2015-04-15 13:29 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 13:29 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 13:29 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 13:29 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 13:29 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 13:29 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 13:29 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 13:29 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 13:29 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 13:29 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 13:29 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 13:29 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 13:29 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 13:29 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 13:29 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 13:29 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 13:29 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 13:29 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 13:29 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 13:29 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 13:29 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 13:29 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 13:29 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 13:29 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 13:29 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 13:29 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 13:29 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 13:29 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 13:29 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 13:29 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 13:29 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 13:29 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 13:29 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 13:29 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 13:29 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 13:29 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 13:29 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 13:29 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 13:29 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 13:29 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 13:29 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 13:29 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 13:29 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 13:29 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 13:29 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 13:29 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 13:29 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 13:29 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 13:29 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 13:29 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 13:29 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 13:29 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 13:29 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 13:29 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 13:29 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 13:29 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 13:29 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 13:29 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 13:29 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 13:29 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 13:29 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 13:29 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 13:29 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 13:28 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 13:28 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 13:28 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-12 23:14 - 2015-04-12 23:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-04-12 23:14 - 2015-04-12 23:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-04-10 16:32 - 2015-04-10 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-10 16:31 - 2015-04-12 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-04-10 16:31 - 2015-04-10 16:31 - 00000000 ____D () C:\Windows\PCHEALTH
2015-04-10 16:30 - 2015-04-10 16:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-10 16:29 - 2015-04-15 23:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-10 16:29 - 2015-04-10 16:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-10 16:29 - 2015-04-10 16:29 - 00000000 __RHD () C:\MSOCache
2015-04-10 16:29 - 2015-04-10 16:29 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Microsoft Help
2015-04-10 16:09 - 2015-04-10 16:10 - 316085256 _____ (Microsoft Corporation) C:\Users\ASUS\Downloads\MicrosoftInstaller.exe
2015-04-07 18:08 - 2015-04-07 18:08 - 13146016 _____ (Disc Soft Ltd) C:\Users\ASUS\Downloads\DTLite501-0406.exe
2015-04-07 18:08 - 2015-04-07 18:08 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-04-07 13:40 - 2015-04-07 13:43 - 699004928 _____ () C:\Users\ASUS\Downloads\OfficeProfessionalPlus_x86_en-us.img
2015-04-06 22:22 - 2015-04-06 22:24 - 387149824 _____ () C:\Users\ASUS\Downloads\Microsoft Office 2010 Powerpoint x64 64bit.iso
2015-04-06 22:21 - 2015-04-06 22:22 - 02168592 _____ (emc) C:\Users\ASUS\Downloads\uTorrent221.exe
2015-04-05 02:05 - 2015-04-05 02:05 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 02:05 - 2015-04-05 02:05 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 00:10 - 2015-04-05 00:10 - 00001197 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2015-04-05 00:10 - 2015-04-05 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2015-04-05 00:09 - 2015-04-27 07:21 - 00000000 ____D () C:\ProgramData\ProductData
2015-04-05 00:08 - 2015-04-05 00:10 - 00000000 ____D () C:\Program Files (x86)\CEVO
2015-04-05 00:06 - 2015-04-05 00:06 - 00000000 ____D () C:\ProgramData\Celavimus
2015-04-05 00:03 - 2015-04-05 00:03 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-05 00:01 - 2015-04-05 00:02 - 24006320 _____ ( ) C:\Users\ASUS\Downloads\CEVO CSGO Client.exe
2015-04-04 18:12 - 2015-04-06 14:54 - 00000000 ____D () C:\Windows\erdnt
2015-04-04 18:05 - 2015-04-04 18:05 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\ProductData
2015-04-04 18:01 - 2015-04-04 17:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-04 17:51 - 2015-04-04 18:04 - 00005984 _____ () C:\zoek-results.log
2015-04-04 17:51 - 2015-04-04 18:00 - 00000000 ____D () C:\zoek_backup
2015-04-04 17:50 - 2015-04-04 17:50 - 01305600 _____ () C:\Users\ASUS\Downloads\zoek.exe
2015-04-02 13:22 - 2015-04-20 18:10 - 00000000 ____D () C:\Users\ASUS\AppData\Local\CrashDumps
2015-04-02 13:22 - 2015-04-02 13:22 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\NVIDIA
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-04-02 13:16 - 2015-04-02 13:16 - 00000000 ____D () C:\Games
2015-04-02 13:15 - 2015-04-02 13:16 - 268591972 _____ (CSwarzone) C:\Users\ASUS\Downloads\Counter-Strike.exe
2015-04-02 01:18 - 2015-04-02 01:18 - 00000000 ____D () C:\Users\ASUS\Documents\Razer
2015-04-02 01:18 - 2015-04-02 01:18 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Razer_Inc
2015-04-02 01:17 - 2015-04-02 01:17 - 00001252 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
2015-04-02 01:15 - 2015-04-02 01:16 - 22768704 _____ (Razer Inc. ) C:\Users\ASUS\Downloads\RazerCortexSetup_5.4.15.0.exe
2015-04-01 23:04 - 2015-04-01 23:04 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-01 23:04 - 2015-04-01 23:04 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-01 22:57 - 2015-04-01 22:57 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-01 22:57 - 2015-04-01 22:57 - 00000000 ____D () C:\RegBackup
2015-04-01 22:22 - 2015-04-02 14:17 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-04-01 22:22 - 2015-04-01 22:27 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-04-01 22:19 - 2015-04-01 22:20 - 20436568 _____ () C:\Users\ASUS\Downloads\RogueKillerX64.exe
2015-04-01 22:19 - 2015-04-01 22:20 - 03032229 _____ (Thisisu) C:\Users\ASUS\Downloads\JRT.exe
2015-04-01 21:11 - 2015-04-01 21:12 - 00000000 ____D () C:\AdwCleaner
2015-04-01 21:06 - 2015-04-01 21:06 - 02208768 _____ () C:\Users\ASUS\Downloads\adwcleaner_4.200.exe
2015-04-01 21:06 - 2015-04-01 21:06 - 00448512 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\TFC.exe
2015-04-01 21:05 - 2015-04-01 21:06 - 00050688 _____ (Atribune.org) C:\Users\ASUS\Downloads\ATF-Cleaner.exe
2015-04-01 19:41 - 2015-04-30 11:10 - 00008833 _____ () C:\Users\ASUS\Downloads\hijackthis.log
2015-04-01 19:41 - 2015-04-01 19:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\ASUS\Downloads\HijackThis.exe
2015-03-31 18:39 - 2015-03-31 18:39 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-31 18:39 - 2015-03-31 18:39 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-03-31 18:39 - 2015-03-31 18:39 - 00000000 ____D () C:\Program Files\Realtek
2015-03-31 18:38 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-03-31 18:38 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-03-31 18:38 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-03-31 18:38 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-03-31 18:38 - 2014-05-02 11:19 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2015-03-31 18:38 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-03-31 18:38 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-03-31 18:38 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-03-31 18:38 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-03-31 18:38 - 2014-04-23 17:51 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2015-03-31 18:38 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-03-31 18:38 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-03-31 18:38 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-03-31 18:38 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-03-31 18:38 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-03-31 18:38 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2015-03-31 18:38 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2015-03-31 18:38 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-03-31 18:38 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-03-31 18:38 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-03-31 18:38 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-03-31 18:38 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-03-31 18:38 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-03-31 18:38 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-03-31 18:38 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-03-31 18:38 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-03-31 18:38 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-03-31 18:38 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-03-31 18:38 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-03-31 18:38 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-03-31 18:38 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-03-31 18:38 - 2014-02-06 11:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-03-31 18:38 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-03-31 18:38 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-03-31 18:38 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-03-31 18:38 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-31 18:38 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-03-31 18:38 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-03-31 18:38 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-03-31 18:38 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-03-31 18:38 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-31 18:38 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-31 18:38 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-03-31 18:38 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-03-31 18:38 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-03-31 18:38 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-03-31 18:38 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-03-31 18:38 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-03-31 18:38 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-03-31 18:38 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-03-31 18:38 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-03-31 18:38 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-03-31 18:38 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-03-31 18:38 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-03-31 18:38 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-03-31 18:38 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-03-31 18:38 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-03-31 18:38 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-03-31 18:38 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-03-31 18:38 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-03-31 18:38 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-03-31 18:38 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-03-31 18:38 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-03-31 18:38 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-03-31 18:38 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-03-31 18:38 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-03-31 18:38 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-31 18:38 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-03-31 18:38 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-03-31 18:38 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-03-31 18:38 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-03-31 18:38 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-03-31 18:37 - 2015-03-31 18:40 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-31 18:37 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\ASUS\Downloads\0001-64bit_Win7_Win8_Win81_R275.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 11:19 - 2015-03-13 18:27 - 02049041 _____ () C:\Windows\WindowsUpdate.log
2015-04-30 11:18 - 2015-03-14 17:05 - 00000000 ____D () C:\Windows\pss
2015-04-30 11:01 - 2015-03-11 19:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-30 11:00 - 2015-03-09 17:55 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 10:56 - 2015-03-11 22:36 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Battle.net
2015-04-30 10:26 - 2015-03-14 15:32 - 00000000 ___RD () C:\Users\ASUS\Desktop\Plocha
2015-04-30 10:06 - 2015-03-11 22:36 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-04-30 08:35 - 2015-03-15 17:16 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Skype
2015-04-30 08:34 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-30 08:34 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-30 08:26 - 2015-03-14 19:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 08:25 - 2015-03-09 17:55 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 08:24 - 2015-03-09 18:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-30 08:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-29 20:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-28 06:44 - 2009-07-14 17:18 - 00759432 _____ () C:\Windows\system32\perfh005.dat
2015-04-28 06:44 - 2009-07-14 17:18 - 00195712 _____ () C:\Windows\system32\perfc005.dat
2015-04-28 06:44 - 2009-07-14 07:13 - 01731420 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-27 13:53 - 2015-03-12 22:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-25 14:05 - 2015-03-11 20:15 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-04-18 10:48 - 2015-03-09 17:57 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-17 20:14 - 2015-03-25 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-17 20:14 - 2015-03-09 18:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-17 20:14 - 2015-03-09 18:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-17 20:14 - 2015-03-09 18:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-17 20:12 - 2015-03-12 22:04 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_ASUS
2015-04-17 18:53 - 2015-03-11 19:52 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-17 14:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 07:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 23:08 - 2015-03-09 18:19 - 01706134 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 17:25 - 2015-03-14 02:06 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-15 17:25 - 2015-03-11 22:36 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-14 13:38 - 2015-03-15 17:16 - 00000000 ____D () C:\ProgramData\Skype
2015-04-13 07:16 - 2015-03-09 17:55 - 00068776 _____ () C:\Users\ASUS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-13 07:14 - 2009-07-14 06:45 - 00308112 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-10 16:30 - 2009-07-14 17:36 - 00000000 ____D () C:\Windows\ShellNew
2015-04-10 16:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-09 02:58 - 2015-03-25 14:07 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2015-03-09 18:20 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2015-03-09 18:20 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2015-03-09 18:16 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2015-03-09 18:16 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2015-03-09 18:16 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2015-03-09 18:16 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2015-03-09 18:20 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2015-03-09 18:20 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2015-03-09 18:20 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2015-03-09 18:20 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2015-03-09 18:20 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2015-03-09 18:20 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2015-03-09 18:20 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-04 18:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-04 18:21 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-02 01:18 - 2015-03-20 20:09 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Razer
2015-04-02 01:17 - 2015-03-20 20:08 - 00000000 ____D () C:\ProgramData\Razer
2015-04-02 01:17 - 2015-03-20 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-04-02 01:17 - 2015-03-20 20:08 - 00000000 ____D () C:\Program Files (x86)\Razer
2015-04-01 23:04 - 2015-03-12 22:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-01 23:04 - 2015-03-12 22:21 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-01 23:03 - 2015-03-12 22:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-01 19:41 - 2015-03-09 17:27 - 00000000 ____D () C:\Users\ASUS\AppData\Local\VirtualStore
2015-03-31 18:38 - 2015-03-09 17:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-31 18:38 - 2015-03-09 17:45 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-31 06:20 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
==================== Files in the root of some directories =======
2015-03-31 18:39 - 2015-03-31 18:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-28 20:16
==================== End Of Log ============================
Podezření na vir: 3590F75ABA9E...(zzzzz..) Vyřešeno
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Odinstaluj prosím tyto programy:
------------------------------------------------------------
Aplikuj fixlist pro FRST:
Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.
Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.
Kód: Vybrat vše
CCleaner
IObit Uninstaller------------------------------------------------------------
Aplikuj fixlist pro FRST:
Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
Task: {5BB5EBBC-139A-4224-9354-908A231D2967} - System32\Tasks\Uninstaller_SkipUac_ASUS => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-12] (IObit)
C:\Program Files (x86)\IObit
%appdata%\IObit
Task: {FEE39774-98B2-45A3-A877-D48824563865} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-12] (Piriform Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\...\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-12] (IObit)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
C:\temp
C:\Program Files (x86)\Temp
C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl
C:\Windows\Tasks\*.job
Folder: C:\Windows\pss
CMD: bitsadmin /reset /allusers
CMD: dir %appdata%
CMD: dir %localappdata%
CMD: dir %programdata%
EmptyTemp:
End
Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Čemu vadí ccleaner?
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Čištěním registru přicházíš o podporu ze strany Microsoftu. Zbytek CCleaneru je zbytečný.
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by ASUS at 2015-05-11 21:33:48 Run:1
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available profiles: ASUS)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {5BB5EBBC-139A-4224-9354-908A231D2967} - System32\Tasks\Uninstaller_SkipUac_ASUS => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-12] (IObit)
C:\Program Files (x86)\IObit
%appdata%\IObit
Task: {FEE39774-98B2-45A3-A877-D48824563865} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-12] (Piriform Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\...\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-12] (IObit)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
C:\temp
C:\Program Files (x86)\Temp
C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl
C:\Windows\Tasks\*.job
Folder: C:\Windows\pss
CMD: bitsadmin /reset /allusers
CMD: dir %appdata%
CMD: dir %localappdata%
CMD: dir %programdata%
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BB5EBBC-139A-4224-9354-908A231D2967} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_ASUS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_ASUS" => Key deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
%appdata%\IObit => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEE39774-98B2-45A3-A877-D48824563865}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEE39774-98B2-45A3-A877-D48824563865}" => Key deleted successfully.
C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-233904950-2367353388-1579625358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\temp => Moved successfully.
C:\Program Files (x86)\Temp => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\Windows\Tasks\*.job => Moved successfully.
========================= Folder: C:\Windows\pss ========================
2015-04-30 11:18 - 2015-04-30 11:18 - 0020480 _____ () C:\Windows\pss\boot.backup
2015-03-14 17:05 - 2015-04-30 11:18 - 0017408 ___SH () C:\Windows\pss\boot.backup.LOG
2015-03-14 17:05 - 2015-03-14 17:05 - 0000000 ___SH () C:\Windows\pss\boot.backup.LOG1
2015-03-14 17:05 - 2015-03-14 17:05 - 0000000 ___SH () C:\Windows\pss\boot.backup.LOG2
====== End of Folder: ======
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= dir %appdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\Users\ASUS\AppData\Roaming
21.04.2015 17:25 <DIR> .
21.04.2015 17:25 <DIR> ..
15.03.2015 12:01 <DIR> Adobe
12.03.2015 22:22 <DIR> AVAST Software
14.03.2015 02:01 <DIR> Battle.net
12.03.2015 22:22 <DIR> Dropbox
09.03.2015 17:27 <DIR> Identities
30.04.2015 11:47 <DIR> IObit
11.03.2015 19:42 <DIR> Logishrd
11.03.2015 19:42 <DIR> Logitech
27.03.2015 22:02 <DIR> LolClient
27.03.2015 22:02 <DIR> Macromedia
14.07.2009 17:36 <DIR> Media Center Programs
02.04.2015 13:22 <DIR> NVIDIA
04.04.2015 18:05 <DIR> ProductData
27.03.2015 21:19 <DIR> Riot Games
30.04.2015 08:35 <DIR> Skype
10.05.2015 19:17 <DIR> TS3Client
09.03.2015 18:33 <DIR> TuneUp Software
24.03.2015 18:09 <DIR> WinRAR
Soubor�: 0, Bajt�: 0
Adres���: 20, Voln�ch bajt�: 61�414�559�744
========= End of CMD: =========
========= dir %localappdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\Users\ASUS\AppData\Local
10.05.2015 22:46 <DIR> .
10.05.2015 22:46 <DIR> ..
09.03.2015 17:55 <DIR> Apps
09.03.2015 18:27 <DIR> Avg2014
02.05.2015 01:39 <DIR> Battle.net
14.03.2015 02:14 <DIR> Blizzard
11.03.2015 22:37 <DIR> Blizzard Entertainment
12.03.2015 22:26 <DIR> Comodo
10.05.2015 21:07 <DIR> CrashDumps
09.03.2015 17:55 <DIR> Deployment
15.04.2015 17:05 <DIR> Diagnostics
05.05.2015 15:11 <DIR> ElevatedDiagnostics
13.04.2015 07:16 68�776 GDIPFONTCACHEV1.DAT
09.03.2015 17:57 <DIR> Google
11.03.2015 19:47 <DIR> Logitech
09.03.2015 18:27 <DIR> MFAData
10.04.2015 16:48 <DIR> Microsoft
10.04.2015 16:29 <DIR> Microsoft Help
17.04.2015 20:14 <DIR> NVIDIA Corporation
29.03.2015 02:15 <DIR> osu!
14.03.2015 19:10 <DIR> Programs
12.03.2015 08:23 <DIR> PunkBuster
01.05.2015 02:40 <DIR> Razer
01.05.2015 02:40 <DIR> Razer_Inc
20.03.2015 20:22 <DIR> RzStats
15.03.2015 17:16 <DIR> Skype
11.03.2015 19:51 <DIR> Steam
11.05.2015 21:33 <DIR> Temp
01.04.2015 19:41 <DIR> VirtualStore
Soubor�: 1, Bajt�: 68�776
Adres���: 28, Voln�ch bajt�: 61�414�547�456
========= End of CMD: =========
========= dir %programdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\ProgramData
11.05.2015 21:34 <DIR> .
11.05.2015 21:34 <DIR> ..
11.03.2015 19:47 <DIR> Apple
12.03.2015 22:20 <DIR> AVAST Software
11.03.2015 22:34 <DIR> Battle.net
30.04.2015 10:06 <DIR> Blizzard Entertainment
05.04.2015 00:06 <DIR> Celavimus
13.03.2015 18:25 <DIR> Comodo
07.04.2015 18:08 <DIR> DAEMON Tools Lite
12.03.2015 08:20 <DIR> EA Core
12.03.2015 08:23 <DIR> EA Logs
12.03.2015 08:20 <DIR> Electronic Arts
09.03.2015 18:14 <DIR> Intel
30.04.2015 11:55 <DIR> IObit
11.03.2015 19:48 <DIR> LogiShrd
14.03.2015 19:12 <DIR> Malwarebytes
12.03.2015 22:13 <DIR> MFAData
15.04.2015 23:09 <DIR> Microsoft Help
11.05.2015 14:08 <DIR> NVIDIA
17.04.2015 20:14 <DIR> NVIDIA Corporation
05.04.2015 00:03 <DIR> Package Cache
11.05.2015 14:09 <DIR> ProductData
01.05.2015 02:39 <DIR> Razer
11.03.2015 22:49 <DIR> Riot Games
28.03.2015 02:23 <DIR> RzSurroundVAD_1.1.60.0
14.04.2015 13:38 <DIR> Skype
Soubor�: 0, Bajt�: 0
Adres���: 26, Voln�ch bajt�: 61�414�535�168
========= End of CMD: =========
EmptyTemp: => Removed 391.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:35:16 ====
Ran by ASUS at 2015-05-11 21:33:48 Run:1
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available profiles: ASUS)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {5BB5EBBC-139A-4224-9354-908A231D2967} - System32\Tasks\Uninstaller_SkipUac_ASUS => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-12] (IObit)
C:\Program Files (x86)\IObit
%appdata%\IObit
Task: {FEE39774-98B2-45A3-A877-D48824563865} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-12] (Piriform Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\...\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-12] (IObit)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-09] (Google Inc.)
C:\temp
C:\Program Files (x86)\Temp
C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl
C:\Windows\Tasks\*.job
Folder: C:\Windows\pss
CMD: bitsadmin /reset /allusers
CMD: dir %appdata%
CMD: dir %localappdata%
CMD: dir %programdata%
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BB5EBBC-139A-4224-9354-908A231D2967} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_ASUS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_ASUS" => Key deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
%appdata%\IObit => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEE39774-98B2-45A3-A877-D48824563865}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEE39774-98B2-45A3-A877-D48824563865}" => Key deleted successfully.
C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-233904950-2367353388-1579625358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-233904950-2367353388-1579625358-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\temp => Moved successfully.
C:\Program Files (x86)\Temp => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
C:\Windows\Tasks\*.job => Moved successfully.
========================= Folder: C:\Windows\pss ========================
2015-04-30 11:18 - 2015-04-30 11:18 - 0020480 _____ () C:\Windows\pss\boot.backup
2015-03-14 17:05 - 2015-04-30 11:18 - 0017408 ___SH () C:\Windows\pss\boot.backup.LOG
2015-03-14 17:05 - 2015-03-14 17:05 - 0000000 ___SH () C:\Windows\pss\boot.backup.LOG1
2015-03-14 17:05 - 2015-03-14 17:05 - 0000000 ___SH () C:\Windows\pss\boot.backup.LOG2
====== End of Folder: ======
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= End of CMD: =========
========= dir %appdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\Users\ASUS\AppData\Roaming
21.04.2015 17:25 <DIR> .
21.04.2015 17:25 <DIR> ..
15.03.2015 12:01 <DIR> Adobe
12.03.2015 22:22 <DIR> AVAST Software
14.03.2015 02:01 <DIR> Battle.net
12.03.2015 22:22 <DIR> Dropbox
09.03.2015 17:27 <DIR> Identities
30.04.2015 11:47 <DIR> IObit
11.03.2015 19:42 <DIR> Logishrd
11.03.2015 19:42 <DIR> Logitech
27.03.2015 22:02 <DIR> LolClient
27.03.2015 22:02 <DIR> Macromedia
14.07.2009 17:36 <DIR> Media Center Programs
02.04.2015 13:22 <DIR> NVIDIA
04.04.2015 18:05 <DIR> ProductData
27.03.2015 21:19 <DIR> Riot Games
30.04.2015 08:35 <DIR> Skype
10.05.2015 19:17 <DIR> TS3Client
09.03.2015 18:33 <DIR> TuneUp Software
24.03.2015 18:09 <DIR> WinRAR
Soubor�: 0, Bajt�: 0
Adres���: 20, Voln�ch bajt�: 61�414�559�744
========= End of CMD: =========
========= dir %localappdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\Users\ASUS\AppData\Local
10.05.2015 22:46 <DIR> .
10.05.2015 22:46 <DIR> ..
09.03.2015 17:55 <DIR> Apps
09.03.2015 18:27 <DIR> Avg2014
02.05.2015 01:39 <DIR> Battle.net
14.03.2015 02:14 <DIR> Blizzard
11.03.2015 22:37 <DIR> Blizzard Entertainment
12.03.2015 22:26 <DIR> Comodo
10.05.2015 21:07 <DIR> CrashDumps
09.03.2015 17:55 <DIR> Deployment
15.04.2015 17:05 <DIR> Diagnostics
05.05.2015 15:11 <DIR> ElevatedDiagnostics
13.04.2015 07:16 68�776 GDIPFONTCACHEV1.DAT
09.03.2015 17:57 <DIR> Google
11.03.2015 19:47 <DIR> Logitech
09.03.2015 18:27 <DIR> MFAData
10.04.2015 16:48 <DIR> Microsoft
10.04.2015 16:29 <DIR> Microsoft Help
17.04.2015 20:14 <DIR> NVIDIA Corporation
29.03.2015 02:15 <DIR> osu!
14.03.2015 19:10 <DIR> Programs
12.03.2015 08:23 <DIR> PunkBuster
01.05.2015 02:40 <DIR> Razer
01.05.2015 02:40 <DIR> Razer_Inc
20.03.2015 20:22 <DIR> RzStats
15.03.2015 17:16 <DIR> Skype
11.03.2015 19:51 <DIR> Steam
11.05.2015 21:33 <DIR> Temp
01.04.2015 19:41 <DIR> VirtualStore
Soubor�: 1, Bajt�: 68�776
Adres���: 28, Voln�ch bajt�: 61�414�547�456
========= End of CMD: =========
========= dir %programdata% =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je FE50-5969.
V�pis adres��e C:\ProgramData
11.05.2015 21:34 <DIR> .
11.05.2015 21:34 <DIR> ..
11.03.2015 19:47 <DIR> Apple
12.03.2015 22:20 <DIR> AVAST Software
11.03.2015 22:34 <DIR> Battle.net
30.04.2015 10:06 <DIR> Blizzard Entertainment
05.04.2015 00:06 <DIR> Celavimus
13.03.2015 18:25 <DIR> Comodo
07.04.2015 18:08 <DIR> DAEMON Tools Lite
12.03.2015 08:20 <DIR> EA Core
12.03.2015 08:23 <DIR> EA Logs
12.03.2015 08:20 <DIR> Electronic Arts
09.03.2015 18:14 <DIR> Intel
30.04.2015 11:55 <DIR> IObit
11.03.2015 19:48 <DIR> LogiShrd
14.03.2015 19:12 <DIR> Malwarebytes
12.03.2015 22:13 <DIR> MFAData
15.04.2015 23:09 <DIR> Microsoft Help
11.05.2015 14:08 <DIR> NVIDIA
17.04.2015 20:14 <DIR> NVIDIA Corporation
05.04.2015 00:03 <DIR> Package Cache
11.05.2015 14:09 <DIR> ProductData
01.05.2015 02:39 <DIR> Razer
11.03.2015 22:49 <DIR> Riot Games
28.03.2015 02:23 <DIR> RzSurroundVAD_1.1.60.0
14.04.2015 13:38 <DIR> Skype
Soubor�: 0, Bajt�: 0
Adres���: 26, Voln�ch bajt�: 61�414�535�168
========= End of CMD: =========
EmptyTemp: => Removed 391.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:35:16 ====
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Co problémy? + nový log z HJT
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
C:\Users\ASUS\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Problémy: bsod(většinou tak 1x za den), zpomalený Windows, na disku jsem našel nějaký soubor co měl 118GB(možná to byla příčina toho lagování systému), opět jsem NIC nestahoval nebo tak, vše steam nebo důvěryhodné stránky (třeba teamspeak atd.), na žádné odkazy ze steamu od botů jsem neklikal.
FRST
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
Ran by ASUS at 2015-05-15 23:28:32 Run:2
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available profiles: ASUS)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
C:\Users\ASUS\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\ASUS\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
EmptyTemp: => Removed 335.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 23:28:54 ====
HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:32:57, on 15.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\ASUS\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\ASUS\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7825 bytes
FRST
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 02
Ran by ASUS at 2015-05-15 23:28:32 Run:2
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available profiles: ASUS)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
C:\Users\ASUS\AppData\Roaming\IObit
C:\ProgramData\IObit
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\ASUS\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
EmptyTemp: => Removed 335.8 MB temporary data.
The system needed a reboot.
==== End of Fixlog 23:28:54 ====
HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:32:57, on 15.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\ASUS\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\ASUS\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7825 bytes
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD
Jak se jmenoval ten soubor se 118GB?
Na BSOD zde máme sekci BSOD, zajdi tam, tam ti s BSOD poradí lépe
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
NÁVOD
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] "C:\Program Files (x86)Jak se jmenoval ten soubor se 118GB?
Na BSOD zde máme sekci BSOD, zajdi tam, tam ti s BSOD poradí lépe
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
OTL
OTL logfile created on: 15.5.2015 23:58:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 57,27% Memory free
7,87 Gb Paging File | 5,93 Gb Available in Paging File | 75,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,60 Gb Total Space | 54,47 Gb Free Space | 55,82% Space Free | Partition Type: NTFS
Drive D: | 368,07 Gb Total Space | 325,47 Gb Free Space | 88,43% Space Free | Partition Type: NTFS
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ASUS\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\LoLPatcher.exe ()
PRC - D:\RADS\projects\lol_launcher\releases\0.0.0.245\deploy\LoLLauncher.exe ()
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\LolClient.exe ()
PRC - D:\RADS\system\rads_user_kernel.exe ()
PRC - C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe ()
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe (Razer, Inc.)
PRC - C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\LoLPatcher.exe ()
MOD - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\RiotLauncher.dll ()
MOD - D:\RADS\projects\lol_launcher\releases\0.0.0.245\deploy\LoLLauncher.exe ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\77cc16d399df967a8d3948aa01ecedd3\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\cf38410df743036dddd2e29c68553602\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\631e501e8611f2ddb0ecf8cfe6f85a4f\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9434f77ca26601ea0e62842eb11939ca\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\296ad57f274ce0f2e11e5a741758c317\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\75b9ac551609fa6737003bf4ca48925f\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8845a6c434ec8641b19e1a29f36cdfb5\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8f4b17e7676e613fc922d974f5009893\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c2a90e16577427c54a98645dbf27ae71\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8db1b8b30957349ed26103fc054ed578\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\cb422972bacf326e69f9bc58a0331be5\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c4d7840236e717124e98b3b7f5547346\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\8c810bc483268a987ef9d688774cab74\PresentationFramework.classic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ee87d3f6264bc1248c4062b176326150\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\09a518d721f8ad61104a5632f2a5da76\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\075cc0683015464d327a7d62d453ed4c\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d1666f62292fdfd6c4d918033cb8fe46\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\2bef68de63d3e646dd339caf914e1e49\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\39c3375662a17234e030f75b02b7586f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\7402af20975bfc53532312e8e8d6092a\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\611eb2b64240e106626a1b771d1d32ce\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\LolClient.exe ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - D:\RADS\system\rads_user_kernel.exe ()
MOD - C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libGLESv2.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libEGL.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (celavimushost) -- C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe (altPUG LLC)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RzSurroundVADStreamingService) -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (A-Volute)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)
DRV:64bit: - (RZSURROUNDVADService) -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech)
DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.05.07 21:00:50 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.5.13_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl\0.8.3.1_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.33_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_1\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
O1 HOSTS File: ([2015.04.04 18:21:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58AEB3CF-B9DA-4723-A124-5113341932FA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015.05.15 23:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015.05.15 23:30:22 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.05.15 23:28:04 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\FRST-OlderVersion
[2015.05.12 18:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015.05.12 18:31:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015.05.12 18:29:29 | 002,421,480 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2015.05.12 18:29:28 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2015.05.12 18:29:26 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015.05.12 18:29:26 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.05.12 18:29:26 | 000,871,856 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2015.05.12 18:29:26 | 000,582,056 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2015.05.12 18:29:26 | 000,213,432 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaemaxapo64.dll
[2015.05.12 18:29:26 | 000,162,224 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2015.05.12 18:29:26 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.05.12 18:29:25 | 000,856,992 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.05.12 18:29:25 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015.05.12 18:29:25 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015.05.12 18:29:25 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015.05.12 18:29:25 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015.05.12 18:29:25 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.05.12 18:29:24 | 001,413,776 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2015.05.12 18:29:24 | 000,454,288 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2015.05.12 18:29:24 | 000,369,296 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2015.05.12 18:29:22 | 000,734,376 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.05.12 18:29:22 | 000,250,536 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2015.05.12 18:29:21 | 001,104,040 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.05.12 18:29:20 | 000,943,784 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.05.12 18:29:19 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2015.05.12 18:29:19 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2015.05.12 18:29:18 | 000,837,776 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2015.05.12 18:29:18 | 000,654,480 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2015.05.12 18:29:18 | 000,544,400 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2015.05.12 18:29:18 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2015.05.12 18:29:18 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2015.05.12 18:29:18 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2015.05.12 18:29:17 | 000,435,344 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2015.05.12 18:29:16 | 002,907,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.05.12 18:29:16 | 002,702,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.05.12 18:29:15 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.05.12 18:29:12 | 000,168,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.05.12 18:29:12 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.05.12 18:29:11 | 003,218,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.05.12 18:29:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.05.12 18:29:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.05.12 18:29:10 | 001,303,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.05.12 18:29:10 | 000,631,000 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.05.12 18:29:10 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.05.12 18:29:10 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
OTL logfile created on: 15.5.2015 23:58:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 57,27% Memory free
7,87 Gb Paging File | 5,93 Gb Available in Paging File | 75,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,60 Gb Total Space | 54,47 Gb Free Space | 55,82% Space Free | Partition Type: NTFS
Drive D: | 368,07 Gb Total Space | 325,47 Gb Free Space | 88,43% Space Free | Partition Type: NTFS
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ASUS\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\LoLPatcher.exe ()
PRC - D:\RADS\projects\lol_launcher\releases\0.0.0.245\deploy\LoLLauncher.exe ()
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\LolClient.exe ()
PRC - D:\RADS\system\rads_user_kernel.exe ()
PRC - C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe ()
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe (Razer, Inc.)
PRC - C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\LoLPatcher.exe ()
MOD - D:\RADS\projects\lol_patcher\releases\0.0.0.29\deploy\RiotLauncher.dll ()
MOD - D:\RADS\projects\lol_launcher\releases\0.0.0.245\deploy\LoLLauncher.exe ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\77cc16d399df967a8d3948aa01ecedd3\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\cf38410df743036dddd2e29c68553602\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\631e501e8611f2ddb0ecf8cfe6f85a4f\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9434f77ca26601ea0e62842eb11939ca\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\296ad57f274ce0f2e11e5a741758c317\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\75b9ac551609fa6737003bf4ca48925f\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8845a6c434ec8641b19e1a29f36cdfb5\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8f4b17e7676e613fc922d974f5009893\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c2a90e16577427c54a98645dbf27ae71\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8db1b8b30957349ed26103fc054ed578\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\cb422972bacf326e69f9bc58a0331be5\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c4d7840236e717124e98b3b7f5547346\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\8c810bc483268a987ef9d688774cab74\PresentationFramework.classic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ee87d3f6264bc1248c4062b176326150\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\09a518d721f8ad61104a5632f2a5da76\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\075cc0683015464d327a7d62d453ed4c\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d1666f62292fdfd6c4d918033cb8fe46\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\2bef68de63d3e646dd339caf914e1e49\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\39c3375662a17234e030f75b02b7586f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\7402af20975bfc53532312e8e8d6092a\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\611eb2b64240e106626a1b771d1d32ce\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\LolClient.exe ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll ()
MOD - D:\RADS\projects\lol_air_client\releases\0.0.1.144\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - D:\RADS\system\rads_user_kernel.exe ()
MOD - C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libGLESv2.dll ()
MOD - C:\Users\ASUS\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libEGL.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (celavimushost) -- C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe (altPUG LLC)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RzSurroundVADStreamingService) -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (A-Volute)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)
DRV:64bit: - (RZSURROUNDVADService) -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech)
DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (RTCore64) -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.05.07 21:00:50 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.5.13_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl\0.8.3.1_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.33_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_1\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
O1 HOSTS File: ([2015.04.04 18:21:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D5DDF34FE692FC2EA1B8968615A3C02A] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58AEB3CF-B9DA-4723-A124-5113341932FA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015.05.15 23:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015.05.15 23:30:22 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.05.15 23:28:04 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Desktop\FRST-OlderVersion
[2015.05.12 18:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015.05.12 18:31:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015.05.12 18:29:29 | 002,421,480 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2015.05.12 18:29:28 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2015.05.12 18:29:26 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015.05.12 18:29:26 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.05.12 18:29:26 | 000,871,856 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2015.05.12 18:29:26 | 000,582,056 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2015.05.12 18:29:26 | 000,213,432 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaemaxapo64.dll
[2015.05.12 18:29:26 | 000,162,224 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2015.05.12 18:29:26 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.05.12 18:29:25 | 000,856,992 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.05.12 18:29:25 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015.05.12 18:29:25 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015.05.12 18:29:25 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015.05.12 18:29:25 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015.05.12 18:29:25 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.05.12 18:29:24 | 001,413,776 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2015.05.12 18:29:24 | 000,454,288 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2015.05.12 18:29:24 | 000,369,296 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2015.05.12 18:29:22 | 000,734,376 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.05.12 18:29:22 | 000,250,536 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2015.05.12 18:29:21 | 001,104,040 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.05.12 18:29:20 | 000,943,784 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.05.12 18:29:19 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2015.05.12 18:29:19 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2015.05.12 18:29:18 | 000,837,776 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2015.05.12 18:29:18 | 000,654,480 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2015.05.12 18:29:18 | 000,544,400 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2015.05.12 18:29:18 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2015.05.12 18:29:18 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2015.05.12 18:29:18 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2015.05.12 18:29:17 | 000,435,344 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2015.05.12 18:29:16 | 002,907,864 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.05.12 18:29:16 | 002,702,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.05.12 18:29:15 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.05.12 18:29:12 | 000,168,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.05.12 18:29:12 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.05.12 18:29:11 | 003,218,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.05.12 18:29:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.05.12 18:29:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.05.12 18:29:10 | 001,303,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.05.12 18:29:10 | 000,631,000 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.05.12 18:29:10 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.05.12 18:29:10 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
[2015.05.12 18:29:09 | 002,846,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.05.12 18:29:08 | 002,530,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RltkAPO.dll
[2015.05.12 18:29:07 | 072,113,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2015.05.12 18:29:07 | 001,736,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.05.12 18:29:05 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2015.05.12 18:29:05 | 005,615,552 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2015.05.12 18:29:05 | 000,995,120 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2015.05.12 18:29:05 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2015.05.12 18:29:05 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2015.05.12 18:29:05 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2015.05.12 18:29:05 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2015.05.12 18:29:04 | 005,234,952 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2015.05.12 18:29:04 | 000,906,800 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\MISS_APO.dll
[2015.05.12 18:29:03 | 012,834,736 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2015.05.12 18:29:03 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015.05.12 18:29:02 | 012,975,360 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2015.05.12 18:29:01 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2015.05.12 18:29:01 | 000,979,280 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2015.05.12 18:28:59 | 014,048,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2015.05.12 18:28:59 | 002,789,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2015.05.12 18:28:59 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015.05.12 18:28:59 | 001,499,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2015.05.12 18:28:59 | 001,360,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2015.05.12 18:28:59 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2015.05.12 18:28:59 | 000,922,880 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015.05.12 18:28:59 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015.05.12 18:28:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015.05.12 18:28:58 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2015.05.12 18:28:58 | 000,306,288 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2015.05.12 18:28:54 | 003,182,104 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.05.12 18:28:54 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015.05.12 18:28:53 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015.05.12 18:28:53 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015.05.12 18:28:53 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015.05.12 18:28:53 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2015.05.12 18:28:53 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015.05.12 18:28:53 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2015.05.12 18:28:53 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015.05.12 18:28:53 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2015.05.12 18:28:53 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015.05.12 18:28:53 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015.05.12 18:28:52 | 007,087,448 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2015.05.12 18:28:52 | 006,242,576 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2015.05.12 18:28:52 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2015.05.12 18:28:52 | 001,933,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2015.05.12 18:28:52 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015.05.12 18:28:52 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015.05.12 18:28:52 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015.05.12 18:28:52 | 000,336,144 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2015.05.12 18:28:52 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2015.05.12 18:28:52 | 000,284,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2015.05.12 18:28:52 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2015.05.12 18:28:52 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015.05.12 18:28:51 | 001,559,744 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.05.12 18:28:51 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.05.12 18:28:50 | 000,560,328 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.05.12 18:28:50 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.05.12 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015.05.10 11:45:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\4A Games
[2015.05.07 21:01:18 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.05.07 21:01:03 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.30 12:27:43 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2015.04.30 12:27:43 | 000,129,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2015.04.30 12:26:49 | 000,977,624 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015.04.30 12:26:49 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2015.04.30 11:42:56 | 000,026,528 | ---- | C] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015.04.30 11:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
[2015.04.30 11:41:36 | 000,034,080 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2015.04.30 11:41:35 | 000,128,288 | ---- | C] (IObit) -- C:\Windows\SysNative\IObitSmartDefragExtension.dll
[2015.04.30 11:41:29 | 000,021,184 | ---- | C] (IObit) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2015.04.30 11:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
[2015.04.30 11:20:15 | 000,000,000 | ---D | C] -- C:\FRST
[2015.04.30 11:19:50 | 002,106,368 | ---- | C] (Farbar) -- C:\Users\ASUS\Desktop\FRST64.exe
[2015.04.30 10:06:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Heroes of the Storm
[2015.04.30 10:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
[2015.04.22 21:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2015.04.21 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2015.04.21 17:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2015.04.21 17:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2015.04.17 19:43:39 | 000,560,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.04.17 19:39:57 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.04.17 19:39:56 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.04.17 19:39:53 | 017,176,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015.04.17 19:39:52 | 031,570,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.04.17 19:39:52 | 030,397,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.04.17 19:39:52 | 025,375,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.04.17 19:39:52 | 024,053,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.04.17 19:39:52 | 015,818,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.04.17 19:39:52 | 015,716,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.04.17 19:39:52 | 014,006,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.04.17 19:39:52 | 012,852,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.04.17 19:39:52 | 011,380,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.04.17 19:39:52 | 002,896,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.04.17 19:39:52 | 002,573,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.04.17 19:39:52 | 001,086,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.04.17 19:39:52 | 000,927,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.04.17 19:39:52 | 000,175,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.04.17 19:39:52 | 000,154,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.04.17 18:42:08 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2015.04.17 18:42:08 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2015.04.16 18:50:16 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2015.04.16 18:50:15 | 001,895,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435012.dll
[2015.04.16 18:50:15 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435012.dll
[2015.04.16 18:50:13 | 001,047,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.04.16 18:50:13 | 001,037,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.04.16 18:50:13 | 000,970,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.04.16 18:50:13 | 000,962,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.04.16 18:50:13 | 000,150,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.04.16 18:50:13 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.04.16 18:40:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\NVIDIA Corporation
========== Files - Modified Within 30 Days ==========
[2015.05.15 23:38:44 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.15 23:38:44 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.15 23:30:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.05.15 23:30:05 | 3171,004,416 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.15 23:28:04 | 002,106,368 | ---- | M] (Farbar) -- C:\Users\ASUS\Desktop\FRST64.exe
[2015.05.15 22:14:31 | 577,402,080 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015.05.15 20:18:11 | 000,000,713 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015.05.14 15:46:25 | 000,000,221 | ---- | M] () -- C:\Users\ASUS\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2015.05.12 18:32:15 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2015.05.12 18:29:29 | 002,421,480 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2015.05.12 18:29:28 | 002,162,992 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2015.05.12 18:29:27 | 002,101,848 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015.05.12 18:29:26 | 001,361,336 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.05.12 18:29:26 | 000,871,856 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2015.05.12 18:29:26 | 000,582,056 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2015.05.12 18:29:26 | 000,213,432 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaemaxapo64.dll
[2015.05.12 18:29:26 | 000,162,224 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2015.05.12 18:29:26 | 000,065,944 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.05.12 18:29:25 | 001,413,776 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2015.05.12 18:29:25 | 000,856,992 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.05.12 18:29:25 | 000,518,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015.05.12 18:29:25 | 000,211,184 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015.05.12 18:29:25 | 000,198,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015.05.12 18:29:25 | 000,155,888 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015.05.12 18:29:25 | 000,148,416 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.05.12 18:29:24 | 000,454,288 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2015.05.12 18:29:24 | 000,369,296 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2015.05.12 18:29:23 | 000,734,376 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.05.12 18:29:22 | 000,250,536 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2015.05.12 18:29:21 | 001,104,040 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.05.12 18:29:20 | 000,947,760 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2015.05.12 18:29:20 | 000,943,784 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.05.12 18:29:19 | 000,221,024 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2015.05.12 18:29:18 | 000,837,776 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2015.05.12 18:29:18 | 000,654,480 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2015.05.12 18:29:18 | 000,544,400 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2015.05.12 18:29:18 | 000,081,248 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2015.05.12 18:29:18 | 000,078,688 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2015.05.12 18:29:18 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2015.05.12 18:29:17 | 005,804,772 | ---- | M] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2015.05.12 18:29:17 | 000,435,344 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2015.05.12 18:29:16 | 002,907,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.05.12 18:29:16 | 002,702,040 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.05.12 18:29:15 | 000,331,880 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.05.12 18:29:12 | 003,218,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.05.12 18:29:12 | 000,168,816 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.05.12 18:29:12 | 000,014,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.05.12 18:29:11 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.05.12 18:29:11 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.05.12 18:29:10 | 001,990,874 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.05.12 18:29:10 | 001,303,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.05.12 18:29:10 | 000,631,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.05.12 18:29:10 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.05.12 18:29:10 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.05.12 18:29:09 | 002,846,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.05.12 18:29:08 | 072,113,152 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2015.05.12 18:29:08 | 002,530,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RltkAPO.dll
[2015.05.12 18:29:07 | 001,736,408 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.05.12 18:29:05 | 007,164,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2015.05.12 18:29:05 | 005,615,552 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2015.05.12 18:29:05 | 005,234,952 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2015.05.12 18:29:05 | 000,995,120 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2015.05.12 18:29:05 | 000,434,960 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2015.05.12 18:29:05 | 000,141,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2015.05.12 18:29:05 | 000,124,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2015.05.12 18:29:05 | 000,075,024 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2015.05.12 18:29:04 | 000,906,800 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\MISS_APO.dll
[2015.05.12 18:29:03 | 012,975,360 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2015.05.12 18:29:03 | 012,834,736 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2015.05.12 18:29:03 | 000,662,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015.05.12 18:29:01 | 014,048,512 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2015.05.12 18:29:01 | 001,313,904 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2015.05.12 18:29:01 | 000,979,280 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2015.05.12 18:28:59 | 002,789,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2015.05.12 18:28:59 | 002,041,432 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015.05.12 18:28:59 | 001,499,984 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2015.05.12 18:28:59 | 001,360,640 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2015.05.12 18:28:59 | 001,136,728 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2015.05.12 18:28:59 | 000,922,880 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015.05.12 18:28:59 | 000,663,296 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015.05.12 18:28:59 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015.05.12 18:28:58 | 000,603,984 | ---- | M] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2015.05.12 18:28:58 | 000,306,288 | ---- | M] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2015.05.12 18:28:54 | 003,182,104 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.05.12 18:28:54 | 000,693,352 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015.05.12 18:28:53 | 001,756,264 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015.05.12 18:28:53 | 001,568,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015.05.12 18:28:53 | 000,712,296 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015.05.12 18:28:53 | 000,501,184 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2015.05.12 18:28:53 | 000,491,112 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015.05.12 18:28:53 | 000,487,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2015.05.12 18:28:53 | 000,432,744 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015.05.12 18:28:53 | 000,415,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2015.05.12 18:28:53 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015.05.12 18:28:53 | 000,241,768 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015.05.12 18:28:52 | 007,087,448 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2015.05.12 18:28:52 | 006,242,576 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2015.05.12 18:28:52 | 001,939,800 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2015.05.12 18:28:52 | 001,933,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2015.05.12 18:28:52 | 001,486,952 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015.05.12 18:28:52 | 000,728,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015.05.12 18:28:52 | 000,428,648 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015.05.12 18:28:52 | 000,336,144 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2015.05.12 18:28:52 | 000,315,736 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2015.05.12 18:28:52 | 000,284,944 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2015.05.12 18:28:52 | 000,261,464 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2015.05.12 18:28:52 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015.05.12 18:28:51 | 001,559,744 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.05.12 18:28:51 | 000,113,576 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.05.12 18:28:50 | 000,560,328 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.05.12 18:28:50 | 000,109,848 | ---- | M] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2015.05.12 18:28:50 | 000,108,640 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.05.12 18:28:50 | 000,096,568 | ---- | M] () -- C:\Windows\SysNative\audioLibVc.dll
[2015.05.12 18:24:40 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015.05.12 18:23:53 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.05.09 23:16:24 | 000,000,221 | ---- | M] () -- C:\Users\ASUS\Desktop\Metro 2033.url
[2015.05.07 21:01:13 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.05.07 21:01:13 | 000,272,248 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.05.07 21:01:13 | 000,137,288 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.05.07 21:01:12 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.05.07 21:01:12 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.05.07 21:01:12 | 000,089,944 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.05.07 21:01:12 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.05.07 21:01:12 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.05.07 21:01:03 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.05.07 21:00:48 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.05.01 02:39:52 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2015.04.30 12:27:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015.04.30 12:27:43 | 001,795,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2015.04.30 12:27:43 | 000,129,312 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2015.04.30 12:26:49 | 000,977,624 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015.04.30 12:26:49 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2015.04.30 12:26:49 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2015.04.30 11:42:56 | 000,026,528 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015.04.30 10:05:54 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2015.04.28 06:44:12 | 001,731,420 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.04.28 06:44:12 | 000,759,432 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.04.28 06:44:12 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.04.28 06:44:12 | 000,195,712 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.04.28 06:44:12 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.04.21 17:24:54 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.04.18 10:50:18 | 000,011,374 | ---- | M] () -- C:\Users\ASUS\Documents\cc_20150418_104959.reg
[2015.04.18 10:48:00 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2015.05.14 15:46:25 | 000,000,221 | ---- | C] () -- C:\Users\ASUS\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2015.05.12 21:48:43 | 577,402,080 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015.05.12 18:32:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015.05.12 18:29:16 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2015.05.12 18:29:09 | 001,990,874 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.05.12 18:28:50 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2015.05.12 18:28:50 | 000,096,568 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2015.05.12 18:24:40 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015.05.12 18:24:21 | 000,000,713 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015.05.09 23:16:23 | 000,000,221 | ---- | C] () -- C:\Users\ASUS\Desktop\Metro 2033.url
[2015.05.01 02:39:52 | 000,002,125 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2015.04.30 12:27:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015.04.30 10:05:54 | 000,000,682 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2015.04.21 17:24:54 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.04.18 10:50:17 | 000,011,374 | ---- | C] () -- C:\Users\ASUS\Documents\cc_20150418_104959.reg
[2015.04.04 18:01:51 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015.04.01 22:57:31 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.03.12 00:00:49 | 000,348,672 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.03.12 00:00:40 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015.03.09 18:19:12 | 001,706,134 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.03.12 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AVAST Software
[2015.03.14 02:01:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Battle.net
[2015.03.12 22:22:55 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Dropbox
[2015.05.15 23:30:23 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.03.27 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\LolClient
[2015.04.04 18:05:18 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ProductData
[2015.03.27 21:19:47 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Riot Games
[2015.05.10 19:17:43 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2015.03.09 18:33:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\poqexec.exe:$CmdTcID
< End of report >
Extras
OTL Extras logfile created on: 15.5.2015 23:58:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 57,27% Memory free
7,87 Gb Paging File | 5,93 Gb Available in Paging File | 75,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,60 Gb Total Space | 54,47 Gb Free Space | 55,82% Space Free | Partition Type: NTFS
Drive D: | 368,07 Gb Total Space | 325,47 Gb Free Space | 88,43% Space Free | Partition Type: NTFS
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4E0564D0-314C-42F8-9C42-B5198C82F8D9}" = lport=54045 | protocol=17 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"{58DD29CF-DA51-40A4-A7EC-B936DC5D02EE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0512ABC4-DEE9-447E-A45C-7F317F9DBA87}" = protocol=6 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"{2436C7B4-10A8-49F9-85C0-6BBF4016A0D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{3EB32A62-C678-491F-B234-9CB3206B97CE}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{4FCA019C-5407-4285-A69E-16A7DBC5CD66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{51F917D1-1D03-4F6D-96FE-8FC6379D5F7B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{583385A7-C0DB-4CDF-AB65-935E3F83490E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{593242CB-D0CF-4C5F-A502-3D806BB1C33C}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{62B23D2C-872B-47F7-955E-0AC2CCDA5848}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{68B53BB5-6B51-4C38-90D5-03786B7087B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{70EAA59D-F8FA-4911-8300-ABF9304929D9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74240C58-55D6-41B3-ABD7-067A2D5259CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7F0A37FD-BE9F-4A37-BDC9-2689CE4D4C27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8254662A-4091-45E8-93F9-4079CEBCC14C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{896B3392-0C97-4EE4-81FF-3B8EC2DAFA90}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{A353B882-535D-4EF1-8F79-4ADAA186C554}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{A8BB8B02-01F8-41FB-9762-EECC2FBBE21A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AD2D18DC-3DF2-40F7-85B6-4B390304A9E7}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{B91D9DD8-BEA4-4BE6-920B-C9DE5651F070}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{C525E085-9085-48CE-8AE8-DD22BA300723}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D62A0558-F470-443A-8331-4A382A7E6B9D}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{4A8F9B70-29B3-43A5-90D6-A474C81F7DAF}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{7042BD8D-C7C5-46E0-BCD0-EB5C31EB5CB2}D:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=d:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |
"TCP Query User{E463B666-EAAA-4EBF-A144-F8506AC1A3EC}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{18176B39-B9D0-4F02-8132-B27E39B9B647}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{63963D4B-5F7E-4941-BFCD-73D0C0438EFD}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{67CB1594-ACD9-44D0-84F5-9957D9662EDB}D:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=d:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 349.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0324
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C7090522-1436-4FD6-9449-B06A665E2537}" = Intel(R) Chipset Device Software
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logitech Gaming Software 8.58
"WinRAR archiver" = WinRAR 5.21 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.3
"{5ae11e9e-c192-4030-97b5-2f83e0edf570}" = Intel® Chipset Device Software
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{BD3AE453-BBFB-47C0-8999-7D1CB0188BA5}" = System Requirements Lab Detection
"{c38b75ca-6796-40ee-a6df-a8d19c128d94}" = osu!
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Afterburner" = MSI Afterburner 4.1.0
"Avast" = Avast Free Antivirus
"Battle.net" = Battle.net
"CEVO CS:GO Client Beta_is1" = CEVO CS:GO Client Beta version 1.0
"Driver Booster_is1" = Driver Booster 2.3
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Razer Game Booster_is1" = Razer Game Booster
"Razer Surround" = Razer Surround
"Smart Defrag 4_is1" = Smart Defrag 4
"Steam" = Steam
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 43110" = Metro 2033
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.5.2015 15:06:58 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CelavimusClient.exe, verze: 1.4.0.0, časové
razítko: 0x550783bc Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18798,
časové razítko: 0x5507b485 Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1980 Čas spuštění chybující aplikace: 0x01d08b5471ade54a Cesta k chybující
aplikaci: C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ba8d2ded-f747-11e4-90fa-60a44c5075e6
Error - 10.5.2015 15:07:28 | Computer Name = ASUS-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 10.5.2015 15:07:28 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CelavimusClient.exe, verze: 1.4.0.0, časové
razítko: 0x550783bc Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18798,
časové razítko: 0x5507b485 Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1234 Čas spuštění chybující aplikace: 0x01d08b548dd074c1 Cesta k chybující
aplikaci: C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ccb8c839-f747-11e4-90fa-60a44c5075e6
Error - 11.5.2015 15:34:08 | Computer Name = ASUS-PC | Source = VSS | ID = 8194
Description =
Error - 12.5.2015 15:32:01 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program nvcplui.exe verze 8.1.770.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
2c42c Čas spuštění: 01d08ccbf09e7782 Čas ukončení: 1021 Cesta k aplikaci: C:\Program
Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe ID hlášení:
Error - 15.5.2015 14:12:58 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 3c45c Čas
spuštění: 01d08f37cf85e94a Čas ukončení: 2468 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 15:28:15 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 4af34 Čas
spuštění: 01d08f3e0339afd4 Čas ukončení: 9201 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 16:01:59 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 61834 Čas
spuštění: 01d08f4981fe2281 Čas ukončení: 0 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 17:01:02 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: chrome.exe, verze: 42.0.2311.90, časové
razítko: 0x552c2225 Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7601.18532,
časové razítko: 0x53c3352a Kód výjimky: 0xc0020043 Posun chyby: 0x0005d111 ID chybujícího
procesu: 0x888 Čas spuštění chybující aplikace: 0x01d08f5234a2cedd Cesta k chybující
aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Cesta k chybujícímu
modulu: C:\Windows\syswow64\RPCRT4.dll ID zprávy: 7e4e1d0d-fb45-11e4-8d8b-60a44c5075e6
Error - 15.5.2015 17:48:07 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rads_user_kernel.exe, verze: 0.0.0.0, časové
razítko: 0x4e65c1ac Název chybujícího modulu: rads_user_kernel.exe, verze: 0.0.0.0,
časové razítko: 0x4e65c1ac Kód výjimky: 0xc0000005 Posun chyby: 0x000b8554 ID chybujícího
procesu: 0xcd0 Čas spuštění chybující aplikace: 0x01d08f58d295be23 Cesta k chybující
aplikaci: D:\RADS\system\rads_user_kernel.exe Cesta k chybujícímu modulu: D:\RADS\system\rads_user_kernel.exe
ID
zprávy: 11f39174-fb4c-11e4-892c-60a44c5075e6
[ System Events ]
Error - 29.4.2015 14:35:00 | Computer Name = ASUS-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort5.
Error - 29.4.2015 14:35:00 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
[2015.05.12 18:29:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.05.12 18:29:08 | 002,530,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RltkAPO.dll
[2015.05.12 18:29:07 | 072,113,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2015.05.12 18:29:07 | 001,736,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.05.12 18:29:05 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2015.05.12 18:29:05 | 005,615,552 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2015.05.12 18:29:05 | 000,995,120 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2015.05.12 18:29:05 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2015.05.12 18:29:05 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2015.05.12 18:29:05 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2015.05.12 18:29:05 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2015.05.12 18:29:04 | 005,234,952 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2015.05.12 18:29:04 | 000,906,800 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\MISS_APO.dll
[2015.05.12 18:29:03 | 012,834,736 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2015.05.12 18:29:03 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015.05.12 18:29:02 | 012,975,360 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2015.05.12 18:29:01 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2015.05.12 18:29:01 | 000,979,280 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2015.05.12 18:28:59 | 014,048,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2015.05.12 18:28:59 | 002,789,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2015.05.12 18:28:59 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015.05.12 18:28:59 | 001,499,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2015.05.12 18:28:59 | 001,360,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2015.05.12 18:28:59 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2015.05.12 18:28:59 | 000,922,880 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015.05.12 18:28:59 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015.05.12 18:28:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015.05.12 18:28:58 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2015.05.12 18:28:58 | 000,306,288 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2015.05.12 18:28:54 | 003,182,104 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.05.12 18:28:54 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015.05.12 18:28:53 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015.05.12 18:28:53 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015.05.12 18:28:53 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015.05.12 18:28:53 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2015.05.12 18:28:53 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015.05.12 18:28:53 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2015.05.12 18:28:53 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015.05.12 18:28:53 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2015.05.12 18:28:53 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015.05.12 18:28:53 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015.05.12 18:28:52 | 007,087,448 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2015.05.12 18:28:52 | 006,242,576 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2015.05.12 18:28:52 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2015.05.12 18:28:52 | 001,933,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2015.05.12 18:28:52 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015.05.12 18:28:52 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015.05.12 18:28:52 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015.05.12 18:28:52 | 000,336,144 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2015.05.12 18:28:52 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2015.05.12 18:28:52 | 000,284,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2015.05.12 18:28:52 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2015.05.12 18:28:52 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015.05.12 18:28:51 | 001,559,744 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.05.12 18:28:51 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.05.12 18:28:50 | 000,560,328 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.05.12 18:28:50 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.05.12 18:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015.05.10 11:45:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\4A Games
[2015.05.07 21:01:18 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.05.07 21:01:03 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.30 12:27:43 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2015.04.30 12:27:43 | 000,129,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2015.04.30 12:26:49 | 000,977,624 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015.04.30 12:26:49 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2015.04.30 11:42:56 | 000,026,528 | ---- | C] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015.04.30 11:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
[2015.04.30 11:41:36 | 000,034,080 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2015.04.30 11:41:35 | 000,128,288 | ---- | C] (IObit) -- C:\Windows\SysNative\IObitSmartDefragExtension.dll
[2015.04.30 11:41:29 | 000,021,184 | ---- | C] (IObit) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2015.04.30 11:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
[2015.04.30 11:20:15 | 000,000,000 | ---D | C] -- C:\FRST
[2015.04.30 11:19:50 | 002,106,368 | ---- | C] (Farbar) -- C:\Users\ASUS\Desktop\FRST64.exe
[2015.04.30 10:06:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Heroes of the Storm
[2015.04.30 10:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
[2015.04.22 21:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2015.04.21 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2015.04.21 17:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2015.04.21 17:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2015.04.17 19:43:39 | 000,560,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.04.17 19:39:57 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.04.17 19:39:56 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.04.17 19:39:53 | 017,176,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015.04.17 19:39:52 | 031,570,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.04.17 19:39:52 | 030,397,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.04.17 19:39:52 | 025,375,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.04.17 19:39:52 | 024,053,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.04.17 19:39:52 | 015,818,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.04.17 19:39:52 | 015,716,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.04.17 19:39:52 | 014,006,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.04.17 19:39:52 | 012,852,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.04.17 19:39:52 | 011,380,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.04.17 19:39:52 | 002,896,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.04.17 19:39:52 | 002,573,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.04.17 19:39:52 | 001,086,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.04.17 19:39:52 | 000,927,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.04.17 19:39:52 | 000,175,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.04.17 19:39:52 | 000,154,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.04.17 18:42:08 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2015.04.17 18:42:08 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2015.04.16 18:50:16 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2015.04.16 18:50:15 | 001,895,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435012.dll
[2015.04.16 18:50:15 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435012.dll
[2015.04.16 18:50:13 | 001,047,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.04.16 18:50:13 | 001,037,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.04.16 18:50:13 | 000,970,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.04.16 18:50:13 | 000,962,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.04.16 18:50:13 | 000,150,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.04.16 18:50:13 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.04.16 18:40:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\NVIDIA Corporation
========== Files - Modified Within 30 Days ==========
[2015.05.15 23:38:44 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.15 23:38:44 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.15 23:30:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.05.15 23:30:05 | 3171,004,416 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.15 23:28:04 | 002,106,368 | ---- | M] (Farbar) -- C:\Users\ASUS\Desktop\FRST64.exe
[2015.05.15 22:14:31 | 577,402,080 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015.05.15 20:18:11 | 000,000,713 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015.05.14 15:46:25 | 000,000,221 | ---- | M] () -- C:\Users\ASUS\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2015.05.12 18:32:15 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2015.05.12 18:29:29 | 002,421,480 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2015.05.12 18:29:28 | 002,162,992 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2015.05.12 18:29:27 | 002,101,848 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2015.05.12 18:29:26 | 001,361,336 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2015.05.12 18:29:26 | 000,871,856 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2015.05.12 18:29:26 | 000,582,056 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2015.05.12 18:29:26 | 000,213,432 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaemaxapo64.dll
[2015.05.12 18:29:26 | 000,162,224 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2015.05.12 18:29:26 | 000,065,944 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2015.05.12 18:29:25 | 001,413,776 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2015.05.12 18:29:25 | 000,856,992 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2015.05.12 18:29:25 | 000,518,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015.05.12 18:29:25 | 000,211,184 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015.05.12 18:29:25 | 000,198,896 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015.05.12 18:29:25 | 000,155,888 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015.05.12 18:29:25 | 000,148,416 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2015.05.12 18:29:24 | 000,454,288 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2015.05.12 18:29:24 | 000,369,296 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2015.05.12 18:29:24 | 000,329,360 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2015.05.12 18:29:23 | 000,734,376 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2015.05.12 18:29:22 | 000,250,536 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2015.05.12 18:29:21 | 001,104,040 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2015.05.12 18:29:20 | 000,947,760 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2015.05.12 18:29:20 | 000,943,784 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2015.05.12 18:29:19 | 000,221,024 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2015.05.12 18:29:18 | 000,837,776 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2015.05.12 18:29:18 | 000,654,480 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2015.05.12 18:29:18 | 000,544,400 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2015.05.12 18:29:18 | 000,081,248 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2015.05.12 18:29:18 | 000,078,688 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2015.05.12 18:29:18 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2015.05.12 18:29:17 | 005,804,772 | ---- | M] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2015.05.12 18:29:17 | 000,435,344 | ---- | M] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2015.05.12 18:29:16 | 002,907,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2015.05.12 18:29:16 | 002,702,040 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2015.05.12 18:29:15 | 000,331,880 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2015.05.12 18:29:12 | 003,218,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2015.05.12 18:29:12 | 000,168,816 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2015.05.12 18:29:12 | 000,014,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2015.05.12 18:29:11 | 000,375,128 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.05.12 18:29:11 | 000,101,208 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.05.12 18:29:10 | 001,990,874 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.05.12 18:29:10 | 001,303,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2015.05.12 18:29:10 | 000,631,000 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2015.05.12 18:29:10 | 000,204,120 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.05.12 18:29:10 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.05.12 18:29:09 | 002,846,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.05.12 18:29:09 | 000,310,104 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.05.12 18:29:08 | 072,113,152 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2015.05.12 18:29:08 | 002,530,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RltkAPO.dll
[2015.05.12 18:29:07 | 001,736,408 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2015.05.12 18:29:05 | 007,164,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2015.05.12 18:29:05 | 005,615,552 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICV2apo.dll
[2015.05.12 18:29:05 | 005,234,952 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2015.05.12 18:29:05 | 000,995,120 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NahimicAPONSControl.dll
[2015.05.12 18:29:05 | 000,434,960 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2015.05.12 18:29:05 | 000,141,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2015.05.12 18:29:05 | 000,124,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2015.05.12 18:29:05 | 000,075,024 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2015.05.12 18:29:04 | 000,906,800 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\MISS_APO.dll
[2015.05.12 18:29:03 | 012,975,360 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2015.05.12 18:29:03 | 012,834,736 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO4064.dll
[2015.05.12 18:29:03 | 000,662,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015.05.12 18:29:01 | 014,048,512 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2015.05.12 18:29:01 | 001,313,904 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2015.05.12 18:29:01 | 000,979,280 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2015.05.12 18:28:59 | 002,789,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO7064.dll
[2015.05.12 18:28:59 | 002,041,432 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2015.05.12 18:28:59 | 001,499,984 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2015.05.12 18:28:59 | 001,360,640 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2015.05.12 18:28:59 | 001,136,728 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2015.05.12 18:28:59 | 000,922,880 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2015.05.12 18:28:59 | 000,663,296 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015.05.12 18:28:59 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015.05.12 18:28:58 | 000,603,984 | ---- | M] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2015.05.12 18:28:58 | 000,306,288 | ---- | M] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2015.05.12 18:28:54 | 003,182,104 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.05.12 18:28:54 | 000,693,352 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015.05.12 18:28:53 | 001,756,264 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015.05.12 18:28:53 | 001,568,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015.05.12 18:28:53 | 000,712,296 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015.05.12 18:28:53 | 000,501,184 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2015.05.12 18:28:53 | 000,491,112 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015.05.12 18:28:53 | 000,487,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2015.05.12 18:28:53 | 000,432,744 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015.05.12 18:28:53 | 000,415,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2015.05.12 18:28:53 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015.05.12 18:28:53 | 000,241,768 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015.05.12 18:28:52 | 007,087,448 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2015.05.12 18:28:52 | 006,242,576 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64AF3.dll
[2015.05.12 18:28:52 | 001,939,800 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2015.05.12 18:28:52 | 001,933,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64AF3.dll
[2015.05.12 18:28:52 | 001,486,952 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015.05.12 18:28:52 | 000,728,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015.05.12 18:28:52 | 000,428,648 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015.05.12 18:28:52 | 000,336,144 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64AF3.dll
[2015.05.12 18:28:52 | 000,315,736 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2015.05.12 18:28:52 | 000,284,944 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64F3.dll
[2015.05.12 18:28:52 | 000,261,464 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2015.05.12 18:28:52 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015.05.12 18:28:51 | 001,559,744 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\SysNative\CX64APO.dll
[2015.05.12 18:28:51 | 000,113,576 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2015.05.12 18:28:50 | 000,560,328 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2015.05.12 18:28:50 | 000,109,848 | ---- | M] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2015.05.12 18:28:50 | 000,108,640 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2015.05.12 18:28:50 | 000,096,568 | ---- | M] () -- C:\Windows\SysNative\audioLibVc.dll
[2015.05.12 18:24:40 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015.05.12 18:23:53 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.05.09 23:16:24 | 000,000,221 | ---- | M] () -- C:\Users\ASUS\Desktop\Metro 2033.url
[2015.05.07 21:01:13 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.05.07 21:01:13 | 000,272,248 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.05.07 21:01:13 | 000,137,288 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.05.07 21:01:12 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.05.07 21:01:12 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.05.07 21:01:12 | 000,089,944 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.05.07 21:01:12 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.05.07 21:01:12 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.05.07 21:01:03 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.05.07 21:00:48 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.05.01 02:39:52 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2015.04.30 12:27:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015.04.30 12:27:43 | 001,795,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2015.04.30 12:27:43 | 000,129,312 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2015.04.30 12:26:49 | 000,977,624 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2015.04.30 12:26:49 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2015.04.30 12:26:49 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2015.04.30 11:42:56 | 000,026,528 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2015.04.30 10:05:54 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2015.04.28 06:44:12 | 001,731,420 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.04.28 06:44:12 | 000,759,432 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.04.28 06:44:12 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.04.28 06:44:12 | 000,195,712 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.04.28 06:44:12 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.04.21 17:24:54 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.04.18 10:50:18 | 000,011,374 | ---- | M] () -- C:\Users\ASUS\Documents\cc_20150418_104959.reg
[2015.04.18 10:48:00 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2015.05.14 15:46:25 | 000,000,221 | ---- | C] () -- C:\Users\ASUS\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2015.05.12 21:48:43 | 577,402,080 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015.05.12 18:32:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015.05.12 18:29:16 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2015.05.12 18:29:09 | 001,990,874 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2015.05.12 18:28:50 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2015.05.12 18:28:50 | 000,096,568 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2015.05.12 18:24:40 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015.05.12 18:24:21 | 000,000,713 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015.05.09 23:16:23 | 000,000,221 | ---- | C] () -- C:\Users\ASUS\Desktop\Metro 2033.url
[2015.05.01 02:39:52 | 000,002,125 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2015.04.30 12:27:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015.04.30 10:05:54 | 000,000,682 | ---- | C] () -- C:\Users\Public\Desktop\Heroes of the Storm.lnk
[2015.04.21 17:24:54 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015.04.18 10:50:17 | 000,011,374 | ---- | C] () -- C:\Users\ASUS\Documents\cc_20150418_104959.reg
[2015.04.04 18:01:51 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015.04.01 22:57:31 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.03.12 00:00:49 | 000,348,672 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.03.12 00:00:40 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015.03.09 18:19:12 | 001,706,134 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.03.12 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AVAST Software
[2015.03.14 02:01:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Battle.net
[2015.03.12 22:22:55 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Dropbox
[2015.05.15 23:30:23 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\IObit
[2015.03.27 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\LolClient
[2015.04.04 18:05:18 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ProductData
[2015.03.27 21:19:47 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Riot Games
[2015.05.10 19:17:43 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2015.03.09 18:33:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\poqexec.exe:$CmdTcID
< End of report >
Extras
OTL Extras logfile created on: 15.5.2015 23:58:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,94 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 57,27% Memory free
7,87 Gb Paging File | 5,93 Gb Available in Paging File | 75,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,60 Gb Total Space | 54,47 Gb Free Space | 55,82% Space Free | Partition Type: NTFS
Drive D: | 368,07 Gb Total Space | 325,47 Gb Free Space | 88,43% Space Free | Partition Type: NTFS
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4E0564D0-314C-42F8-9C42-B5198C82F8D9}" = lport=54045 | protocol=17 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"{58DD29CF-DA51-40A4-A7EC-B936DC5D02EE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0512ABC4-DEE9-447E-A45C-7F317F9DBA87}" = protocol=6 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"{2436C7B4-10A8-49F9-85C0-6BBF4016A0D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{3EB32A62-C678-491F-B234-9CB3206B97CE}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{4FCA019C-5407-4285-A69E-16A7DBC5CD66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{51F917D1-1D03-4F6D-96FE-8FC6379D5F7B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{583385A7-C0DB-4CDF-AB65-935E3F83490E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{593242CB-D0CF-4C5F-A502-3D806BB1C33C}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{62B23D2C-872B-47F7-955E-0AC2CCDA5848}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{68B53BB5-6B51-4C38-90D5-03786B7087B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{70EAA59D-F8FA-4911-8300-ABF9304929D9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{74240C58-55D6-41B3-ABD7-067A2D5259CC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7F0A37FD-BE9F-4A37-BDC9-2689CE4D4C27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8254662A-4091-45E8-93F9-4079CEBCC14C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{896B3392-0C97-4EE4-81FF-3B8EC2DAFA90}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{A353B882-535D-4EF1-8F79-4ADAA186C554}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{A8BB8B02-01F8-41FB-9762-EECC2FBBE21A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AD2D18DC-3DF2-40F7-85B6-4B390304A9E7}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{B91D9DD8-BEA4-4BE6-920B-C9DE5651F070}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{C525E085-9085-48CE-8AE8-DD22BA300723}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D62A0558-F470-443A-8331-4A382A7E6B9D}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"TCP Query User{4A8F9B70-29B3-43A5-90D6-A474C81F7DAF}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{7042BD8D-C7C5-46E0-BCD0-EB5C31EB5CB2}D:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=d:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |
"TCP Query User{E463B666-EAAA-4EBF-A144-F8506AC1A3EC}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{18176B39-B9D0-4F02-8132-B27E39B9B647}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{63963D4B-5F7E-4941-BFCD-73D0C0438EFD}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{67CB1594-ACD9-44D0-84F5-9957D9662EDB}D:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=d:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 349.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0324
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C7090522-1436-4FD6-9449-B06A665E2537}" = Intel(R) Chipset Device Software
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logitech Gaming Software 8.58
"WinRAR archiver" = WinRAR 5.21 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.3
"{5ae11e9e-c192-4030-97b5-2f83e0edf570}" = Intel® Chipset Device Software
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{BD3AE453-BBFB-47C0-8999-7D1CB0188BA5}" = System Requirements Lab Detection
"{c38b75ca-6796-40ee-a6df-a8d19c128d94}" = osu!
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Afterburner" = MSI Afterburner 4.1.0
"Avast" = Avast Free Antivirus
"Battle.net" = Battle.net
"CEVO CS:GO Client Beta_is1" = CEVO CS:GO Client Beta version 1.0
"Driver Booster_is1" = Driver Booster 2.3
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IObitUninstall" = IObit Uninstaller
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Razer Game Booster_is1" = Razer Game Booster
"Razer Surround" = Razer Surround
"Smart Defrag 4_is1" = Smart Defrag 4
"Steam" = Steam
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 43110" = Metro 2033
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.5.2015 15:06:58 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CelavimusClient.exe, verze: 1.4.0.0, časové
razítko: 0x550783bc Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18798,
časové razítko: 0x5507b485 Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1980 Čas spuštění chybující aplikace: 0x01d08b5471ade54a Cesta k chybující
aplikaci: C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ba8d2ded-f747-11e4-90fa-60a44c5075e6
Error - 10.5.2015 15:07:28 | Computer Name = ASUS-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 10.5.2015 15:07:28 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: CelavimusClient.exe, verze: 1.4.0.0, časové
razítko: 0x550783bc Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18798,
časové razítko: 0x5507b485 Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1234 Čas spuštění chybující aplikace: 0x01d08b548dd074c1 Cesta k chybující
aplikaci: C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: ccb8c839-f747-11e4-90fa-60a44c5075e6
Error - 11.5.2015 15:34:08 | Computer Name = ASUS-PC | Source = VSS | ID = 8194
Description =
Error - 12.5.2015 15:32:01 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program nvcplui.exe verze 8.1.770.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
2c42c Čas spuštění: 01d08ccbf09e7782 Čas ukončení: 1021 Cesta k aplikaci: C:\Program
Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe ID hlášení:
Error - 15.5.2015 14:12:58 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 3c45c Čas
spuštění: 01d08f37cf85e94a Čas ukončení: 2468 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 15:28:15 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 4af34 Čas
spuštění: 01d08f3e0339afd4 Čas ukončení: 9201 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 16:01:59 | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 61834 Čas
spuštění: 01d08f4981fe2281 Čas ukončení: 0 Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Counter-Strike
Global Offensive\csgo.exe ID hlášení:
Error - 15.5.2015 17:01:02 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: chrome.exe, verze: 42.0.2311.90, časové
razítko: 0x552c2225 Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7601.18532,
časové razítko: 0x53c3352a Kód výjimky: 0xc0020043 Posun chyby: 0x0005d111 ID chybujícího
procesu: 0x888 Čas spuštění chybující aplikace: 0x01d08f5234a2cedd Cesta k chybující
aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Cesta k chybujícímu
modulu: C:\Windows\syswow64\RPCRT4.dll ID zprávy: 7e4e1d0d-fb45-11e4-8d8b-60a44c5075e6
Error - 15.5.2015 17:48:07 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rads_user_kernel.exe, verze: 0.0.0.0, časové
razítko: 0x4e65c1ac Název chybujícího modulu: rads_user_kernel.exe, verze: 0.0.0.0,
časové razítko: 0x4e65c1ac Kód výjimky: 0xc0000005 Posun chyby: 0x000b8554 ID chybujícího
procesu: 0xcd0 Čas spuštění chybující aplikace: 0x01d08f58d295be23 Cesta k chybující
aplikaci: D:\RADS\system\rads_user_kernel.exe Cesta k chybujícímu modulu: D:\RADS\system\rads_user_kernel.exe
ID
zprávy: 11f39174-fb4c-11e4-892c-60a44c5075e6
[ System Events ]
Error - 29.4.2015 14:35:00 | Computer Name = ASUS-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort5.
Error - 29.4.2015 14:35:00 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Error - 30.4.2015 2:39:54 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:55 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:56 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:57 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:58 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:59 | Computer Name = ASUS-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort5.
Error - 30.4.2015 2:39:59 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 5:45:05 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Služba RzKLService byla neočekávaně ukončena. Tento stav nastal již
1krát.
< End of report >
Bohužel jméno toho souboru si už nepamatuju :/
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:55 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:56 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:57 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:58 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 2:39:59 | Computer Name = ASUS-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort5.
Error - 30.4.2015 2:39:59 | Computer Name = ASUS-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.
Error - 30.4.2015 5:45:05 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Služba RzKLService byla neočekávaně ukončena. Tento stav nastal již
1krát.
< End of report >
Bohužel jméno toho souboru si už nepamatuju :/
GeForce GT 630 2GB
I5-3550 3,30GHz
4GB RAM
W7 HP
I5-3550 3,30GHz
4GB RAM
W7 HP
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezření na vir: 3590F75ABA9E...(zzzzz..)
Odinstaluj:
IObit
TuneUp
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
IObit
TuneUp
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.5.13_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl\0.8.3.1_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.33_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_1\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\poqexec.exe:$CmdTcID
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\ProgramData\DP45977C.lfl
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 77 hostů