13 11:49 - 2014-12-13 11:49 - 00000000 ____D () C:\Users\Petr\Desktop\FL
2014-12-12 14:03 - 2014-12-12 15:14 - 00348928 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-12 14:03 - 2014-12-12 14:03 - 00000000 ____D () C:\Users\Petr\AppData\Local\PunkBuster
2014-12-12 14:02 - 2014-12-12 14:02 - 00000000 ____D () C:\Users\Petr\Documents\Battlefield 3
2014-12-12 14:02 - 2014-12-12 14:02 - 00000000 ____D () C:\ProgramData\EA Core
2014-12-12 14:01 - 2014-12-12 14:01 - 00000000 ____D () C:\Users\Petr\AppData\Local\ESN
2014-12-12 13:59 - 2014-12-13 09:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-12 13:52 - 2014-12-12 13:52 - 00001201 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-12-12 13:52 - 2014-12-12 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-12-12 13:51 - 2014-12-12 15:14 - 00348928 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-12 13:51 - 2014-12-12 15:14 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-12 13:51 - 2014-12-12 14:08 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-12 13:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-12 13:51 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-12 13:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-12 13:51 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-12 13:51 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-12 13:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-12 13:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-11 14:51 - 2014-12-11 21:08 - 27842598 _____ () C:\Users\Petr\Desktop\eweww.flp
2014-12-11 12:18 - 2014-12-11 12:25 - 00000000 ____D () C:\Users\Petr\Desktop\the alan
2014-12-10 19:56 - 2014-12-10 19:56 - 00000000 ____D () C:\Users\Petr\AppData\Local\Skyrim
2014-12-10 19:13 - 2014-12-10 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-12-10 19:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-12-10 19:13 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-12-10 19:13 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-12-10 19:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-12-10 19:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-12-10 19:13 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-12-10 19:13 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-12-10 19:13 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-12-10 19:12 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-12-10 19:12 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-12-10 19:12 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-12-10 19:12 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-12-10 19:12 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-12-10 19:12 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-12-10 19:12 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-12-10 19:12 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-12-10 19:12 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-12-10 19:12 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-12-10 19:12 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-12-10 19:12 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-12-10 19:12 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-12-10 19:12 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-12-10 19:12 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-12-10 19:12 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-12-10 19:12 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-12-10 19:12 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-12-10 19:12 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-12-10 19:12 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-12-10 19:12 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-12-10 19:12 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-12-10 19:12 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-12-10 19:12 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-12-10 19:12 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-12-10 19:12 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-12-10 19:12 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-12-10 19:12 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-12-10 19:12 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-12-10 19:12 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-12-10 19:12 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-12-10 19:12 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-12-10 19:12 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2014-12-10 19:12 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2014-12-10 19:12 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-12-10 19:12 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-12-10 19:12 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2014-12-10 19:12 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-12-10 19:12 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2014-12-10 19:12 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-12-10 19:12 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2014-12-10 19:11 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-12-10 19:11 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2014-12-10 19:11 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-12-10 19:11 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2014-12-10 19:11 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2014-12-10 19:11 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2014-12-10 19:11 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-12-10 19:11 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2014-12-10 19:11 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-12-10 19:11 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2014-12-10 19:11 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-12-10 19:11 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2014-12-10 19:11 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2014-12-10 19:11 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-12-10 19:11 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2014-12-10 19:11 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2014-12-10 19:11 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2014-12-10 19:11 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2014-12-10 19:11 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2014-12-10 19:11 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2014-12-10 19:11 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-12-10 19:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-12-10 19:11 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2014-12-10 19:11 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2014-12-10 19:11 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2014-12-10 19:11 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-12-10 19:11 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2014-12-10 19:11 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2014-12-10 19:11 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2014-12-10 19:11 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2014-12-10 19:11 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2014-12-10 19:11 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2014-12-10 19:11 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2014-12-10 19:11 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2014-12-10 19:11 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-12-10 19:11 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-12-10 19:11 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2014-12-10 19:11 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2014-12-10 19:11 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2014-12-10 19:11 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-12-10 19:11 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2014-12-10 19:11 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2014-12-10 19:11 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2014-12-10 19:11 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2014-12-10 19:11 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2014-12-10 19:11 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2014-12-10 19:11 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2014-12-10 19:11 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2014-12-10 19:11 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2014-12-10 19:11 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2014-12-10 19:11 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2014-12-10 19:11 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2014-12-10 19:11 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2014-12-10 19:11 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2014-12-10 19:11 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2014-12-10 19:11 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2014-12-10 19:11 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2014-12-10 19:11 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2014-12-10 19:11 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2014-12-10 19:11 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2014-12-10 19:11 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2014-12-10 19:11 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2014-12-10 19:11 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2014-12-10 19:11 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2014-12-10 19:10 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2014-12-10 19:10 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2014-12-10 19:10 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2014-12-10 19:10 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2014-12-10 19:00 - 2014-12-10 20:21 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim
2014-12-10 17:54 - 2014-12-12 12:10 - 44908445 _____ () C:\Users\Petr\Desktop\sampl10.12.flp
2014-12-10 17:49 - 2014-12-10 17:49 - 00002289 _____ () C:\Users\Public\Desktop\AuI ConverteR 48x44.lnk
2014-12-10 17:49 - 2014-12-10 17:49 - 00000000 ____D () C:\Users\Petr\AppData\Local\ConvProQT
2014-12-10 17:49 - 2014-12-10 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiophile Inventory
2014-12-10 17:49 - 2014-12-10 17:49 - 00000000 ____D () C:\Program Files (x86)\Audiophile Inventory
2014-12-10 15:47 - 2014-12-10 16:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-09 22:31 - 2014-12-09 22:33 - 00000000 ____D () C:\Users\Public\Documents\GTA San Andreas User Files
2014-12-09 21:02 - 2014-12-09 22:26 - 00000000 ____D () C:\Users\Petr\Documents\GTA San Andreas User Files
2014-12-09 21:02 - 2014-12-09 21:02 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-12-09 21:02 - 2014-12-09 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-12-09 20:50 - 2014-12-09 20:50 - 00001930 _____ () C:\Users\Public\Desktop\GTA San Andreas.lnk
2014-12-09 20:50 - 2014-12-09 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-12-09 20:50 - 2014-12-09 20:50 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-12-09 13:38 - 2014-12-09 13:38 - 00001058 _____ () C:\Users\Petr\Desktop\Posel smrti.lnk
2014-12-09 13:38 - 2014-12-09 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Posel smrti
2014-12-09 13:35 - 2014-12-09 17:22 - 00000000 ____D () C:\Program Files (x86)\PoselSmrti
2014-12-09 12:15 - 2014-12-09 12:15 - 00000000 ____D () C:\Users\Petr\Documents\Klei
2014-12-09 12:11 - 2014-12-12 13:50 - 00039950 _____ () C:\WINDOWS\DirectX.log
2014-12-09 12:11 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2014-12-09 12:11 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2014-12-09 12:07 - 2014-12-09 12:07 - 00000000 ____D () C:\GOG Games
2014-12-07 18:37 - 2014-12-07 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-07 18:37 - 2014-12-07 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-07 17:38 - 2014-12-10 17:52 - 00000000 ____D () C:\Users\Petr\Downloads\Stan Getz - West Coast Jazz (1999) [EAC-APE]
2014-12-07 17:14 - 2014-12-07 17:14 - 00000000 ____D () C:\Users\Petr\Downloads\The Stan Getz Quartet - The Steamer 1957 - 2011 - 320Kbps - Jazz # DrBn
2014-12-07 17:09 - 2014-12-11 19:44 - 34969883 _____ () C:\Users\Petr\Desktop\beatsample7.12.flp
2014-12-07 17:09 - 2014-12-07 17:09 - 00000000 ____D () C:\Users\Petr\Downloads\Stan Getz & Joao Gilberto - Getz-Gilberto #2 -1966- 320Kbps - Drbn - JJazz, Bossa Nova
2014-12-07 16:37 - 2014-12-07 17:23 - 00000000 ____D () C:\Users\Petr\Downloads\VA - Sweet Soul Music- 1963
2014-12-07 16:35 - 2014-12-07 16:54 - 00000000 ____D () C:\Users\Petr\Downloads\Soul Hits of the 70's - Didn't It Blow Your Mind [Vol 10] (1991)
2014-12-07 15:55 - 2014-12-07 16:10 - 00000000 ____D () C:\Users\Petr\Downloads\[Smooth Jazz] Everette Harp - Discography 1992-2009 (Jamal The Moroccan)
2014-12-07 15:46 - 2014-12-07 15:50 - 00000000 ____D () C:\Users\Petr\Downloads\[Jazz-Funk] Shakatak - Discography - 1981-2013 (By Jamal The Moroccan)
2014-12-07 15:01 - 2014-12-07 15:21 - 00000000 ____D () C:\Users\Petr\Downloads\[Smooth Jazz] Gregg Karukas - Discography 1987-2014 (Jamal The Moroccan)
2014-12-07 14:26 - 2014-12-07 15:24 - 00000000 ____D () C:\Users\Petr\Downloads\(VA-Folk-Gospel-Blues) Will The Circle Be Unbroken
2014-12-07 14:22 - 2014-12-07 14:54 - 00000000 ____D () C:\Users\Petr\Downloads\[Smooth Jazz] Joe Sample - Carmel 1979 (Jamal The Moroccan)
2014-12-07 14:14 - 2014-12-07 14:14 - 00000000 ____D () C:\Users\Petr\Downloads\Grover Washington Jr - Winelight 1980 - Come Morning 1981 - 2CD - 320Kbps - Drbn - Jazz Pop R&B
2014-12-07 09:43 - 2014-12-07 09:43 - 00001283 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2014-12-07 09:43 - 2014-12-07 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-12-07 09:42 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-04 11:59 - 2014-12-14 10:05 - 00002068 _____ () C:\WINDOWS\PFRO.log
2014-12-04 09:27 - 2014-12-04 09:27 - 00000000 ____D () C:\Program Files (x86)\LSoft Technologies Inc
2014-12-03 10:48 - 2014-12-03 11:20 - 00000000 ____D () C:\Users\Petr\Downloads\Stan Getz-Joao Gilberto - Getz-Gilberto (1964) 2002 SACD-DFF
2014-12-03 09:45 - 2014-12-03 09:45 - 00000000 ____D () C:\ProgramData\Steam
2014-12-03 09:30 - 2014-12-13 11:07 - 00000754 _____ () C:\WINDOWS\setupact.log
2014-12-03 09:30 - 2014-12-03 09:30 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-02 20:06 - 2014-12-02 20:06 - 00000000 ____D () C:\Users\Petr\AppData\Local\Apple Computer
2014-12-02 18:16 - 2014-12-16 09:21 - 00000964 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-02 18:16 - 2014-12-16 09:16 - 00000960 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 18:02 - 2014-12-02 18:44 - 00000000 ____D () C:\Program Files (x86)\Far Cry 4
2014-12-02 18:02 - 2014-12-02 18:02 - 00000908 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2014-12-02 18:02 - 2014-12-02 18:02 - 00000896 _____ () C:\Users\Public\Desktop\Far Cry 4.lnk
2014-12-02 17:21 - 2014-12-16 09:39 - 01557406 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-23 16:10 - 2014-11-23 16:10 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-23 16:10 - 2014-11-23 16:10 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-23 16:02 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-11-23 16:02 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434475.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434475.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00500880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00418112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00393024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00348304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-11-23 16:02 - 2014-11-13 01:20 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-11-23 16:02 - 2014-11-13 01:20 - 00027094 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-11-18 18:43 - 2014-12-04 18:41 - 00000000 ____D () C:\Users\Petr\Desktop\record
2014-11-17 16:29 - 2014-11-17 16:31 - 00000000 __HDC () C:\ProgramData\{3FF56E78-3AAB-4596-A1AC-32869EB9463A}
2014-11-17 16:14 - 2014-11-17 16:14 - 00000000 ____D () C:\ProgramData\TpScrex
2014-11-17 10:05 - 2014-12-14 15:42 - 00000000 ____D () C:\Users\Petr\Desktop\ROZPRACOVANÉ BEATY
2014-11-17 10:04 - 2014-11-17 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-17 10:01 - 2014-11-17 10:01 - 00000884 _____ () C:\Users\Petr\Desktop\cc_20141117_100130.reg
2014-11-16 13:13 - 2014-11-16 13:13 - 00001095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cubase 5.lnk
2014-11-16 13:12 - 2014-11-16 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cubase 5
2014-11-16 13:10 - 2014-11-16 13:35 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Steinberg

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 09:52

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 09:20 - 2014-10-01 18:27 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{41BC1E2F-D910-47E8-990E-C61CBD6D2945}
2014-12-16 09:20 - 2014-07-24 15:00 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 09:18 - 2014-09-26 20:17 - 00000000 ___DO () C:\Users\Petr\OneDrive
2014-12-16 09:18 - 2014-07-11 16:02 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-12-16 09:15 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-15 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-15 20:37 - 2014-09-29 16:32 - 00000940 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job
2014-12-15 19:47 - 2014-07-26 23:55 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TeamViewer
2014-12-15 18:42 - 2014-10-07 12:10 - 00000016 _____ () C:\WINDOWS\SysWOW64\msvcsv60.dll
2014-12-15 18:42 - 2014-08-01 19:56 - 00000016 _____ () C:\WINDOWS\SysWOW64\w3data.vss
2014-12-15 18:42 - 2014-08-01 19:56 - 00000016 _____ () C:\WINDOWS\msocreg32.dat
2014-12-15 18:04 - 2014-06-10 11:37 - 02223104 ___SH () C:\Users\Petr\Desktop\Thumbs.db
2014-12-15 17:37 - 2014-09-29 16:32 - 00000918 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job
2014-12-15 13:41 - 2014-09-10 12:25 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashDumps
2014-12-15 12:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-15 07:31 - 2014-09-10 12:22 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-12-14 18:04 - 2014-07-24 09:24 - 00000000 ____D () C:\The KMPlayer
2014-12-14 15:35 - 2014-11-08 22:59 - 00000000 ____D () C:\Users\Petr\Desktop\BEATY MP3
2014-12-14 14:46 - 2014-03-18 16:33 - 01749406 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-14 14:46 - 2014-03-18 15:54 - 00740962 _____ () C:\WINDOWS\system32\perfh005.dat
2014-12-14 14:46 - 2014-03-18 15:54 - 00152146 _____ () C:\WINDOWS\system32\perfc005.dat
2014-12-14 12:08 - 2014-11-11 21:29 - 02474250 _____ () C:\Users\Petr\Desktop\orch b 11.1 - dodělat.flp
2014-12-14 10:57 - 2014-06-10 05:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3164711548-3657898618-3245913010-1002
2014-12-13 22:42 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-13 21:50 - 2014-07-12 09:16 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-12-13 21:36 - 2014-09-26 19:49 - 00000000 ____D () C:\Users\Petr
2014-12-13 21:18 - 2014-07-24 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-13 21:18 - 2014-07-24 14:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-13 19:42 - 2014-09-16 15:40 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-13 19:42 - 2014-07-11 18:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2014-12-13 18:58 - 2014-06-10 05:06 - 00000000 ____D () C:\Users\Petr\AppData\Local\Packages
2014-12-13 18:48 - 2014-07-16 14:07 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-12-13 15:44 - 2014-11-08 22:33 - 00000000 ___RD () C:\Users\Petr\Dropbox
2014-12-13 11:07 - 2014-09-16 15:59 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Dropbox
2014-12-13 09:50 - 2014-08-19 08:43 - 00000000 ____D () C:\Users\Petr\Desktop\grafika
2014-12-12 23:19 - 2014-09-26 12:48 - 00000000 ____D () C:\ProgramData\Origin
2014-12-12 15:27 - 2014-07-11 15:46 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 15:13 - 2014-09-26 12:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-12 14:02 - 2014-09-26 12:52 - 00000000 ____D () C:\Users\Petr\AppData\Local\Origin
2014-12-12 14:02 - 2014-09-26 12:48 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-12-12 11:35 - 2014-09-26 12:52 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Origin
2014-12-10 19:56 - 2014-07-11 20:15 - 00000000 ____D () C:\Users\Petr\Documents\My Games
2014-12-10 16:22 - 2014-07-24 09:13 - 00000000 ___RD () C:\Users\Petr\Desktop\Programy
2014-12-10 16:22 - 2014-07-11 20:09 - 00000000 ____D () C:\ProgramData\Orbit
2014-12-10 14:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-09 22:25 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-09 22:24 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-12-09 22:24 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-12-09 22:24 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-12-09 22:24 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-12-09 22:24 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-12-09 22:24 - 2013-08-22 05:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2014-12-09 22:24 - 2013-08-22 05:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2014-12-09 22:24 - 2013-08-22 04:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2014-12-09 22:24 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-12-09 22:24 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-12-09 22:24 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-12-09 22:24 - 2013-08-22 04:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2014-12-09 22:24 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-12-09 22:24 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-12-09 21:44 - 2014-09-12 14:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-09 21:44 - 2014-07-11 18:09 - 00000000 ____D () C:\ProgramData\Skype
2014-12-09 20:50 - 2012-11-15 00:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-09 17:36 - 2014-07-12 10:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-09 11:33 - 2014-08-19 09:28 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\.minecraft
2014-12-07 16:27 - 2014-10-29 17:30 - 00000000 ____D () C:\Users\Petr\Desktop\Písničky
2014-12-07 09:43 - 2014-07-16 12:29 - 00000000 ____D () C:\Users\Petr\AppData\Local\Razer_Inc
2014-12-07 09:43 - 2014-07-16 12:26 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-12-07 09:42 - 2014-07-16 12:27 - 00000000 ____D () C:\Users\Petr\AppData\Local\Razer
2014-12-07 09:42 - 2014-07-16 12:26 - 00000000 ____D () C:\ProgramData\Razer
2014-12-05 19:12 - 2014-07-11 18:08 - 00000000 ____D () C:\Users\Petr\Desktop\Nová složka
2014-12-02 18:16 - 2014-07-11 15:45 - 00003936 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-02 18:16 - 2014-07-11 15:45 - 00003700 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-02 18:15 - 2014-07-11 15:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-02 18:02 - 2014-07-11 19:06 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2014-12-02 15:56 - 2014-07-24 15:50 - 00074240 ___SH () C:\Users\Petr\Downloads\Thumbs.db
2014-11-23 16:10 - 2014-09-26 19:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-21 21:36 - 2014-09-16 15:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-21 06:14 - 2014-07-24 14:59 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-07-24 14:59 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-07-24 14:59 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-17 16:34 - 2014-10-16 19:54 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-11-17 16:25 - 2014-07-25 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-11-17 16:25 - 2014-07-25 16:26 - 00000000 ____D () C:\Program Files\Native Instruments
2014-11-17 16:18 - 2014-07-25 08:14 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-11-17 10:05 - 2014-11-03 18:48 - 00000000 ____D () C:\Hry
2014-11-17 10:04 - 2014-07-11 19:42 - 00000000 ____D () C:\Games
2014-11-16 13:12 - 2014-08-21 18:51 - 00000000 ____D () C:\Program Files (x86)\Steinberg

Files to move or delete:
====================
C:\Users\Petr\cc_20140819_092933.reg
C:\Users\Petr\cc_20141016_202447.reg
C:\Users\Petr\cc_20141105_111840.reg
C:\Users\Petr\cc_20141213_184127.reg


Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 10:18

==================== End Of Log ============================

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 09:53

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by Petr at 2014-12-16 09:50:36
Running from C:\Users\Petr\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\uTorrent) (Version: 3.4.2.31536 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Aktualizace NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiophile Inventory ConverteR 48x44 FREE (remove only) (HKLM-x32\...\Audiophile Inventory ConverteR 48x44) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version: - )
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry 4 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Fraps 3.4.7 Full cracked version for Windows (HKLM-x32\...\{59D218A6-72DC-2162-EC4A-A09D6004444B}_is1) (Version: for Windows - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{89D2FA50-6002-4AFB-8586-3E38B355E891}) (Version: 15.05.2000.1462 - Intel Corporation)
Intelligent Touchpad (HKLM-x32\...\{DD7D6D84-93AB-48CA-A759-94324E341CBA}) (Version: 2.00.0012.0723 - Lenovo)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lennar Digital Sylenth VSTi v1.2.1 (HKLM-x32\...\Lennar Digital Sylenth VSTi v1.2.1) (Version: - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2200 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0828 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0828 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.4 - LUXONIX)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
M-Audio FastTrackPro Driver 6.0.7 (x64) (HKLM\...\{73089240-023C-11E0-9AE3-2BA1DFD72085}) (Version: 6.0.7 - M-Audio)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPD18 Editor (HKLM-x32\...\MPD18Editor) (Version: - )
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.5.6.1344 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.3.1177 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.3.144 - Native Instruments)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.0.9 - Lenovo)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Posel smrti 1.2 (HKLM-x32\...\Posel smrti_is1) (Version: - Future Games s.r.o.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.38.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Reloop ASIO Driver 1.10 (HKLM\...\Reloop ASIO Driver 1.10) (Version: 1.10 - Reloop)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Seznam Software (HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.13 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.125 - PandoraTV)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

23-11-2014 18:32:43 Naplánovaný kontrolní bod
04-12-2014 08:27:00 Installed Active@ Hard Disk Monitor
09-12-2014 11:09:32 Nainstalováno rozhraní DirectX
10-12-2014 18:09:26 Nainstalováno rozhraní DirectX
12-12-2014 12:47:25 Nainstalováno rozhraní DirectX
13-12-2014 17:48:47 Odebráno: Microsoft Office

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2014-12-15 07:40 - 00000000 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {15F8C0DF-6CBB-4182-B7D6-5EAB8C28F34D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {1C1DB5FF-0D6A-403D-82E5-659AFAE98E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {1CA5CCB6-3D2C-4F01-B578-AAD4AE3BCFB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {62BA75C4-55C6-432D-87C9-9B49D83DA047} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {848FF92F-4DDA-476F-BDAB-081908F4AC06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {A872FD11-6465-4D67-A721-CD8483B862E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {ABDAA852-C488-4990-B3FE-C5DDB6DDD7A8} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-27] (Synaptics Incorporated)
Task: {B0D5C0D3-7C6E-483E-9CE0-5E6A1A331B73} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-16] (AVAST Software)
Task: {D2CB4BB1-AA93-427A-AC08-15CA66D3F42D} - System32\Tasks\{D414EA35-4A63-4D58-B080-F0132BFB7FD9} => pcalua.exe -a F:\AutoRun.exe -d F:\
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-09-21 10:23 - 2014-11-13 01:20 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-26 19:38 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-07 00:53 - 2012-09-07 00:53 - 00047480 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2014-12-12 13:51 - 2014-12-12 14:08 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-11-15 01:04 - 2012-09-14 03:55 - 00051776 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-09-16 15:38 - 2014-09-16 15:38 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-15 18:23 - 2014-12-15 18:23 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121502\algo.dll
2014-12-16 09:17 - 2014-12-16 09:17 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121600\algo.dll
2014-09-16 15:38 - 2014-09-16 15:38 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-18 15:03 - 2014-10-18 15:03 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\63948598d919af60addb114fdd3ccb56\PSIClient.ni.dll
2012-11-15 00:59 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-12 15:26 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 15:26 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-09-21 10:23 - 2014-11-13 01:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-12 15:26 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 15:26 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 15:26 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-07-10 15:18 - 2014-07-10 15:18 - 26094712 _____ () C:\Program Files (x86)\Image-Line\Shared\dsp_ipp.dll
2014-03-30 08:32 - 2014-03-30 08:32 - 00514168 _____ () C:\Program Files (x86)\Image-Line\Shared\QuickFontCache.dll
2012-08-15 11:01 - 2012-08-15 11:01 - 00483328 _____ () C:\Program Files (x86)\Image-Line\Shared\freetype.dll
2014-03-20 14:23 - 2014-03-20 14:23 - 01526880 _____ () C:\Program Files (x86)\Image-Line\FL Studio 11\Plugins\Fruity\Effects\Fruity Limiter\Fruity Limiter.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Petr\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"

========================= Accounts: ==========================

Administrator (S-1-5-21-3164711548-3657898618-3245913010-500 - Administrator - Disabled)
Guest (S-1-5-21-3164711548-3657898618-3245913010-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3164711548-3657898618-3245913010-1006 - Limited - Enabled)
Petr (S-1-5-21-3164711548-3657898618-3245913010-1002 - Administrator - Enabled) => C:\Users\Petr

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2014 09:18:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.4.2.31536 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1608

Čas spuštění: 01d01908ae5552b5

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: 2450e380-84fc-11e4-bf66-20689d9d3e54

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/16/2014 09:18:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 6.22.0.107 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: eb8

Čas spuštění: 01d01908ab68a68b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Skype\Phone\Skype.exe

ID hlášení: 188dfad0-84fc-11e4-bf66-20689d9d3e54

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/15/2014 10:06:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (12/15/2014 09:55:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BtStackServer.exe, verze: 12.0.0.2200, časové razítko: 0x504927c9
Název chybujícího modulu: BtwProximityLib.dll_unloaded, verze: 12.0.0.2200, časové razítko: 0x50492844
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007184
ID chybujícího procesu: 0xa64
Čas spuštění chybující aplikace: 0xBtStackServer.exe0
Cesta k chybující aplikaci: BtStackServer.exe1
Cesta k chybujícímu modulu: BtStackServer.exe2
ID zprávy: BtStackServer.exe3
Úplný název chybujícího balíčku: BtStackServer.exe4
ID aplikace související s chybujícím balíčkem: BtStackServer.exe5

Error: (12/15/2014 01:41:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmprph.exe, verze: 12.0.9600.16384, časové razítko: 0x5215ef9d
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17278, časové razítko: 0x53eebd22
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000039a7a
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0xwmprph.exe0
Cesta k chybující aplikaci: wmprph.exe1
Cesta k chybujícímu modulu: wmprph.exe2
ID zprávy: wmprph.exe3
Úplný název chybujícího balíčku: wmprph.exe4
ID aplikace související s chybujícím balíčkem: wmprph.exe5

Error: (12/15/2014 07:29:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 6.22.0.107 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 17e8

Čas spuštění: 01d018303050df0e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Skype\Phone\Skype.exe

ID hlášení: b50dfb64-8423-11e4-bf65-b888e394c94a

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/15/2014 07:29:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program uTorrent.exe verze 3.4.2.31536 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: fc4

Čas spuštění: 01d018303272df8d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe

ID hlášení: b6e61b06-8423-11e4-bf65-b888e394c94a

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/14/2014 00:35:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2144927151. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/14/2014 00:25:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2144927151. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/14/2014 10:54:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci winstore_cw5n1h2txyewy!Windows.Store se nepovedlo aktivovat, protože došlo k chybě: -2144927151. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (12/15/2014 10:55:58 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/15/2014 10:22:40 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/15/2014 09:55:58 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/15/2014 09:25:58 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/15/2014 07:26:38 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/15/2014 07:26:37 AM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCPetrS-1-5-21-3164711548-3657898618-3245913010-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (12/14/2014 04:17:16 PM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (12/14/2014 04:16:46 PM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (12/14/2014 04:15:51 PM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (12/14/2014 04:15:21 PM) (Source: DCOM) (EventID: 10010) (User: IDEA-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (12/16/2014 09:18:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe3.4.2.31536160801d01908ae5552b54294967295C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe2450e380-84fc-11e4-bf66-20689d9d3e54

Error: (12/16/2014 09:18:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.22.0.107eb801d01908ab68a68b4294967295C:\Program Files (x86)\Skype\Phone\Skype.exe188dfad0-84fc-11e4-bf66-20689d9d3e54

Error: (12/15/2014 10:06:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (12/15/2014 09:55:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtStackServer.exe12.0.0.2200504927c9BtwProximityLib.dll_unloaded12.0.0.220050492844c00000050000000000007184a6401d018303c136d45C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exeBtwProximityLib.dllbeada1c3-849c-11e4-bf65-b888e394c94a

Error: (12/15/2014 01:41:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmprph.exe12.0.9600.163845215ef9dntdll.dll6.3.9600.1727853eebd22c00000050000000000039a7a1e4401d0186463934c07C:\Program Files\Windows Media Player\wmprph.exeC:\WINDOWS\SYSTEM32\ntdll.dlla1e3b4f9-8457-11e4-bf65-b888e394c94a

Error: (12/15/2014 07:29:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.22.0.10717e801d018303050df0e4294967295C:\Program Files (x86)\Skype\Phone\Skype.exeb50dfb64-8423-11e4-bf65-b888e394c94a

Error: (12/15/2014 07:29:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe3.4.2.31536fc401d018303272df8d4294967295C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exeb6e61b06-8423-11e4-bf65-b888e394c94a

Error: (12/14/2014 00:35:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927151

Error: (12/14/2014 00:25:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927151

Error: (12/14/2014 10:54:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927151


CodeIntegrity Errors:
===================================
Date: 2014-12-16 09:19:34.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.789
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.705
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.530
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.446
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.257
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:20.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-12-15 21:18:18.613
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 67%
Total physical RAM: 3961.77 MB
Available physical RAM: 1284.84 MB
Total Pagefile: 6137.77 MB
Available Pagefile: 3035.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.4 GB) (Free:567.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D915C3AB)

Partition: GPT Partition Type.

==================== End Of Log ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod jaro3 » 16 pro 2014 10:34

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {0e6d7fd9-098f-11e4-be82-20689d9d3e54} - "F:\INSTALL.EXE"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {2ad221e5-0909-11e4-be7b-20689d9d3e54} - "D:\setup.exe"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {08147645-13B7-4C78-BDCD-C94429DC9B55} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {14CFA927-8F40-4058-B2AD-7548D69AE3DB} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {31FF311C-91D5-4E09-A58C-23A3DA030935} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {78664159-9473-4B31-9178-BB0C41D6678E} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {AF7E3649-6C76-42EE-BEFC-035D066D37F4} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {B23D6150-6DCE-4F61-9EE7-3E0CC2BEAAB8} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {C47D0C45-E116-43F6-B183-70B23181B522} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {F278C8F9-4EE7-4B26-B6E5-A7207D7BF74E} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job
C:\Users\Petr\cc_20140819_092933.reg
C:\Users\Petr\cc_20141016_202447.reg
C:\Users\Petr\cc_20141105_111840.reg
C:\Users\Petr\cc_20141213_184127.reg
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
Task: {1C1DB5FF-0D6A-403D-82E5-659AFAE98E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {1CA5CCB6-3D2C-4F01-B578-AAD4AE3BCFB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {62BA75C4-55C6-432D-87C9-9B49D83DA047} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {A872FD11-6465-4D67-A721-CD8483B862E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {D2CB4BB1-AA93-427A-AC08-15CA66D3F42D} - System32\Tasks\{D414EA35-4A63-4D58-B080-F0132BFB7FD9} => pcalua.exe -a F:\AutoRun.exe -d F:\
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 11:50

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16. 12. 2014
Scan Time: 11:33:47
Logfile: w.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.16.02
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Petr

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 353733
Time Elapsed: 12 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

gladomen
Level 3
Level 3
Příspěvky: 501
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod gladomen » 16 pro 2014 11:54

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Petr at 2014-12-16 11:52:08 Run:1
Running from C:\Users\Petr\Desktop
Loaded Profile: Petr (Available profiles: Petr)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {0e6d7fd9-098f-11e4-be82-20689d9d3e54} - "F:\INSTALL.EXE"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\...\MountPoints2: {2ad221e5-0909-11e4-be7b-20689d9d3e54} - "D:\setup.exe"
HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {08147645-13B7-4C78-BDCD-C94429DC9B55} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {14CFA927-8F40-4058-B2AD-7548D69AE3DB} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {31FF311C-91D5-4E09-A58C-23A3DA030935} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {78664159-9473-4B31-9178-BB0C41D6678E} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {AF7E3649-6C76-42EE-BEFC-035D066D37F4} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {B23D6150-6DCE-4F61-9EE7-3E0CC2BEAAB8} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {C47D0C45-E116-43F6-B183-70B23181B522} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3164711548-3657898618-3245913010-1002 -> {F278C8F9-4EE7-4B26-B6E5-A7207D7BF74E} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job
C:\Users\Petr\cc_20140819_092933.reg
C:\Users\Petr\cc_20141016_202447.reg
C:\Users\Petr\cc_20141105_111840.reg
C:\Users\Petr\cc_20141213_184127.reg
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
Task: {1C1DB5FF-0D6A-403D-82E5-659AFAE98E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {1CA5CCB6-3D2C-4F01-B578-AAD4AE3BCFB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {62BA75C4-55C6-432D-87C9-9B49D83DA047} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-29] (Facebook Inc.)
Task: {A872FD11-6465-4D67-A721-CD8483B862E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {D2CB4BB1-AA93-427A-AC08-15CA66D3F42D} - System32\Tasks\{D414EA35-4A63-4D58-B080-F0132BFB7FD9} => pcalua.exe -a F:\AutoRun.exe -d F:\
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
*****************

"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e6d7fd9-098f-11e4-be82-20689d9d3e54}" => Key deleted successfully.
"HKCR\CLSID\{0e6d7fd9-098f-11e4-be82-20689d9d3e54}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ad221e5-0909-11e4-be7b-20689d9d3e54}" => Key deleted successfully.
"HKCR\CLSID\{2ad221e5-0909-11e4-be7b-20689d9d3e54}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08147645-13B7-4C78-BDCD-C94429DC9B55}" => Key deleted successfully.
"HKCR\CLSID\{08147645-13B7-4C78-BDCD-C94429DC9B55}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14CFA927-8F40-4058-B2AD-7548D69AE3DB}" => Key deleted successfully.
"HKCR\CLSID\{14CFA927-8F40-4058-B2AD-7548D69AE3DB}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31FF311C-91D5-4E09-A58C-23A3DA030935}" => Key deleted successfully.
"HKCR\CLSID\{31FF311C-91D5-4E09-A58C-23A3DA030935}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{78664159-9473-4B31-9178-BB0C41D6678E}" => Key deleted successfully.
"HKCR\CLSID\{78664159-9473-4B31-9178-BB0C41D6678E}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AF7E3649-6C76-42EE-BEFC-035D066D37F4}" => Key deleted successfully.
"HKCR\CLSID\{AF7E3649-6C76-42EE-BEFC-035D066D37F4}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B23D6150-6DCE-4F61-9EE7-3E0CC2BEAAB8}" => Key deleted successfully.
"HKCR\CLSID\{B23D6150-6DCE-4F61-9EE7-3E0CC2BEAAB8}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C47D0C45-E116-43F6-B183-70B23181B522}" => Key deleted successfully.
"HKCR\CLSID\{C47D0C45-E116-43F6-B183-70B23181B522}" => Key not found.
"HKU\S-1-5-21-3164711548-3657898618-3245913010-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F278C8F9-4EE7-4B26-B6E5-A7207D7BF74E}" => Key deleted successfully.
"HKCR\CLSID\{F278C8F9-4EE7-4B26-B6E5-A7207D7BF74E}" => Key not found.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job => Moved successfully.
C:\Users\Petr\cc_20140819_092933.reg => Moved successfully.
C:\Users\Petr\cc_20141016_202447.reg => Moved successfully.
C:\Users\Petr\cc_20141105_111840.reg => Moved successfully.
C:\Users\Petr\cc_20141213_184127.reg => Moved successfully.
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C1DB5FF-0D6A-403D-82E5-659AFAE98E11}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C1DB5FF-0D6A-403D-82E5-659AFAE98E11}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CA5CCB6-3D2C-4F01-B578-AAD4AE3BCFB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CA5CCB6-3D2C-4F01-B578-AAD4AE3BCFB5}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62BA75C4-55C6-432D-87C9-9B49D83DA047}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62BA75C4-55C6-432D-87C9-9B49D83DA047}" => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A872FD11-6465-4D67-A721-CD8483B862E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A872FD11-6465-4D67-A721-CD8483B862E2}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2CB4BB1-AA93-427A-AC08-15CA66D3F42D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2CB4BB1-AA93-427A-AC08-15CA66D3F42D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D414EA35-4A63-4D58-B080-F0132BFB7FD9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D414EA35-4A63-4D58-B080-F0132BFB7FD9}" => Key deleted successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job not found.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

==== End of Fixlog ====

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Preventivní kontrola logu

Příspěvekod Orcus » 16 pro 2014 23:00

Jak to vypadá teď?
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 54 hostů