Windows update error

[kolda]

Omlouvám se ale dřív jsem se k tomu nedostal. Tady jsou logy.

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:29:46, on 1.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\Románek\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Survarium Update Service - Unknown owner - C:\Hry\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9605 bytes


CF:

ComboFix 15-06-30.01 - Románek 01.07.2015 23:32:29.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8191.6326 [GMT 2:00]
Spuštěný z: c:\users\Romßnek\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ROMNEK~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Románek\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\SET4987.tmp
c:\windows\SysWow64\SET5351.tmp
c:\windows\SysWow64\SET7887.tmp
c:\windows\SysWow64\SET93D8.tmp
c:\windows\SysWow64\SETD951.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-01 do 2015-07-01 )))))))))))))))))))))))))))))))
.
.
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\programdata\ATI
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\program files (x86)\AMD AVT
2015-07-01 20:49 . 2015-07-01 20:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-07-01 20:41 . 2015-07-01 20:41 -------- d-----w- c:\program files (x86)\AMD
2015-07-01 10:53 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59ABE2BA-1BF9-4FDF-B53D-B87B2D91DF0A}\mpengine.dll
2015-07-01 10:48 . 2015-07-01 10:48 -------- d-----w- c:\users\Románek\AppData\Local\DayZ
2015-06-30 12:55 . 2015-06-30 12:55 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-06-30 11:50 . 2015-07-01 20:16 -------- d-----w- c:\users\Románek\AppData\Local\LumaEmu_SteamCloud
2015-06-29 18:48 . 2015-07-01 21:41 -------- d-----w- c:\users\Románek\AppData\Local\LogMeIn Hamachi
2015-06-27 19:34 . 2015-06-27 19:35 -------- d-----w- c:\users\Románek\AppData\Local\PAYDAY 2
2015-06-27 18:34 . 2014-03-05 20:19 31896 ----a-w- c:\windows\system32\drivers\zttap200.sys
2015-06-27 18:34 . 2015-06-27 19:34 -------- d-----w- c:\programdata\PAYDAY 2
2015-06-20 14:42 . 2015-06-20 14:42 102128 ----a-w- c:\windows\system32\amdave64.dll
2015-06-20 14:42 . 2015-06-20 14:42 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2015-06-20 14:42 . 2015-06-20 14:42 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-06-20 14:41 . 2015-06-20 14:41 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-06-20 14:41 . 2015-06-20 14:41 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2015-06-20 14:41 . 2015-06-20 14:41 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-06-20 14:41 . 2015-06-20 14:41 1136736 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 9420520 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 7077264 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-06-20 14:39 . 2015-06-20 14:39 8368872 ----a-w- c:\windows\system32\atiumd64.dll
2015-06-20 14:35 . 2015-06-20 14:35 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-06-20 14:28 . 2015-06-20 14:28 19339264 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-06-20 14:12 . 2015-06-20 14:12 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-06-20 14:12 . 2015-06-20 14:12 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2015-06-20 14:11 . 2015-06-20 14:11 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2015-06-20 14:11 . 2015-06-20 14:11 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2015-06-20 14:11 . 2015-06-20 14:11 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2015-06-20 14:04 . 2015-06-20 14:04 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-06-20 08:23 . 2015-06-20 08:23 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2015-06-20 08:18 . 2015-06-20 08:18 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2015-06-20 06:49 . 2015-06-20 06:49 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-06-20 06:48 . 2015-06-20 06:48 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-06-20 06:48 . 2015-06-20 06:48 5837824 ----a-w- c:\windows\system32\amdmantle64.dll
2015-06-20 06:25 . 2015-06-20 06:25 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-06-20 05:58 . 2015-06-20 05:58 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-06-20 05:57 . 2015-06-20 05:57 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-06-20 05:01 . 2015-06-20 05:01 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-06-20 04:45 . 2015-06-20 04:45 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2015-06-20 04:18 . 2015-06-20 04:18 23626752 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-06-20 04:11 . 2015-06-20 04:11 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-06-20 04:11 . 2015-06-20 04:11 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-06-20 03:49 . 2015-06-20 03:49 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-06-20 03:48 . 2015-06-20 03:48 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-06-20 03:48 . 2015-06-20 03:48 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-06-20 03:48 . 2015-06-20 03:48 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-06-20 03:48 . 2015-06-20 03:48 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-06-20 03:48 . 2015-06-20 03:48 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2015-06-20 03:44 . 2015-06-20 03:44 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-06-20 03:39 . 2015-06-20 03:39 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-06-20 03:39 . 2015-06-20 03:39 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-06-20 03:28 . 2015-06-20 03:28 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-06-20 03:28 . 2015-06-20 03:28 31232 ----a-w- c:\windows\system32\atimuixx.dll
2015-06-20 03:28 . 2015-06-20 03:28 776192 ----a-w- c:\windows\system32\atieclxx.exe
2015-06-20 03:27 . 2015-06-20 03:27 246272 ----a-w- c:\windows\system32\atiesrxx.exe
2015-06-20 03:25 . 2015-06-20 03:25 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-06-20 02:58 . 2015-06-20 02:58 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 591872 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-06-19 19:17 . 2015-06-30 22:35 -------- d-----w-ek c:\users\ROMNEK~3
2015-06-19 14:22 . 2015-06-19 14:22 -------- d-----w- c:\program files (x86)\GameforgeLive
2015-06-19 14:21 . 2015-06-30 23:56 -------- d-----w- c:\programdata\Package Cache
2015-06-14 00:48 . 2015-06-14 00:48 -------- d-----w- c:\users\Románek\AppData\Local\Dark
2015-06-13 22:53 . 2015-06-13 22:55 -------- d-----w- c:\program files (x86)\Spotiamb
2015-06-12 16:32 . 2015-06-12 16:32 -------- d-----w- c:\users\Románek\AppData\Local\Kholat
2015-06-12 11:56 . 2015-07-01 21:41 -------- d-----w- c:\users\Románek\AppData\Local\Spotify
2015-06-12 11:55 . 2015-07-01 20:37 -------- d-----w- c:\users\Románek\AppData\Roaming\Spotify
2015-06-07 13:27 . 2015-06-07 13:27 -------- d-----w- c:\programdata\Orbit
2015-06-06 17:46 . 2015-06-06 17:46 -------- d-----w- c:\users\Románek\AppData\Roaming\Promotion Software GmbH
2015-06-06 09:48 . 2015-06-06 09:48 -------- d-----w- c:\users\Románek\AppData\Local\CEF
2015-06-02 21:19 . 2015-06-02 21:19 -------- d-----w- c:\users\Románek\AppData\Roaming\Shooter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-26 16:38 . 2014-12-02 16:10 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-26 16:38 . 2014-12-02 16:10 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-20 14:42 . 2015-03-31 20:47 96448 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-06-20 14:41 . 2015-03-31 20:46 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2015-06-20 14:41 . 2015-03-31 20:46 1359752 ----a-w- c:\windows\system32\aticfx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 11102040 ----a-w- c:\windows\system32\atidxx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 7559840 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-06-20 14:39 . 2015-03-31 20:46 8381280 ----a-w- c:\windows\system32\atiumd6a.dll
2015-06-20 14:11 . 2015-03-31 20:33 47902208 ----a-w- c:\windows\system32\amdocl64.dll
2015-06-20 14:08 . 2015-03-31 20:32 40990208 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-06-20 14:04 . 2015-03-31 20:32 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-06-20 02:59 . 2015-03-31 20:09 1218560 ----a-w- c:\windows\system32\atiadlxx.dll
2015-06-20 02:59 . 2015-03-31 20:09 905728 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-06-20 02:58 . 2015-03-31 20:09 146944 ----a-w- c:\windows\system32\atig6txx.dll
2015-06-20 02:58 . 2015-03-31 20:09 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-06-20 02:32 . 2015-03-31 20:10 846848 ----a-w- c:\windows\system32\coinst_14.50.dll
2015-06-10 13:44 . 2014-12-03 18:20 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-10 12:32 . 2014-12-02 17:42 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 12:32 . 2014-12-02 17:42 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-31 20:48 . 2015-05-31 21:01 24064 ----a-w- c:\windows\zoek-delete.exe
2015-05-31 20:38 . 2015-05-31 20:04 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-31 19:36 . 2015-05-31 18:49 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-31 13:27 . 2014-12-05 13:46 70144 ----a-w- c:\windows\system32\appinfo.dll
2015-05-10 10:03 . 2014-12-05 15:03 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-05-10 10:03 . 2014-12-05 14:57 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-05-09 03:13 . 2015-06-10 13:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-02 09:49 . 2015-05-09 12:27 238376 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2015-05-01 13:17 . 2015-05-13 20:31 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 20:31 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 13:13 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 13:13 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 13:13 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-19 19:57 . 2014-12-02 17:16 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2015-05-31 18:49 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2015-05-31 18:49 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2015-05-31 18:49 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-13 03:28 . 2015-05-13 13:14 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-31 20:35 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 13:13 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 13:13 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 13:13 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-06-20 813896]
"Spotify Web Helper"="c:\users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-29 2030648]
"Spotify"="c:\users\Románek\AppData\Roaming\Spotify\Spotify.exe" [2015-06-29 7504952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-05-21 130864]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-06-20 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe;c:\program files\Echobit\Evolve\EvoSvc.exe [x]
R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Kinonih;Kinoni Virtual Bus Driver;c:\windows\system32\DRIVERS\kinonih.sys;c:\windows\SYSNATIVE\DRIVERS\kinonih.sys [x]
R3 LbAdapter;LAN Bridger Virtual Miniport Driver;c:\windows\system32\DRIVERS\lb.sys;c:\windows\SYSNATIVE\DRIVERS\lb.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver 05/30/2015 0.0.0.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Survarium Update Service;Survarium Update Service;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 zttap200;ZeroTier One Virtual Network Port;c:\windows\system32\DRIVERS\zttap200.sys;c:\windows\SYSNATIVE\DRIVERS\zttap200.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - RTCORE64
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-26 17:22 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-02 16:38]
.
2015-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 9ae81e48-6de4-483d-93a5-1e8ad8fdbde3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c356fa14-5f43-4f08-a0ca-3dfed4b0bb9f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-12-02 7637208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-Emergency 5_R.G. Mechanics_is1 - c:\users\Románek\AppData\Roaming\Emergency 5\Uninstall\unins000.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{2bceccd3-6613-4596-b748-441a06847696} - c:\programdata\Package Cache\{2bceccd3-6613-4596-b748-441a06847696}\BuildTools_Full.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{b5675cc4-ab8b-4945-8c1d-4c5479556d6a} - c:\programdata\Package Cache\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}\Avira.OE.Setup.Bundle.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\progra~2\Raptr\raptr.exe
c:\progra~2\Raptr\raptr_im.exe
.
**************************************************************************
.
Celkový čas: 2015-07-01 23:48:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-01 21:48
.
Před spuštěním: Volných bajtů: 107 732 664 320
Po spuštění: Volných bajtů: 107 132 624 896
.
- - End Of File - - 3B94C63C805DE77EC686ABEAFAF5FF1A
A36C5E4F47E84449FF07ED3517B43A31

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\SysWow64\EasyAntiCheat.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[kolda]

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:03:46, on 2.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Románek\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Románek\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Survarium Update Service - Unknown owner - C:\Hry\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8722 bytes

CF:

ComboFix 15-06-30.01 - Románek 02.07.2015 12:45:39.2.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8191.6677 [GMT 2:00]
Spuštěný z: c:\users\Romßnek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Romßnek\Desktop\CFScript.txt
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ROMNEK~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Románek\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-02 do 2015-07-02 )))))))))))))))))))))))))))))))
.
.
2015-07-02 10:53 . 2015-07-02 10:53 -------- d-----w- c:\users\ROMK~1\AppData\Local\temp
2015-07-02 10:53 . 2015-07-02 10:53 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-07-02 10:53 . 2015-07-02 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\programdata\ATI
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\program files (x86)\AMD AVT
2015-07-01 20:49 . 2015-07-01 20:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-07-01 20:41 . 2015-07-01 20:41 -------- d-----w- c:\program files (x86)\AMD
2015-07-01 10:53 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59ABE2BA-1BF9-4FDF-B53D-B87B2D91DF0A}\mpengine.dll
2015-07-01 10:48 . 2015-07-01 10:48 -------- d-----w- c:\users\Románek\AppData\Local\DayZ
2015-06-30 12:55 . 2015-06-30 12:55 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-06-30 11:50 . 2015-07-01 20:16 -------- d-----w- c:\users\Románek\AppData\Local\LumaEmu_SteamCloud
2015-06-29 18:48 . 2015-07-02 10:37 -------- d-----w- c:\users\Románek\AppData\Local\LogMeIn Hamachi
2015-06-27 19:34 . 2015-06-27 19:35 -------- d-----w- c:\users\Románek\AppData\Local\PAYDAY 2
2015-06-27 18:34 . 2014-03-05 20:19 31896 ----a-w- c:\windows\system32\drivers\zttap200.sys
2015-06-27 18:34 . 2015-06-27 19:34 -------- d-----w- c:\programdata\PAYDAY 2
2015-06-20 14:42 . 2015-06-20 14:42 102128 ----a-w- c:\windows\system32\amdave64.dll
2015-06-20 14:42 . 2015-06-20 14:42 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2015-06-20 14:42 . 2015-06-20 14:42 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-06-20 14:41 . 2015-06-20 14:41 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-06-20 14:41 . 2015-06-20 14:41 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2015-06-20 14:41 . 2015-06-20 14:41 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-06-20 14:41 . 2015-06-20 14:41 1136736 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 9420520 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 7077264 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-06-20 14:39 . 2015-06-20 14:39 8368872 ----a-w- c:\windows\system32\atiumd64.dll
2015-06-20 14:35 . 2015-06-20 14:35 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-06-20 14:28 . 2015-06-20 14:28 19339264 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-06-20 14:12 . 2015-06-20 14:12 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-06-20 14:12 . 2015-06-20 14:12 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2015-06-20 14:11 . 2015-06-20 14:11 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2015-06-20 14:11 . 2015-06-20 14:11 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2015-06-20 14:11 . 2015-06-20 14:11 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2015-06-20 14:04 . 2015-06-20 14:04 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-06-20 08:23 . 2015-06-20 08:23 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2015-06-20 08:18 . 2015-06-20 08:18 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2015-06-20 06:49 . 2015-06-20 06:49 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-06-20 06:48 . 2015-06-20 06:48 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-06-20 06:48 . 2015-06-20 06:48 5837824 ----a-w- c:\windows\system32\amdmantle64.dll
2015-06-20 06:25 . 2015-06-20 06:25 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-06-20 05:58 . 2015-06-20 05:58 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-06-20 05:57 . 2015-06-20 05:57 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-06-20 05:01 . 2015-06-20 05:01 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-06-20 04:45 . 2015-06-20 04:45 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2015-06-20 04:18 . 2015-06-20 04:18 23626752 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-06-20 04:11 . 2015-06-20 04:11 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-06-20 04:11 . 2015-06-20 04:11 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-06-20 03:49 . 2015-06-20 03:49 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-06-20 03:48 . 2015-06-20 03:48 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-06-20 03:48 . 2015-06-20 03:48 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-06-20 03:48 . 2015-06-20 03:48 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-06-20 03:48 . 2015-06-20 03:48 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-06-20 03:48 . 2015-06-20 03:48 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2015-06-20 03:44 . 2015-06-20 03:44 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-06-20 03:39 . 2015-06-20 03:39 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-06-20 03:39 . 2015-06-20 03:39 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-06-20 03:28 . 2015-06-20 03:28 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-06-20 03:28 . 2015-06-20 03:28 31232 ----a-w- c:\windows\system32\atimuixx.dll
2015-06-20 03:28 . 2015-06-20 03:28 776192 ----a-w- c:\windows\system32\atieclxx.exe
2015-06-20 03:27 . 2015-06-20 03:27 246272 ----a-w- c:\windows\system32\atiesrxx.exe
2015-06-20 03:25 . 2015-06-20 03:25 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-06-20 02:58 . 2015-06-20 02:58 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 591872 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-06-19 19:17 . 2015-07-01 21:48 -------- d-----w-ek c:\users\ROMNEK~3
2015-06-19 14:22 . 2015-06-19 14:22 -------- d-----w- c:\program files (x86)\GameforgeLive
2015-06-19 14:21 . 2015-06-30 23:56 -------- d-----w- c:\programdata\Package Cache
2015-06-14 00:48 . 2015-06-14 00:48 -------- d-----w- c:\users\Románek\AppData\Local\Dark
2015-06-13 22:53 . 2015-06-13 22:55 -------- d-----w- c:\program files (x86)\Spotiamb
2015-06-12 16:32 . 2015-06-12 16:32 -------- d-----w- c:\users\Románek\AppData\Local\Kholat
2015-06-12 11:56 . 2015-07-02 10:06 -------- d-----w- c:\users\Románek\AppData\Local\Spotify
2015-06-12 11:55 . 2015-07-02 10:08 -------- d-----w- c:\users\Románek\AppData\Roaming\Spotify
2015-06-07 13:27 . 2015-06-07 13:27 -------- d-----w- c:\programdata\Orbit
2015-06-06 17:46 . 2015-06-06 17:46 -------- d-----w- c:\users\Románek\AppData\Roaming\Promotion Software GmbH
2015-06-06 09:48 . 2015-06-06 09:48 -------- d-----w- c:\users\Románek\AppData\Local\CEF
2015-06-02 21:19 . 2015-06-02 21:19 -------- d-----w- c:\users\Románek\AppData\Roaming\Shooter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-26 16:38 . 2014-12-02 16:10 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-26 16:38 . 2014-12-02 16:10 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-20 14:42 . 2015-03-31 20:47 96448 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-06-20 14:41 . 2015-03-31 20:46 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2015-06-20 14:41 . 2015-03-31 20:46 1359752 ----a-w- c:\windows\system32\aticfx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 11102040 ----a-w- c:\windows\system32\atidxx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 7559840 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-06-20 14:39 . 2015-03-31 20:46 8381280 ----a-w- c:\windows\system32\atiumd6a.dll
2015-06-20 14:11 . 2015-03-31 20:33 47902208 ----a-w- c:\windows\system32\amdocl64.dll
2015-06-20 14:08 . 2015-03-31 20:32 40990208 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-06-20 14:04 . 2015-03-31 20:32 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-06-20 02:59 . 2015-03-31 20:09 1218560 ----a-w- c:\windows\system32\atiadlxx.dll
2015-06-20 02:59 . 2015-03-31 20:09 905728 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-06-20 02:58 . 2015-03-31 20:09 146944 ----a-w- c:\windows\system32\atig6txx.dll
2015-06-20 02:58 . 2015-03-31 20:09 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-06-20 02:32 . 2015-03-31 20:10 846848 ----a-w- c:\windows\system32\coinst_14.50.dll
2015-06-10 13:44 . 2014-12-03 18:20 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-10 12:32 . 2014-12-02 17:42 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 12:32 . 2014-12-02 17:42 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-31 20:48 . 2015-05-31 21:01 24064 ----a-w- c:\windows\zoek-delete.exe
2015-05-31 20:38 . 2015-05-31 20:04 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-31 19:36 . 2015-05-31 18:49 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-31 13:27 . 2014-12-05 13:46 70144 ----a-w- c:\windows\system32\appinfo.dll
2015-05-10 10:03 . 2014-12-05 15:03 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-05-10 10:03 . 2014-12-05 14:57 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-05-09 03:13 . 2015-06-10 13:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-02 09:49 . 2015-05-09 12:27 238376 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2015-05-01 13:17 . 2015-05-13 20:31 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 20:31 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 13:13 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 13:13 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 13:13 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-19 19:57 . 2014-12-02 17:16 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2015-05-31 18:49 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2015-05-31 18:49 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2015-05-31 18:49 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-13 03:28 . 2015-05-13 13:14 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-31 20:35 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 13:13 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 13:13 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 13:13 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-06-20 813896]
"Spotify Web Helper"="c:\users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-29 2030648]
"Spotify"="c:\users\Románek\AppData\Roaming\Spotify\Spotify.exe" [2015-06-29 7504952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-05-21 130864]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-06-20 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe;c:\program files\Echobit\Evolve\EvoSvc.exe [x]
R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\users\ROMNEK~1\AppData\Local\Temp\HWiNFO64A.SYS;c:\users\ROMNEK~1\AppData\Local\Temp\HWiNFO64A.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Kinonih;Kinoni Virtual Bus Driver;c:\windows\system32\DRIVERS\kinonih.sys;c:\windows\SYSNATIVE\DRIVERS\kinonih.sys [x]
R3 LbAdapter;LAN Bridger Virtual Miniport Driver;c:\windows\system32\DRIVERS\lb.sys;c:\windows\SYSNATIVE\DRIVERS\lb.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver 05/30/2015 0.0.0.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Survarium Update Service;Survarium Update Service;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 zttap200;ZeroTier One Virtual Network Port;c:\windows\system32\DRIVERS\zttap200.sys;c:\windows\SYSNATIVE\DRIVERS\zttap200.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-26 17:22 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-02 16:38]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 9ae81e48-6de4-483d-93a5-1e8ad8fdbde3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c356fa14-5f43-4f08-a0ca-3dfed4b0bb9f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-12-02 7637208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Emergency 5_R.G. Mechanics_is1 - c:\users\Románek\AppData\Roaming\Emergency 5\Uninstall\unins000.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{2bceccd3-6613-4596-b748-441a06847696} - c:\programdata\Package Cache\{2bceccd3-6613-4596-b748-441a06847696}\BuildTools_Full.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{b5675cc4-ab8b-4945-8c1d-4c5479556d6a} - c:\programdata\Package Cache\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}\Avira.OE.Setup.Bundle.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\users\Románek\AppData\Roaming\Spotify\SpotifyCrashService.exe
c:\progra~2\Raptr\raptr.exe
c:\progra~2\Raptr\raptr_im.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
.
**************************************************************************
.
Celkový čas: 2015-07-02 13:02:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-02 11:02
ComboFix2.txt 2015-07-01 21:48
.
Před spuštěním: Volných bajtů: 103 873 441 792
Po spuštění: Volných bajtů: 103 520 677 888
.
- - End Of File - - E5FAC67AFAE7C6268F516387398CBDD5
A36C5E4F47E84449FF07ED3517B43A31

[kolda]

Odkaz: https://www.virustotal.com/cs/file/6b256fb09854ad45e044661cb09c90978b1cc4816b7e0cccc77465709812bb0f/analysis/1435835455/

aswMBR:

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-07-02 13:05:56
-----------------------------
13:05:56.096 OS Version: Windows x64 6.1.7601 Service Pack 1
13:05:56.096 Number of processors: 6 586 0x200
13:05:56.096 ComputerName: ROMÁNEK-PC UserName: Románek
13:05:58.061 Initialize success
13:05:58.124 VM: initialized successfully
13:05:58.124 VM: Amd CPU supported
13:06:05.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-4
13:06:05.440 Disk 0 Vendor: ST1000DM003-1ER162 CC43 Size: 953869MB BusType: 3
13:06:05.565 Disk 0 MBR read successfully
13:06:05.565 Disk 0 MBR scan
13:06:05.565 Disk 0 Windows 7 default MBR code
13:06:05.565 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:06:05.581 Disk 0 Boot: NTFS code=2
13:06:05.581 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
13:06:05.596 Disk 0 scanning C:\Windows\system32\drivers
13:06:14.332 Service scanning
13:06:26.890 Modules scanning
13:06:26.890 Disk 0 trace - called modules:
13:06:26.937 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:06:26.937 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ae2060]
13:06:26.937 3 CLASSPNP.SYS[fffff880011bc43f] -> nt!IofCallDriver -> [0xfffffa8006b18d00]
13:06:26.937 5 ACPI.sys[fffff88000eb07a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-4[0xfffffa8006b30060]
13:06:26.953 Disk 0 statistics 95155/0/0 @ 7,51 MB/s
13:06:26.953 Scan finished successfully
13:08:22.050 Disk 0 MBR has been saved successfully to "C:\Users\Románek\Desktop\MBR.dat"
13:08:22.050 The log file has been saved successfully to "C:\Users\Románek\Desktop\aswMBR.txt"

[jerabina]

Vypni trvale Windows Defender.

ComboFix nemazal, tak ho zkus znova v nouzovém režimu a log sem opět vlož.

Na Virustotal otestuj ještě následující soubory:
c:\windows\xhunter1.sys
c:\windows\system32\DRIVERS\zttap200.sys

+ se ti tam při startu spouští hromada aplikací (CCleaner, Steam, Chrome, Spotify, Daemon Tools Lite a Hamachi), zbytečně to zpomaluje nabíhání systému, mám to povypínat?

[kolda]

Odkaz:

https://www.virustotal.com/cs/file/c1fb4656086c006117e5b93f989c8035337f2b17bc7efe87dcd04952158507b7/analysis/1435857809/
xhunter jsem nenašel.

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

[kolda]

CF:

ComboFix 15-06-30.01 - Románek 02.07.2015 19:40:56.3.6 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8191.6952 [GMT 2:00]
Spuštěný z: c:\users\Romßnek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Romßnek\Desktop\CFScript.txt
AV: Avira Antivirus *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-02 do 2015-07-02 )))))))))))))))))))))))))))))))
.
.
2015-07-02 17:49 . 2015-07-02 17:49 -------- d-----w- c:\users\ROMK~1\AppData\Local\temp
2015-07-02 17:49 . 2015-07-02 17:49 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-07-02 17:49 . 2015-07-02 17:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\programdata\ATI
2015-07-01 20:50 . 2015-07-01 20:50 -------- d-----w- c:\program files (x86)\AMD AVT
2015-07-01 20:49 . 2015-07-01 20:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-07-01 20:41 . 2015-07-01 20:41 -------- d-----w- c:\program files (x86)\AMD
2015-07-01 10:53 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59ABE2BA-1BF9-4FDF-B53D-B87B2D91DF0A}\mpengine.dll
2015-07-01 10:48 . 2015-07-01 10:48 -------- d-----w- c:\users\Románek\AppData\Local\DayZ
2015-06-30 12:55 . 2015-06-30 12:55 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2015-06-30 11:50 . 2015-07-01 20:16 -------- d-----w- c:\users\Románek\AppData\Local\LumaEmu_SteamCloud
2015-06-29 18:48 . 2015-07-02 17:34 -------- d-----w- c:\users\Románek\AppData\Local\LogMeIn Hamachi
2015-06-27 19:34 . 2015-06-27 19:35 -------- d-----w- c:\users\Románek\AppData\Local\PAYDAY 2
2015-06-27 18:34 . 2014-03-05 20:19 31896 ----a-w- c:\windows\system32\drivers\zttap200.sys
2015-06-27 18:34 . 2015-06-27 19:34 -------- d-----w- c:\programdata\PAYDAY 2
2015-06-20 14:42 . 2015-06-20 14:42 102128 ----a-w- c:\windows\system32\amdave64.dll
2015-06-20 14:42 . 2015-06-20 14:42 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2015-06-20 14:42 . 2015-06-20 14:42 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-06-20 14:42 . 2015-06-20 14:42 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-06-20 14:41 . 2015-06-20 14:41 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-06-20 14:41 . 2015-06-20 14:41 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-06-20 14:41 . 2015-06-20 14:41 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2015-06-20 14:41 . 2015-06-20 14:41 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-06-20 14:41 . 2015-06-20 14:41 1136736 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 9420520 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-06-20 14:40 . 2015-06-20 14:40 7077264 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-06-20 14:39 . 2015-06-20 14:39 8368872 ----a-w- c:\windows\system32\atiumd64.dll
2015-06-20 14:35 . 2015-06-20 14:35 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-06-20 14:28 . 2015-06-20 14:28 19339264 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-06-20 14:12 . 2015-06-20 14:12 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-06-20 14:12 . 2015-06-20 14:12 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2015-06-20 14:11 . 2015-06-20 14:11 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2015-06-20 14:11 . 2015-06-20 14:11 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2015-06-20 14:11 . 2015-06-20 14:11 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2015-06-20 14:04 . 2015-06-20 14:04 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-06-20 08:23 . 2015-06-20 08:23 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2015-06-20 08:18 . 2015-06-20 08:18 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2015-06-20 06:49 . 2015-06-20 06:49 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-06-20 06:48 . 2015-06-20 06:48 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-06-20 06:48 . 2015-06-20 06:48 5837824 ----a-w- c:\windows\system32\amdmantle64.dll
2015-06-20 06:25 . 2015-06-20 06:25 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-06-20 05:58 . 2015-06-20 05:58 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-06-20 05:57 . 2015-06-20 05:57 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-06-20 05:01 . 2015-06-20 05:01 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-06-20 04:45 . 2015-06-20 04:45 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2015-06-20 04:18 . 2015-06-20 04:18 23626752 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-06-20 04:11 . 2015-06-20 04:11 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-06-20 04:11 . 2015-06-20 04:11 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-06-20 03:49 . 2015-06-20 03:49 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-06-20 03:48 . 2015-06-20 03:48 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-06-20 03:48 . 2015-06-20 03:48 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-06-20 03:48 . 2015-06-20 03:48 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-06-20 03:48 . 2015-06-20 03:48 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-06-20 03:48 . 2015-06-20 03:48 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2015-06-20 03:44 . 2015-06-20 03:44 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-06-20 03:39 . 2015-06-20 03:39 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-06-20 03:39 . 2015-06-20 03:39 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-06-20 03:28 . 2015-06-20 03:28 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-06-20 03:28 . 2015-06-20 03:28 31232 ----a-w- c:\windows\system32\atimuixx.dll
2015-06-20 03:28 . 2015-06-20 03:28 776192 ----a-w- c:\windows\system32\atieclxx.exe
2015-06-20 03:27 . 2015-06-20 03:27 246272 ----a-w- c:\windows\system32\atiesrxx.exe
2015-06-20 03:25 . 2015-06-20 03:25 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-06-20 02:58 . 2015-06-20 02:58 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-06-20 02:58 . 2015-06-20 02:58 591872 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-06-19 19:17 . 2015-07-01 21:48 -------- d-----w-ek c:\users\ROMNEK~3
2015-06-19 14:22 . 2015-06-19 14:22 -------- d-----w- c:\program files (x86)\GameforgeLive
2015-06-19 14:21 . 2015-06-30 23:56 -------- d-----w- c:\programdata\Package Cache
2015-06-14 00:48 . 2015-06-14 00:48 -------- d-----w- c:\users\Románek\AppData\Local\Dark
2015-06-13 22:53 . 2015-06-13 22:55 -------- d-----w- c:\program files (x86)\Spotiamb
2015-06-12 16:32 . 2015-06-12 16:32 -------- d-----w- c:\users\Románek\AppData\Local\Kholat
2015-06-12 11:56 . 2015-07-02 17:34 -------- d-----w- c:\users\Románek\AppData\Local\Spotify
2015-06-12 11:55 . 2015-07-02 17:35 -------- d-----w- c:\users\Románek\AppData\Roaming\Spotify
2015-06-07 13:27 . 2015-06-07 13:27 -------- d-----w- c:\programdata\Orbit
2015-06-06 17:46 . 2015-06-06 17:46 -------- d-----w- c:\users\Románek\AppData\Roaming\Promotion Software GmbH
2015-06-06 09:48 . 2015-06-06 09:48 -------- d-----w- c:\users\Románek\AppData\Local\CEF
2015-06-02 21:19 . 2015-06-02 21:19 -------- d-----w- c:\users\Románek\AppData\Roaming\Shooter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-26 16:38 . 2014-12-02 16:10 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-26 16:38 . 2014-12-02 16:10 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-20 14:42 . 2015-03-31 20:47 96448 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-06-20 14:41 . 2015-03-31 20:46 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2015-06-20 14:41 . 2015-03-31 20:46 1359752 ----a-w- c:\windows\system32\aticfx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 11102040 ----a-w- c:\windows\system32\atidxx64.dll
2015-06-20 14:40 . 2015-03-31 20:46 7559840 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-06-20 14:39 . 2015-03-31 20:46 8381280 ----a-w- c:\windows\system32\atiumd6a.dll
2015-06-20 14:11 . 2015-03-31 20:33 47902208 ----a-w- c:\windows\system32\amdocl64.dll
2015-06-20 14:08 . 2015-03-31 20:32 40990208 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-06-20 14:04 . 2015-03-31 20:32 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-06-20 02:59 . 2015-03-31 20:09 1218560 ----a-w- c:\windows\system32\atiadlxx.dll
2015-06-20 02:59 . 2015-03-31 20:09 905728 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-06-20 02:58 . 2015-03-31 20:09 146944 ----a-w- c:\windows\system32\atig6txx.dll
2015-06-20 02:58 . 2015-03-31 20:09 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-06-20 02:32 . 2015-03-31 20:10 846848 ----a-w- c:\windows\system32\coinst_14.50.dll
2015-06-10 13:44 . 2014-12-03 18:20 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-10 12:32 . 2014-12-02 17:42 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 12:32 . 2014-12-02 17:42 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-31 20:48 . 2015-05-31 21:01 24064 ----a-w- c:\windows\zoek-delete.exe
2015-05-31 20:38 . 2015-05-31 20:04 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-31 19:36 . 2015-05-31 18:49 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-31 13:27 . 2014-12-05 13:46 70144 ----a-w- c:\windows\system32\appinfo.dll
2015-05-10 10:03 . 2014-12-05 15:03 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-05-10 10:03 . 2014-12-05 14:57 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-05-09 03:13 . 2015-06-10 13:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-02 09:49 . 2015-05-09 12:27 238376 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2015-05-01 13:17 . 2015-05-13 20:31 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 20:31 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 13:13 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 13:13 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 13:13 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-19 19:57 . 2014-12-02 17:16 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2015-05-31 18:49 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2015-05-31 18:49 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2015-05-31 18:49 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-13 03:28 . 2015-05-13 13:14 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-31 20:35 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 13:13 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 13:13 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 13:13 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-06-20 813896]
"Spotify Web Helper"="c:\users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-29 2030648]
"Spotify"="c:\users\Románek\AppData\Roaming\Spotify\Spotify.exe" [2015-06-29 7504952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-05-15 55568]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-05-21 130864]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-06-20 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 cpuz138;cpuz138;c:\users\ROMNEK~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\ROMNEK~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe;c:\program files\Echobit\Evolve\EvoSvc.exe [x]
R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\users\ROMNEK~1\AppData\Local\Temp\HWiNFO64A.SYS;c:\users\ROMNEK~1\AppData\Local\Temp\HWiNFO64A.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Kinonih;Kinoni Virtual Bus Driver;c:\windows\system32\DRIVERS\kinonih.sys;c:\windows\SYSNATIVE\DRIVERS\kinonih.sys [x]
R3 LbAdapter;LAN Bridger Virtual Miniport Driver;c:\windows\system32\DRIVERS\lb.sys;c:\windows\SYSNATIVE\DRIVERS\lb.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver 05/30/2015 0.0.0.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Survarium Update Service;Survarium Update Service;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium;c:\hry\Survarium\game\binaries\x86\survarium_service.exe Survarium [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R3 zttap200;ZeroTier One Virtual Network Port;c:\windows\system32\DRIVERS\zttap200.sys;c:\windows\SYSNATIVE\DRIVERS\zttap200.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-26 17:22 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-02 16:38]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02 16:00]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 9ae81e48-6de4-483d-93a5-1e8ad8fdbde3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-03-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c356fa14-5f43-4f08-a0ca-3dfed4b0bb9f.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-12-02 7637208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Emergency 5_R.G. Mechanics_is1 - c:\users\Románek\AppData\Roaming\Emergency 5\Uninstall\unins000.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{2bceccd3-6613-4596-b748-441a06847696} - c:\programdata\Package Cache\{2bceccd3-6613-4596-b748-441a06847696}\BuildTools_Full.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{b5675cc4-ab8b-4945-8c1d-4c5479556d6a} - c:\programdata\Package Cache\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}\Avira.OE.Setup.Bundle.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-07-02 19:51:11
ComboFix-quarantined-files.txt 2015-07-02 17:51
ComboFix2.txt 2015-07-02 11:02
ComboFix3.txt 2015-07-01 21:48
.
Před spuštěním: Volných bajtů: 82 687 647 744
Po spuštění: Volných bajtů: 82 505 904 128
.
- - End Of File - - 23125378EAC778CE4F716B136796D714
A36C5E4F47E84449FF07ED3517B43A31

[kolda]

Aktualizace stále nefungují, jestli už se nedá nic dělat tak to přežiju a počkám na windows 10 :)

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[kolda]

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Románek (administrator) on ROMÁNEK-PC on 02-07-2015 23:09:32
Running from C:\Users\Románek\Desktop
Loaded Profiles: Románek (Available Profiles: Románek & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(CPUID) C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Sony Online Entertainment) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Khrona LLC) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\AwesomiumProcess.exe
(www.motioninjoy.com) C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
(Warner Bros. Interactive Entertainment) C:\Hry\LEGO Jurassic World\LEGOJurassicWorld_DX11.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-12-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\...\Run: [F5CBC31FED5F9E149B33CD8FD7071EAFCB3D68C3._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1905423987-2345478020-1346617251-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{634DE59C-55F2-47A0-A5BD-7B5854DF83FA}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Románek\AppData\Roaming\Mozilla\Firefox\Profiles\OnlD6EQF.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-26] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1905423987-2345478020-1346617251-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-1905423987-2345478020-1346617251-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Románek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Extension: No Name - C:\Users\Románek\AppData\Roaming\Mozilla\Firefox\Profiles\OnlD6EQF.default\extensions\abs@avira.com [not found]

Chrome:
=======
CHR Profile: C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-02]
CHR Extension: (Google Docs) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-02]
CHR Extension: (Google Drive) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-02]
CHR Extension: (YouTube) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-02]
CHR Extension: (Adblock Plus) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-02]
CHR Extension: (Google Search) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-02]
CHR Extension: (Asphalt 8 Airborne HD) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhckmcgeipepjebbiojnmglhgodebhde [2014-12-02]
CHR Extension: (Google Sheets) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-02]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-12-02]
CHR Extension: (Google Wallet) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-02]
CHR Extension: (Gmail) - C:\Users\Románek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-02]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-20] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-04] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-02] (EasyAntiCheat Ltd)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2015-04-22] (Echobit LLC)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-05-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-22] (GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
S3 Survarium Update Service; C:\Hry\Survarium\game\binaries\x86\survarium_service.exe [76408 2015-01-24] ()
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-03] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-01-13] (BitRaider)
R3 cpuz138; C:\Users\Románek\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2015-07-02] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-06] (Disc Soft Ltd)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-01-05] (Echobit, LLC)
S3 Kinonih; C:\Windows\System32\DRIVERS\kinonih.sys [32256 2015-02-03] (Kinoni)
S3 LbAdapter; C:\Windows\System32\DRIVERS\lb.sys [21656 2010-06-07] (Echobit, LLC)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2015-03-02] (http://libusb-win32.sourceforge.net)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 zttap200; C:\Windows\System32\DRIVERS\zttap200.sys [31896 2014-03-05] ()
S3 HWiNFO32; \??\C:\Users\ROMNEK~1\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 23:09 - 2015-07-02 23:10 - 00015387 _____ C:\Users\Románek\Desktop\FRST.txt
2015-07-02 23:09 - 2015-07-02 23:09 - 00000000 ____D C:\FRST
2015-07-02 23:07 - 2015-07-02 23:08 - 02112512 _____ (Farbar) C:\Users\Románek\Desktop\FRST64.exe
2015-07-02 20:24 - 2015-07-02 20:24 - 00000056 _____ C:\Windows\setupact.log
2015-07-02 20:24 - 2015-07-02 20:24 - 00000000 _____ C:\Windows\setuperr.log
2015-07-02 00:51 - 2015-07-02 00:51 - 00000000 ____D C:\Users\Románek\AppData\Local\GalaxyCommunicationService
2015-07-01 23:29 - 2015-07-01 23:47 - 00000000 ____D C:\Windows\erdnt
2015-07-01 22:50 - 2015-07-01 22:50 - 00000000 ____D C:\ProgramData\ATI
2015-07-01 22:50 - 2015-07-01 22:50 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-07-01 22:49 - 2015-07-01 22:49 - 00063792 _____ C:\Windows\SysWOW64\CCCInstall_201507012249293267.log
2015-07-01 22:48 - 2015-07-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-01 22:19 - 2015-07-01 22:19 - 00057519 _____ C:\Windows\SysWOW64\CCCInstall_201507012219182726.log
2015-07-01 19:16 - 2015-07-01 19:16 - 00015536 _____ C:\Users\Románek\Downloads\[kat.cr]sniper.ghost.warrior.2.dlcs.dz.repack.torrent
2015-07-01 12:48 - 2015-07-01 12:48 - 00000000 ____D C:\Users\Románek\AppData\Local\DayZ
2015-06-30 14:09 - 2015-06-30 14:18 - 351564527 _____ C:\Users\Románek\Downloads\NewPatch.rar
2015-06-30 13:50 - 2015-07-01 22:16 - 00000000 ____D C:\Users\Románek\AppData\Local\LumaEmu_SteamCloud
2015-06-30 13:22 - 2015-06-30 13:22 - 00000000 ___SH C:\Users\Románek\AppData\Local\LumaEmu
2015-06-27 21:34 - 2015-06-27 21:35 - 00000000 ____D C:\Users\Románek\AppData\Local\PAYDAY 2
2015-06-27 20:34 - 2015-06-27 21:34 - 00000000 ____D C:\ProgramData\PAYDAY 2
2015-06-27 20:34 - 2015-06-27 20:34 - 00000696 _____ C:\Users\Public\Desktop\PAYDAY 2.lnk
2015-06-27 20:34 - 2015-06-27 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PAYDAY 2
2015-06-27 20:34 - 2014-03-05 22:19 - 00031896 _____ C:\Windows\system32\Drivers\zttap200.sys
2015-06-27 14:28 - 2015-06-27 14:28 - 00000082 _____ C:\Users\Románek\Documents\cc_20150627_142759.reg
2015-06-27 14:27 - 2015-06-27 14:27 - 00211066 _____ C:\Users\Románek\Documents\cc_20150627_142738.reg
2015-06-27 14:27 - 2015-06-27 14:27 - 00002616 _____ C:\Users\Románek\Documents\cc_20150627_142750.reg
2015-06-26 19:47 - 2015-06-26 19:47 - 00058394 _____ C:\Windows\SysWOW64\CCCInstall_201506261947214056.log
2015-06-26 18:28 - 2015-06-26 18:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-20 16:42 - 2015-06-20 16:42 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-06-20 16:42 - 2015-06-20 16:42 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-06-20 16:42 - 2015-06-20 16:42 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-06-20 16:42 - 2015-06-20 16:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-06-20 16:42 - 2015-06-20 16:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-06-20 16:41 - 2015-06-20 16:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-06-20 16:40 - 2015-06-20 16:40 - 09420520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-06-20 16:40 - 2015-06-20 16:40 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-06-20 16:39 - 2015-06-20 16:39 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-06-20 16:35 - 2015-06-20 16:35 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-06-20 16:28 - 2015-06-20 16:28 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-06-20 16:12 - 2015-06-20 16:12 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-06-20 16:12 - 2015-06-20 16:12 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-06-20 16:11 - 2015-06-20 16:11 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-06-20 16:11 - 2015-06-20 16:11 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-06-20 16:11 - 2015-06-20 16:11 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-06-20 16:04 - 2015-06-20 16:04 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-20 10:23 - 2015-06-20 10:23 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-06-20 10:18 - 2015-06-20 10:18 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2015-06-20 08:49 - 2015-06-20 08:49 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-06-20 08:48 - 2015-06-20 08:48 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-06-20 08:48 - 2015-06-20 08:48 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-06-20 08:25 - 2015-06-20 08:25 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-06-20 07:58 - 2015-06-20 07:58 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-06-20 07:57 - 2015-06-20 07:57 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-06-20 07:01 - 2015-06-20 07:01 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-06-20 06:45 - 2015-06-20 06:45 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-06-20 06:18 - 2015-06-20 06:18 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-06-20 06:11 - 2015-06-20 06:11 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-06-20 06:11 - 2015-06-20 06:11 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-06-20 06:06 - 2015-06-20 06:06 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-06-20 05:51 - 2015-06-20 05:51 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-06-20 05:49 - 2015-06-20 05:49 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-06-20 05:49 - 2015-06-20 05:49 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-06-20 05:49 - 2015-06-20 05:49 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-06-20 05:48 - 2015-06-20 05:48 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-06-20 05:48 - 2015-06-20 05:48 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-06-20 05:48 - 2015-06-20 05:48 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-06-20 05:48 - 2015-06-20 05:48 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-06-20 05:48 - 2015-06-20 05:48 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-06-20 05:44 - 2015-06-20 05:44 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-06-20 05:39 - 2015-06-20 05:39 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-06-20 05:39 - 2015-06-20 05:39 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-06-20 05:28 - 2015-06-20 05:28 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-06-20 05:28 - 2015-06-20 05:28 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-06-20 05:28 - 2015-06-20 05:28 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-06-20 05:27 - 2015-06-20 05:27 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-06-20 05:25 - 2015-06-20 05:25 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-06-20 04:58 - 2015-06-20 04:58 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-06-20 04:58 - 2015-06-20 04:58 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-06-20 04:58 - 2015-06-20 04:58 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-06-20 04:58 - 2015-06-20 04:58 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-06-19 21:17 - 2015-07-01 23:48 - 00000000 ____D C:\Users\Rom�nek
2015-06-19 17:32 - 2015-06-19 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(CZ)
2015-06-19 16:21 - 2015-07-01 01:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-14 02:48 - 2015-06-14 02:48 - 00000000 ____D C:\Users\Románek\AppData\Local\Dark
2015-06-14 02:24 - 2015-06-14 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2015-06-14 00:53 - 2015-06-14 00:55 - 00000000 ____D C:\Program Files (x86)\Spotiamb
2015-06-12 18:32 - 2015-06-12 18:32 - 00000000 ____D C:\Users\Románek\AppData\Local\Kholat
2015-06-12 18:22 - 2015-06-12 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat
2015-06-12 18:01 - 2015-06-12 18:32 - 00000000 ____D C:\Users\Románek\Documents\Windward
2015-06-12 13:56 - 2015-07-02 20:33 - 00000000 ____D C:\Users\Románek\AppData\Local\Spotify
2015-06-12 13:56 - 2015-06-12 13:56 - 00001803 _____ C:\Users\Románek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-06-12 13:55 - 2015-07-02 20:25 - 00000000 ____D C:\Users\Románek\AppData\Roaming\Spotify
2015-06-10 15:42 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:42 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 15:42 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:42 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 15:42 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:42 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 15:42 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 15:42 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 15:42 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 15:42 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 15:42 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 15:42 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 15:42 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 15:42 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 15:42 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 15:42 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 15:42 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 15:42 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 15:42 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 15:42 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:42 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 15:42 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 15:42 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 15:42 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 15:42 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 15:42 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 15:42 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 15:42 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 15:42 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 15:42 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 15:42 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 15:42 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:42 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:42 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:42 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:42 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:42 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:42 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:42 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:42 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:42 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:42 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:42 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:42 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:42 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:42 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:42 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:42 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:42 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:42 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:42 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:42 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:42 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:42 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:42 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:42 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:42 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:42 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:42 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:42 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:42 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:42 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:42 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:42 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:42 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:42 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:42 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:42 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:42 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:42 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:42 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:42 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:42 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:42 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:42 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:42 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:42 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:42 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:42 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:42 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:42 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:42 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:42 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:42 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:42 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:25 - 2015-06-10 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Pharma
2015-06-07 15:27 - 2015-06-07 15:27 - 00000000 ____D C:\ProgramData\Orbit
2015-06-07 00:40 - 2015-06-07 00:40 - 00000000 ____D C:\Users\Románek\Documents\DyingLight
2015-06-06 22:32 - 2015-06-06 22:32 - 00000080 _____ C:\Users\Románek\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-06 19:46 - 2015-06-06 19:46 - 00000000 ____D C:\Users\Románek\AppData\Roaming\Promotion Software GmbH
2015-06-06 11:48 - 2015-06-06 11:48 - 00000000 ____D C:\Users\Románek\AppData\Local\CEF
2015-06-02 23:19 - 2015-06-02 23:19 - 00000000 ____D C:\Users\Románek\AppData\Roaming\Shooter

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-02 23:00 - 2014-12-02 18:38 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-07-02 22:38 - 2014-12-02 18:10 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-02 22:18 - 2014-12-02 18:00 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-02 22:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-02 22:03 - 2014-12-03 00:22 - 01193321 _____ C:\Windows\WindowsUpdate.log
2015-07-02 21:40 - 2014-12-02 22:32 - 00000000 ____D C:\Users\Románek\Documents\My Games
2015-07-02 21:09 - 2015-05-18 15:31 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-02 20:33 - 2009-07-14 06:45 - 00023888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-02 20:33 - 2009-07-14 06:45 - 00023888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-02 20:27 - 2015-01-02 23:42 - 00000000 ____D C:\Users\Románek\AppData\Roaming\Raptr
2015-07-02 20:24 - 2014-12-02 18:00 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-02 20:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-02 20:23 - 2015-05-29 15:14 - 00003030 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-02 20:17 - 2015-05-31 22:50 - 00000000 ____D C:\Users\Románek\AppData\Local\CrashDumps
2015-07-02 20:17 - 2014-12-02 19:34 - 00000000 ____D C:\Users\Románek\AppData\Roaming\uTorrent
2015-07-02 19:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-02 19:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-02 18:57 - 2015-01-31 00:07 - 00000000 ____D C:\Users\Románek\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-02 18:57 - 2014-12-02 19:55 - 00000000 ____D C:\ProgramData\Steam
2015-07-02 18:24 - 2014-12-02 19:11 - 00000000 ____D C:\Hry
2015-07-02 18:24 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-02 12:09 - 2014-12-02 18:39 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-07-02 00:52 - 2015-05-19 15:29 - 00000000 ____D C:\Users\Románek\Documents\The Witcher 3
2015-07-01 23:48 - 2014-12-02 21:53 - 00000000 ____D C:\Users\Románek
2015-07-01 23:48 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-01 22:58 - 2014-12-02 17:57 - 00000000 ____D C:\AMD
2015-07-01 22:56 - 2015-04-27 19:05 - 00000000 ____D C:\Program Files\AMD
2015-07-01 22:55 - 2015-01-04 16:50 - 00000000 __SHD C:\Users\Románek\AppData\Local\EmieUserList
2015-07-01 22:55 - 2015-01-04 16:50 - 00000000 __SHD C:\Users\Románek\AppData\Local\EmieSiteList
2015-07-01 22:55 - 2015-01-04 16:50 - 00000000 __SHD C:\Users\Románek\AppData\Local\EmieBrowserModeList
2015-07-01 22:50 - 2014-12-02 18:55 - 00000000 ____D C:\ProgramData\AMD
2015-07-01 20:23 - 2015-01-10 01:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-01 14:15 - 2009-07-14 17:18 - 00668542 _____ C:\Windows\system32\perfh005.dat
2015-07-01 14:15 - 2009-07-14 17:18 - 00141202 _____ C:\Windows\system32\perfc005.dat
2015-07-01 14:15 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-30 18:04 - 2014-12-02 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-30 13:26 - 2015-04-15 22:48 - 00000000 ____D C:\Users\Románek\Documents\CPY_SAVES
2015-06-28 17:21 - 2014-12-02 19:11 - 00000000 ____D C:\Stažený
2015-06-27 14:36 - 2015-04-15 22:49 - 00000000 ____D C:\Users\Románek\AppData\Local\dxhr
2015-06-27 14:27 - 2015-05-07 14:08 - 00000000 ____D C:\Users\Románek\AppData\Roaming\TeamViewer
2015-06-27 14:27 - 2014-12-06 17:46 - 00000000 ____D C:\Users\Románek\AppData\Roaming\DAEMON Tools Lite
2015-06-26 18:38 - 2014-12-02 18:10 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-26 18:38 - 2014-12-02 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-26 18:38 - 2014-12-02 18:10 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-20 16:42 - 2015-03-31 22:47 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-06-20 16:41 - 2015-03-31 22:46 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-06-20 16:41 - 2015-03-31 22:46 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-06-20 16:40 - 2015-03-31 22:46 - 11102040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-06-20 16:40 - 2015-03-31 22:46 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-06-20 16:39 - 2015-03-31 22:46 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-06-20 16:11 - 2015-03-31 22:33 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-06-20 16:08 - 2015-03-31 22:32 - 40990208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-06-20 16:04 - 2015-03-31 22:32 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-20 04:59 - 2015-03-31 22:09 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-06-20 04:59 - 2015-03-31 22:09 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-06-20 04:58 - 2015-03-31 22:09 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-06-20 04:58 - 2015-03-31 22:09 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-06-20 04:32 - 2015-03-31 22:10 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-06-19 17:17 - 2015-05-07 14:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-19 17:16 - 2014-12-02 19:32 - 00000000 ____D C:\ProgramData\Avira
2015-06-19 16:22 - 2014-12-02 19:32 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-10 16:19 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 16:19 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 16:18 - 2009-07-14 06:45 - 00270280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 15:52 - 2014-12-03 20:20 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 15:44 - 2014-12-03 20:20 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 14:32 - 2014-12-02 19:42 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-10 14:32 - 2014-12-02 19:42 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-06 18:56 - 2015-03-08 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-06 18:06 - 2015-01-28 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light
2015-06-04 17:06 - 2015-05-07 14:06 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk

==================== Files in the root of some directories =======

2015-05-21 19:44 - 2015-05-21 19:46 - 0004956 _____ () C:\Users\Románek\AppData\Roaming\wifi_speakers.dat
2015-06-30 13:22 - 2015-06-30 13:22 - 0000000 ___SH () C:\Users\Románek\AppData\Local\LumaEmu
2014-12-02 17:51 - 2014-12-02 17:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Románek\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-27 15:12

==================== End of log ============================

[kolda]

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Románek at 2015-07-02 23:10:43
Running from C:\Users\Románek\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1905423987-2345478020-1346617251-500 - Administrator - Disabled)
Guest (S-1-5-21-1905423987-2345478020-1346617251-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1905423987-2345478020-1346617251-1002 - Limited - Enabled)
Románek (S-1-5-21-1905423987-2345478020-1346617251-1000 - Administrator - Enabled) => C:\Users\Románek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.06.0.0 - )
"Homefront" (HKLM-x32\...\{30CA29BE-BC36-4E92-9001-3D0A963D1958}_is1) (Version: 1.5.500001.0 - )
µTorrent (HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Alone in the Dark Illumination version 1.0.0 (HKLM-x32\...\Alone in the Dark Illumination_is1) (Version: 1.0.0 - Atari)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Catalyst Install Manager (HKLM\...\{453294E1-F95E-C930-7517-BDC9209ADE10}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
Big Pharma (HKLM-x32\...\Big Pharma_is1) (Version: - Positech Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.04.0003 - Bloody)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Deus Ex Human Revolution - Directors Cut verze 2.0.0.0u1 (HKLM-x32\...\Deus Ex Human Revolution - Directors Cut_is1) (Version: 2.0.0.0u1 - Sqare Enix)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Divinity - Original Sin (HKLM-x32\...\Divinity - Original Sin_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: 1.2.0.0 - Релиз от R.G. Steamgames)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.15 - Echobit, LLC)
Far Cry 4 verze v1.0 (HKLM-x32\...\Far Cry 4_is1) (Version: v1.0 - R.G. Danik1B9)
FORCED (HKLM-x32\...\Steam App 249990) (Version: - BetaDwarf)
Fraps (HKLM-x32\...\Fraps) (Version: - )
God Mode (HKLM-x32\...\Steam App 227480) (Version: - Old School Games)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V version 1.0.0 (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.0 - Rockstar Games)
Hatred (HKLM-x32\...\SGF0cmVk_is1) (Version: 1 - )
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HWiNFO64 Version 4.62 (HKLM\...\HWiNFO64_is1) (Version: 4.62 - Martin Malík - REALiX)
Injustice - Gods Among Us (HKLM-x32\...\Injustice - Gods Among Us_is1) (Version: 1.0.0.1 - VEBMAX)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
KeyDominator1 (HKLM-x32\...\BloodyKeyboard) (Version: 15.03.0001 - Bloody)
Kholat (HKLM-x32\...\Kholat_is1) (Version: - )
LEGO Jurassic World (HKLM-x32\...\LEGO Jurassic World_is1) (Version: - )
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version: - Paradox North)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Build Tools 2013 (HKLM-x32\...\{2bceccd3-6613-4596-b748-441a06847696}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
Nostale(CZ) (HKLM-x32\...\NosTale(CZ)_is1) (Version: - Gameforge 4D GmbH)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Daum Communications Corp.)
Project CARS version 1.0.1.1 (HKLM-x32\...\{11E1205D-6022-45E0-850E-36B4FCFDD32E}_is1) (Version: 1.0.1.1 - Slightly Mad Studios)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Resident Evil HD version 1.0.0 (HKLM-x32\...\Resident Evil HD_is1) (Version: 1.0.0 - Capcom)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SixaxisPairTool 0.2.3 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.2.3 - Dancing Pixel Studios)
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
SoundWire Server version 2.1 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.1 - GeorgieLabs)
Spotify (HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.27c - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
Total War: Attila (HKLM-x32\...\Total War: Attila_is1) (Version: - )
Unity Web Player (HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wasteland 2 (HKLM-x32\...\Wasteland 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

02-07-2015 18:57:03 Windows Update
02-07-2015 20:33:41 Windows Update
02-07-2015 20:39:54 Removed LogMeIn Hamachi

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-02 12:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00D11856-E1AF-488C-93B1-9377D099D96F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {0CC00F19-8BC9-43E0-A72E-8C7D70FFE592} - System32\Tasks\SUPERAntiSpyware Scheduled Task c356fa14-5f43-4f08-a0ca-3dfed4b0bb9f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {1858FFE5-7202-4567-B957-249562074763} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-26] (Adobe Systems Incorporated)
Task: {2D855AAE-4D83-440B-B3AA-93C7288DD193} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {5BC3D016-A7DA-46CE-9FFA-37FD0080B0D3} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9ae81e48-6de4-483d-93a5-1e8ad8fdbde3 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {87D0003C-CD83-4745-9EAA-7B252B2B1762} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1905423987-2345478020-1346617251-1000
Task: {88D550DF-9592-46C8-B649-15BD95EA794C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {B23B13F4-3B38-40D6-A81D-127D4FBC9EC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-02] (Google Inc.)
Task: {DBC5A91F-B096-4E6D-B369-51E5831F3302} - System32\Tasks\{A637F106-6688-4B11-874F-C93750E93BD1} => C:\Hry\Doom 3\DOOM3.EXE
Task: {E1DC445D-1479-403A-BD7A-E57D38653651} - System32\Tasks\{6CFFBD55-AD61-42C8-B435-9ECC7FDE83EE} => C:\Hry\Doom 3\DOOM3.EXE
Task: {E87D34BF-881E-407A-A1D6-6EA982EBF92B} - System32\Tasks\{DC5912EB-71EB-4442-9DC5-2B3C328B30E4} => C:\Hry\Doom 3\DOOM3.EXE
Task: {EBF6FD0D-3D88-4142-A6DB-9BAF2A6CFDE8} - System32\Tasks\{99BD84A6-E115-474E-BEE0-8E323748366E} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\Total War - Shogun 2 - Gold Edition\_Redist\vcredist_x64_2008_sp1_x64.exe" -d "C:\Program Files (x86)\Steam\steamapps\Total War - Shogun 2 - Gold Edition\_Redist"
Task: {F95BC4F7-2B4D-49AC-86C7-749F5E5B976C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-27] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9ae81e48-6de4-483d-93a5-1e8ad8fdbde3.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c356fa14-5f43-4f08-a0ca-3dfed4b0bb9f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (Whitelisted) ==============

2014-11-09 13:37 - 2014-11-09 13:37 - 00402432 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-05-27 12:05 - 2015-05-27 12:05 - 00578272 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-06-20 03:07 - 2015-06-20 03:07 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-12-05 16:57 - 2015-02-06 22:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-20 03:06 - 2015-06-20 03:06 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00197632 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-07-02 18:48 - 2015-06-12 05:11 - 01647108 _____ () C:\Hry\LEGO Jurassic World\steam_api64.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00218624 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-05-22 12:56 - 2015-05-22 12:56 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-05-22 13:36 - 2015-05-22 13:36 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-05-15 04:21 - 2015-05-15 04:21 - 02540288 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2014-08-14 02:37 - 2014-08-14 02:37 - 00027667 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libdirectsound_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00031251 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libwaveout_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00066579 _____ () C:\Program Files (x86)\Raptr\plugins\video_output\libdirectdraw_plugin.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-05-18 15:36 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-18 15:36 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-18 15:36 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-18 15:36 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-18 15:36 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-18 15:36 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-18 15:36 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-18 15:36 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-18 15:36 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-18 15:36 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-18 15:36 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-18 15:36 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-18 15:36 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2014-12-06 16:25 - 2014-12-06 16:25 - 00972712 _____ () C:\Users\Románek\AppData\LocalLow\Sony Online Entertainment\npsoeact.dll
2015-06-26 19:22 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-26 19:22 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-26 19:22 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1905423987-2345478020-1346617251-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Románek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BloodyKeyboard => "C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe" Minimum
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EvolveClient => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
MSCONFIG\startupreg: GalaxyClient =>
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Spotify => "C:\Users\Románek\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Románek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0913CC88-55AD-4069-B88D-174A5A3B025C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{63B145DF-165D-4BB1-8B36-569A14C4AAC2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6C2811F-9572-4F0A-92A6-671941DE5A6B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76E4D649-7947-4710-AA4B-00EF69B304D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C43EAC27-9F44-4617-9104-960AF4ACD682}] => (Allow) C:\Users\Románek\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F95D3205-360B-4096-972A-6868D39CC623}] => (Allow) C:\Users\Románek\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [Daum PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe
FirewallRules: [{B5D4F87D-28A2-4575-B045-1747ABC0606B}] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe
FirewallRules: [TCP Query User{021394DD-4284-4F34-B609-025DAB88EF2B}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{FF55D547-6C7D-4223-A2CE-1225B58EDEC8}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{A590E7D4-F281-4E11-A55F-2DA48F5C4D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{6A5604A8-0E88-4081-BD89-4F9A6AC6A5C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{870B7EFE-9777-4578-8FCC-1ADB6AACCFFA}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{F4222A1F-41AC-4E21-9DBE-5BEA0C48C39D}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{716E0856-0F61-4D6B-BBD6-1E97FE55C2A0}C:\hry\alien isolation\ai.exe] => (Allow) C:\hry\alien isolation\ai.exe
FirewallRules: [UDP Query User{51CA1D18-8360-478D-B7E7-6DA0778EACDF}C:\hry\alien isolation\ai.exe] => (Allow) C:\hry\alien isolation\ai.exe
FirewallRules: [TCP Query User{F6E1CED8-C16F-4B1C-ABBC-B5640C1F639F}E:\total war rome ii\rome2.exe] => (Allow) E:\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{FE8388DE-5972-4AF7-A1C9-E5DF996539BF}E:\total war rome ii\rome2.exe] => (Allow) E:\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{37000B5C-89CC-4320-8634-62D0D9B2F129}E:\divinity - original sin\shipping\eocapp.exe] => (Allow) E:\divinity - original sin\shipping\eocapp.exe
FirewallRules: [UDP Query User{12B44094-909D-4158-86E0-262327BBE769}E:\divinity - original sin\shipping\eocapp.exe] => (Allow) E:\divinity - original sin\shipping\eocapp.exe
FirewallRules: [TCP Query User{7613D461-5F17-4342-9762-A28CB10D17D8}E:\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) E:\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{2385249C-C422-4D3D-87B6-D026B428233F}E:\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) E:\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{4705EA2C-42C4-457E-8DDA-141B4926A29E}C:\hry\total war rome ii\rome2.exe] => (Allow) C:\hry\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{D977F70D-CD27-4CA1-ABAC-7ABBAF8E6C80}C:\hry\total war rome ii\rome2.exe] => (Allow) C:\hry\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{ED0FC291-E9FA-484F-8A2F-4A8D0AFAF6FF}C:\hry\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\hry\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{E9646B9E-7893-4A2D-9CA6-171216C8CD0A}C:\hry\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\hry\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{4F2285AA-4C64-4A9A-8D44-680DC21CF4DC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1DF62F43-ACEA-421F-9684-6B91EB06EB79}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{7B5F5F29-4911-4C0A-8372-4668BE621957}C:\hry\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\hry\divinity - original sin\shipping\eocapp.exe
FirewallRules: [UDP Query User{9BEE2D82-926F-46E3-B713-EDD276FBE936}C:\hry\divinity - original sin\shipping\eocapp.exe] => (Allow) C:\hry\divinity - original sin\shipping\eocapp.exe
FirewallRules: [{B396BD93-F1F5-4FF6-AE32-E9DBD052A411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{2E380138-E284-427B-92C6-6D7B8B5B0466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{DC02786B-619D-4023-9AC3-02E8121EC463}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E5E0DFB6-6A21-469A-949B-6DF87FC1F977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FCE35D62-4DFF-4D7D-B86D-138586E82950}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{CE8A7360-E05C-4E70-B06C-AB4E707A4F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{85EB04BD-0CD5-4E48-A709-F0AAD6C92D8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{615F3E23-31D7-4265-B4AA-365AC8E6CFAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E3D65746-EB5C-441F-8F8A-E8DB79405FCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{8DC2BB01-59BF-4285-8A94-FF15DD00B22E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{D20EDCB2-BD61-4387-A858-9997CE3E684E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{2C01E54F-1DAE-4EFF-8683-A232A99002AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{B2458D05-0FA0-4D36-8BF0-959B488415BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{2161A75E-C4B2-4F83-A755-F634A964E9D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E60E233F-484B-447A-AF22-2B9B48080AE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A610040E-9565-4D34-9261-F935A0DF74BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{F520F28B-6982-476B-973E-785BD5D9A878}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{7AB43DCB-91DF-4BEA-8C1E-E627FAD1D60E}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{6D58541E-BDF9-4C3C-987B-CE4FAE498F98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{F26B3FBA-0A68-4EEB-9ADC-698C19A0D4AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{07A7E4F2-BDDE-4B9A-98A3-5C6BDE4D614B}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{31AE9783-413E-4151-879B-77F7E17ED667}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{E2FC97B3-8752-4F29-8D52-58E8489BBD93}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{2182A2A6-65C4-4458-A1A2-E6A591670A51}C:\hry\far cry 4\bin\farcry4.exe] => (Allow) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{B852E644-1374-4DBF-B59C-BDAE185EC60B}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{A3D4A353-79DD-4412-BEFE-2E3E8FE7F9EC}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{819C24F5-6B90-4C64-9242-92B8F2C2F557}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{AB7774CB-9B72-45C6-BE15-BA37E6357603}] => (Block) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{8AB98365-AB26-4402-8AA4-83EAC224A876}] => (Allow) C:\Hry\Homefront\Binaries\HOMEFRONT.exe
FirewallRules: [{B03BDA80-3B0B-4FC4-95EF-DE30A950C139}] => (Allow) C:\Hry\Homefront\Binaries\HOMEFRONT.exe
FirewallRules: [{56284BE6-9C43-438C-9E47-0FA6419E6E68}] => (Allow) C:\Hry\Survarium\temp\survarium_launcher.exe
FirewallRules: [{52F98FA2-7CAF-425B-86F1-AA27E2B10232}] => (Allow) C:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{6F374C40-B2A5-4413-911A-911027FFF2FD}] => (Allow) C:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{32053B87-4AA4-488B-BEF6-E28D778EFD82}] => (Allow) C:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [{0B9497C6-D52A-48D4-AB7F-736A4E1014F3}] => (Allow) C:\Hry\Survarium\temp\survarium_updater.exe
FirewallRules: [TCP Query User{3A17C56D-7300-4A62-8E4F-513FF7E68252}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{D0E3C984-D449-4B18-B77E-282934B0CEF6}C:\hry\dying light\dyinglightgame.exe] => (Allow) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [{7797E6DF-F5C4-438C-BD5B-1CFB4E49FD79}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{E6483F3E-0BD8-475F-B15C-063A1CA6C3FC}] => (Allow) C:\Hry\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{2AB99960-8B99-4754-B424-2EBDAC4972EA}] => (Allow) C:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{CA8149EF-77A0-45A0-8286-B6D6C50D558E}] => (Allow) C:\Hry\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [TCP Query User{51CD2A79-5618-464F-B574-C04F397C5851}C:\hry\survarium\game\binaries\x86\survarium.exe] => (Allow) C:\hry\survarium\game\binaries\x86\survarium.exe
FirewallRules: [UDP Query User{C62BD589-CA93-4E73-9A1F-2904B308E4A3}C:\hry\survarium\game\binaries\x86\survarium.exe] => (Allow) C:\hry\survarium\game\binaries\x86\survarium.exe
FirewallRules: [{B5864E3F-265A-49C7-B9F2-31682AEE5F4F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6C8BFB84-CE71-42AC-8BE3-2492820DD002}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{630B0155-3868-4C16-8366-175EB4371018}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{038F4E68-EF97-406E-A198-20FA64885B45}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5F717C57-B35E-4054-A4CD-587C9DE66011}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{22524292-9E3E-49C0-845F-C5DEA529EBFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{FDC2D8E0-92B9-4B23-B0CE-7D04020936B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{72DD2FDF-9197-4980-A4EC-0D8F200F673E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{10B4F493-9E2A-4A92-B879-E023F1091AC9}] => (Allow) C:\Hry\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [{F51B270A-DFEB-4251-9722-46D13EC52016}] => (Allow) C:\Hry\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [{21D0F97C-67A6-4F91-AD6C-CBD83F11ACFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{6196BD28-8B0C-4BCB-9DCF-F46E5F96E95B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{9A8B2785-901C-493C-B390-CB7F5DE65AE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{7FACA674-5381-40EC-B613-92478C964713}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{AC30E495-D886-42A3-8C65-056330159F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FORCED\FORCED.exe
FirewallRules: [{9B277D91-8D21-4EB4-8ECF-5CEB0D743B5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FORCED\FORCED.exe
FirewallRules: [TCP Query User{D07480E9-F17F-4656-B8A2-75009E45C26A}C:\hry\baldur's gate - enhanced edition\baldur.exe] => (Allow) C:\hry\baldur's gate - enhanced edition\baldur.exe
FirewallRules: [UDP Query User{3C411B7E-372A-46D8-BAAE-4D242AA49053}C:\hry\baldur's gate - enhanced edition\baldur.exe] => (Allow) C:\hry\baldur's gate - enhanced edition\baldur.exe
FirewallRules: [TCP Query User{05D2B833-0DAE-45B3-B21C-B3DF9F903003}C:\hry\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\hry\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{E07FF494-AE48-40EA-BC6D-88E29435FCFF}C:\hry\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\hry\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{526274EC-C7E2-4D47-815B-FC3C24B9C694}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B4C1B89B-9DF4-4B41-A51D-16289101E0A0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{EAB2F109-BB5D-46D9-BC24-C96FCB850000}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{323EDCE2-0EF6-4A7B-A41F-1466DBA6A816}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F4267D0B-3021-4D5B-B589-204C8AECE90F}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{F71E7C1F-85B8-4BA2-B2E9-86B280EA78A6}C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war arena\arena.exe
FirewallRules: [{F2EA4DD2-70E1-45BA-A071-96F1D8D102A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{67926BBD-A217-4048-8F04-39A1D7ABD0C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{EFDC5EFD-89B1-494E-B1D5-6473EC087888}] => (Allow) C:\Users\Románek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6FC2259F-06B1-4362-BE0F-0427C5165CB2}] => (Allow) C:\Users\Románek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C98AAA1C-6E29-43BE-886E-0CE19A50F18F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GodMode\bin\GodMode.exe
FirewallRules: [{A75FB37F-EA1C-40D8-BBC1-BDD3DEE5B54D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GodMode\bin\GodMode.exe
FirewallRules: [{466C9832-77ED-4C5B-BE49-E36810449118}] => (Allow) C:\Users\Románek\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{BE772892-4277-4C7D-BB98-962A579423C9}] => (Allow) C:\Users\Románek\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{79419E24-0400-4047-8799-7AC0EA10777F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{EA001B49-FAF1-49C2-938C-90618F816824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{225EC581-92C4-41EA-B6B4-B22BA8B0B41A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{61BCC81F-54E5-4984-91C7-ACB4DAA24369}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C7E30232-D5CE-4E4F-8774-58E17D5EF4E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{9142ED32-2327-41A2-B827-6126749135F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{EBCD22EA-971A-43FA-AC4E-CC6D55AFA33E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{EFBC3EB5-A5EB-4180-BD80-ECE97C7D2CA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{CC22E52F-99FF-4A61-B1FA-665A97E884D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2C661EBC-4D73-4DA6-B7B3-97B9C19BB659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{52355752-A017-4A82-9FAA-959D11565D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B3B5757A-77AC-4F8E-A1D0-8910814D5BB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{55A37CEB-AFC7-44C1-9BE4-FCEB78A39855}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{059BDE03-528C-4FA2-A52F-1B4DEC4C6F25}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C846557D-1999-40CE-9E6B-368A5193F956}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7BB9E3F8-BE36-4BA2-BD18-7C91760DCC03}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5EE64AD5-C8F0-498B-A7B7-749BC2831DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{8E608B19-086A-4CDD-9E2B-0613C12A6F6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{5F34A958-3ECB-42FE-A603-1BB663A40295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War - Shogun 2 - Gold Edition\Shogun2.exe
FirewallRules: [{475721B4-E671-45F1-95A2-415A5EBC94CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War - Shogun 2 - Gold Edition\Shogun2.exe
FirewallRules: [{B399BA20-D83F-487B-804B-53A9DB7E21E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War - Shogun 2 - Gold Edition\Shogun2.exe
FirewallRules: [{98F4420A-3CB6-4B7F-A3E9-BC13DD107CFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War - Shogun 2 - Gold Edition\Shogun2.exe
FirewallRules: [{E861DDD3-E9A3-47D9-B3DF-D4B5B60F86AA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{1A3EA953-0859-4BDE-A763-BF5AF4145A3A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{DBBE8781-E5EA-4D0E-B973-76FA70CA4509}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{801B5B4D-651C-4ADD-A4B3-9BC81AABD8F0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{FE1514AA-9E63-45EC-B1F1-481DF4DA71E4}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{F2456248-4E9D-4C83-8E92-266E58E83327}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [TCP Query User{F3040F27-B742-40D1-A46D-53BB48561D67}C:\hry\total war - attila\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\hry\total war - attila\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{83A29D3D-869C-4FC9-8EB3-C8BA72D9FACB}C:\hry\total war - attila\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\hry\total war - attila\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{B2F5F338-91F6-4EE9-B00A-F859AA3D4419}C:\hry\grand theft auto v\gta5.exe] => (Allow) C:\hry\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{5B5A1B7B-8DDC-4C62-8F0F-D3584818296A}C:\hry\grand theft auto v\gta5.exe] => (Allow) C:\hry\grand theft auto v\gta5.exe
FirewallRules: [{DE9838C1-84B9-4485-A86E-C1BF51D1862D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ECF22381-21E0-4244-816B-BE60C130D615}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D27AF673-6F90-4194-A463-A2D17D6D5EA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7F14E422-9C5B-4AC7-9CD0-34C58D6033A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38B73FD5-9F91-492C-8280-BF3C6B0DDA0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{33D1D59D-8FF4-42BF-9FD3-83E542B75946}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{F05166BC-3663-40A5-9FC3-1C5CCF607B12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{72F281E3-1269-4D23-8702-534FEF0C5D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{FB2C88E5-75C3-4545-ABEF-A19CEE592124}C:\users\románek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\románek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{49961949-B726-4B45-9B45-1159ADB047F2}C:\users\románek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\románek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B7E0E10B-A9DD-4177-9FBD-1C222B21E94B}C:\hry\windward\wwserver.exe] => (Allow) C:\hry\windward\wwserver.exe
FirewallRules: [UDP Query User{55C99581-ED19-4AAD-A67A-EFB248417847}C:\hry\windward\wwserver.exe] => (Allow) C:\hry\windward\wwserver.exe
FirewallRules: [TCP Query User{F71DE22D-5CAC-4251-8E62-382C594B29FF}C:\hry\windward\windward.exe] => (Allow) C:\hry\windward\windward.exe
FirewallRules: [UDP Query User{921F7196-A600-4512-815C-A664C77D81E5}C:\hry\windward\windward.exe] => (Allow) C:\hry\windward\windward.exe
FirewallRules: [TCP Query User{C8F557FA-04D0-42CB-88D2-73008D021DFE}C:\users\románek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\románek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4A8B5C01-6A69-41C7-9C05-B13620CA9E4C}C:\users\románek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\románek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{37527486-2FAB-4C02-8D88-98953BB18761}C:\hry\starbound\win32\starbound_server.exe] => (Allow) C:\hry\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{74C9FB5A-16F6-4DB2-883D-7F9BABF67A06}C:\hry\starbound\win32\starbound_server.exe] => (Allow) C:\hry\starbound\win32\starbound_server.exe
FirewallRules: [{18EC3A5D-F1AF-49B5-9154-288A8C959E1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0155A8EC-CCAE-4C88-BF8F-140C552FEA34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{28FFA1DC-89AC-4F37-A418-03F8467DF42C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{D8E34901-F243-4A08-A065-C908A29541D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{54279860-1A01-46E0-A884-A23A9F246A4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{FEB5CCEE-0B6E-4C63-861D-526B61D330EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2EF52DA8-F06C-458F-9C5B-64EEED102792}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{97EFA8E9-139C-45DB-83D5-1C273C993785}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
FirewallRules: [{14E44145-E88E-4A9C-836F-8D86C80D077B}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
FirewallRules: [TCP Query User{B42FF423-C556-41CB-96F3-6B146F441509}C:\hry\dayz\dta\client.bin] => (Allow) C:\hry\dayz\dta\client.bin
FirewallRules: [UDP Query User{F4539F9B-B3BD-4FE8-BD27-1E2D0913D89F}C:\hry\dayz\dta\client.bin] => (Allow) C:\hry\dayz\dta\client.bin
FirewallRules: [{6909EC96-F11C-476C-93F3-A8BF0CC3C726}] => (Allow) C:\Hry\DayZ\DayZ_Launcher_x64.exe
FirewallRules: [{DEDD170A-40D4-4E30-9ED4-50BA25344896}] => (Allow) C:\Hry\DayZ\DayZ_Launcher_x64.exe
FirewallRules: [{0CCF6DDB-4EC8-4E98-A557-AB27C657AFCC}] => (Allow) C:\Hry\DayZ\DayZ_Launcher_x64.exe
FirewallRules: [{32973A08-D595-48A0-8A7E-F979C0D7E1A8}] => (Allow) C:\Hry\DayZ\DayZ_Launcher_x64.exe
FirewallRules: [{8B4F0984-FC73-4637-8BF2-23939BDDAFFD}] => (Allow) \crime.exe
FirewallRules: [{53C3D3E2-B46E-4477-881C-46E4D3B696BA}] => (Allow) \crime.exe
FirewallRules: [{DB71DF0A-FB38-4F72-A43A-C8158A856BAA}] => (Allow) C:\Hry\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9C861044-A1BF-4A27-8E29-40F9FF576B86}] => (Allow) C:\Hry\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{844D784A-0E42-4D89-8A40-35FC35CFDC0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{B62EE534-2538-4528-BC34-D037DE0A946E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2015 07:39:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Popis = ComboFix created restore point; Chyba = 0x8007043c).

Error: (07/02/2015 07:39:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
.


Operace:
Vytvoření instance serveru VSS

Error: (07/02/2015 07:39:54 PM) (Source: VSS) (EventID: 18) (User: )
Description: Chyba služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit v nouzovém režimu.
Službu Stínová kopie svazku nelze spustit v nouzovém režimu. [0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
]