Pomalé zapínanie PC,chod PC a vysoké teploty.. Vyřešeno

[DJAdam]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Acer PC on ne 19.07.2015 at 19:05:33,78.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.7.2015 19:06:29 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\Acer PC\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Acer PC\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Acer PC\AppData\Local\EmieSiteList deleted successfully
C:\Users\Acer PC\AppData\Local\EmieUserList deleted successfully
C:\Users\Acer PC\AppData\Local\Ubisoft Game Launcher deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23.05.2015 10:58]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.134

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04.04.2015 11:37]

Bookmark Manager - Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Old Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Old Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Acer PC\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Acer PC\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Acer PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Acer PC\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=15 folders=16 14105462 bytes)

==== Empty Temp Folders ======================

C:\Users\Acer PC\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ACERPC~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 19.07.2015 at 19:23:32,29 ======================

[Reklama]

[DJAdam]

A ten HWMonitor,nejde mi screen obrazovka tak aspon napíšem..
CPU maximálne 65 stupnov
GPU maximálne 69 stupnov

[DJAdam]

V záťaži

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[DJAdam]

Ked som to stiahol tak Avast mi to zablokoval že je tam nejaký virus..

[jaro3]

FRST?
Tak antivir vypni.

[DJAdam]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by Acer PC (administrator) on ACERASPIREX on 20-07-2015 15:39:34
Running from C:\Users\Acer PC\Desktop
Loaded Profiles: Acer PC (Available Profiles: Acer PC)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\setup\instup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-18] ()
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Dxtory Update Checker 2.0] => D:\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Acer PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-03] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-04] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-04] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3DF0F798-87FA-402A-ADF3-5DE85789567E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45EBB24D-83FA-43A8-B741-2F2DCFC276C4}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3812361727-838257335-1277264128-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Acer PC\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [2015-03-24] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3812361727-838257335-1277264128-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Acer PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Acer PC\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-07-14] (Octoshape ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-04]

Chrome:
=======
CHR Profile: C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-03]
CHR Extension: (Google Docs) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-03]
CHR Extension: (Google Drive) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-03]
CHR Extension: (YouTube) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-03]
CHR Extension: (Google Search) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-03]
CHR Extension: (Google Sheets) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-03]
CHR Extension: (Avast Online Security) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-02]
CHR Extension: (Google Wallet) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-02]
CHR Extension: (Gmail) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-03]
CHR Profile: C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Google Docs) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (Google Sheets) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Bookmark Manager) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-22]
CHR Extension: (Google Wallet) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Acer PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-06] ()
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-03] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-05-26] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 15:39 - 2015-07-20 15:40 - 00017347 _____ C:\Users\Acer PC\Desktop\FRST.txt
2015-07-20 15:38 - 2015-07-20 15:39 - 00000000 ____D C:\FRST
2015-07-20 15:37 - 2015-07-20 15:37 - 02134528 _____ (Farbar) C:\Users\Acer PC\Desktop\FRST64.exe
2015-07-19 19:21 - 2015-07-19 19:05 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-07-19 19:19 - 2015-07-19 19:23 - 00000000 ____D C:\zoek
2015-07-19 19:06 - 2015-07-19 19:23 - 00006683 _____ C:\zoek-results.log
2015-07-19 19:05 - 2015-07-19 19:19 - 00000000 ____D C:\zoek_backup
2015-07-19 19:05 - 2015-07-19 19:05 - 01308672 _____ C:\Users\Acer PC\Desktop\zoek.exe
2015-07-19 18:58 - 2015-07-19 18:58 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-19 18:29 - 2015-07-19 18:38 - 00000000 ____D C:\ProgramData\RogueKiller
2015-07-19 18:27 - 2015-07-19 18:29 - 21971528 _____ C:\Users\Acer PC\Desktop\RogueKillerX64.exe
2015-07-19 18:26 - 2015-07-19 18:26 - 00001285 _____ C:\Users\Acer PC\Desktop\JRT.txt
2015-07-19 18:19 - 2015-07-19 18:20 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Acer PC\Desktop\JRT.exe
2015-07-19 18:04 - 2015-07-19 19:21 - 00001778 _____ C:\Windows\PFRO.log
2015-07-19 16:08 - 2015-07-19 16:08 - 00001507 _____ C:\Users\Acer PC\Desktop\anti malware.txt
2015-07-19 15:51 - 2015-07-19 15:51 - 00001094 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-19 15:51 - 2015-07-19 15:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-19 15:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-19 15:51 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-19 15:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-19 15:49 - 2015-07-19 15:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Acer PC\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-19 15:47 - 2015-07-19 18:15 - 00000000 ____D C:\AdwCleaner
2015-07-19 15:46 - 2015-07-19 15:46 - 02248704 _____ C:\Users\Acer PC\Desktop\adwcleaner_4.208.exe
2015-07-19 15:40 - 2015-07-19 15:40 - 00448512 _____ (OldTimer Tools) C:\Users\Acer PC\Desktop\TFC.exe
2015-07-19 15:22 - 2015-07-19 19:22 - 00000580 _____ C:\Windows\setupact.log
2015-07-19 15:22 - 2015-07-19 15:22 - 00000000 _____ C:\Windows\setuperr.log
2015-07-19 13:14 - 2015-07-19 13:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\Acer PC\Desktop\HijackThis.exe
2015-07-18 16:53 - 2015-07-18 16:53 - 00000221 _____ C:\Users\Acer PC\Desktop\The Witcher Enhanced Edition.url
2015-07-18 10:09 - 2015-07-18 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-18 10:08 - 2015-07-18 10:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-18 10:08 - 2015-07-18 10:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-18 10:07 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-18 10:07 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-18 10:07 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-18 10:06 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-17 08:53 - 2015-07-13 23:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-17 08:53 - 2015-07-13 23:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-16 11:51 - 2015-07-14 21:05 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-16 11:50 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-16 11:50 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-16 11:50 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-16 11:38 - 2015-07-14 21:06 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-16 11:38 - 2015-07-14 21:05 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-16 11:37 - 2015-07-16 11:37 - 00002113 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-07-16 11:36 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-16 11:33 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-16 11:33 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-16 11:33 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00117392 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-16 11:33 - 2015-06-17 11:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-07-16 11:33 - 2015-06-17 11:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-16 11:12 - 2015-07-20 12:48 - 01232856 _____ C:\Windows\WindowsUpdate.log
2015-07-16 11:08 - 2015-07-16 11:30 - 292264080 _____ (NVIDIA Corporation) C:\Users\Acer PC\Desktop\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 10:57 - 2015-07-16 10:57 - 00000098 _____ C:\Users\Acer PC\Desktop\shadowplay nahravanie.bat
2015-07-15 11:11 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 11:11 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 11:11 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 11:11 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 11:11 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 11:11 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 11:11 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 11:11 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 11:11 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 11:11 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 11:11 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 11:11 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 11:11 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 11:11 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 11:11 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 11:11 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 11:10 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 11:10 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 11:10 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 11:10 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 11:10 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 11:10 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 11:10 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 11:10 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 11:10 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 11:10 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 11:10 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 11:10 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 11:10 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 11:10 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 11:10 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 11:10 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 11:10 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 11:10 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 11:10 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 11:10 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 11:10 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 11:10 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 11:10 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 11:10 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 11:10 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 11:09 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 11:09 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 11:09 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 11:09 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-15 11:09 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 11:09 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 11:09 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 11:09 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 11:09 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 11:09 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 11:09 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 11:09 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 11:09 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 11:09 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 11:09 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 11:09 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 11:09 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 11:09 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 11:09 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 11:09 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 11:09 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 11:09 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 11:09 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 11:09 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 11:09 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 11:09 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 11:09 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 11:09 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 11:09 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 11:09 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 11:09 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 11:09 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 11:09 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 11:08 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 11:08 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 11:08 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 11:08 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 11:08 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 11:08 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 11:08 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 11:08 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 11:08 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 11:08 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 11:08 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 11:08 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 11:08 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 11:08 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 11:08 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 11:08 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 11:08 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 11:08 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 11:08 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 11:08 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 11:08 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 11:08 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 11:08 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 11:08 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 11:08 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 11:07 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 11:07 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 11:07 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 11:07 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 11:07 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 11:07 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 11:07 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 11:07 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 11:07 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 11:07 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 11:07 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 11:07 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 11:07 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 11:07 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 11:07 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 11:07 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-15 11:07 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 11:07 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 11:06 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 11:06 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 11:06 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 11:06 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-14 17:32 - 2015-07-14 17:32 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Octoshape
2015-07-14 17:32 - 2015-07-14 17:32 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Mozilla
2015-07-14 17:32 - 2015-07-14 17:32 - 00000000 ____D C:\Users\Acer PC\AppData\Local\Octoshape
2015-07-14 10:54 - 2015-07-14 10:54 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\fizzy
2015-07-14 10:53 - 2015-07-14 10:54 - 00000000 ____D C:\Program Files (x86)\SSIII Solo Ultratus
2015-07-14 10:53 - 2015-07-14 10:53 - 00001147 _____ C:\Users\Acer PC\Desktop\SSIII Solo Ultratus.lnk
2015-07-14 10:53 - 2015-07-14 10:53 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSIII Solo Ultratus
2015-07-14 10:53 - 2015-07-14 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSIII Solo Ultratus
2015-07-13 11:49 - 2015-07-13 11:49 - 00000222 _____ C:\Users\Acer PC\Desktop\Metro 2033 Redux.url
2015-07-13 11:01 - 2015-07-13 11:01 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-12 16:52 - 2015-07-12 16:52 - 00000964 _____ C:\Users\Acer PC\Desktop\Bandicam.lnk
2015-07-12 16:52 - 2015-07-12 16:52 - 00000000 ____D C:\Users\Acer PC\Documents\Bandicam
2015-07-12 16:52 - 2015-07-12 16:52 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\BANDISOFT
2015-07-12 16:51 - 2015-07-12 16:52 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-07-12 16:51 - 2015-07-12 16:51 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-07-10 14:51 - 2015-07-10 14:51 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-09 12:59 - 2015-07-16 13:12 - 00000000 ____D C:\The KMPlayer
2015-07-09 12:59 - 2015-07-09 12:59 - 00000650 _____ C:\Users\Acer PC\Desktop\KMPlayer.lnk
2015-07-09 12:59 - 2015-07-09 12:59 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-07-08 13:17 - 2015-07-08 13:17 - 11698888 _____ C:\Users\Acer PC\Documents\pumus intro by DejWoch.avi
2015-07-07 16:02 - 2015-07-07 16:02 - 00000000 ____D C:\Users\Acer PC\Convert
2015-07-07 15:07 - 2015-07-07 15:07 - 00062888 _____ C:\Program Files (x86)\CSGO.veg
2015-07-06 19:01 - 2015-07-06 19:01 - 00000000 ____D C:\Users\Acer PC\AppData\Local\SplitmediaLabs
2015-07-06 18:51 - 2015-07-06 18:51 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2015-07-06 18:50 - 2015-07-06 18:50 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\SplitmediaLabs
2015-07-06 18:13 - 2015-07-06 19:12 - 00000000 ____D C:\Program Files\OBS
2015-07-06 18:13 - 2015-07-06 19:12 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-06 16:08 - 2015-07-06 16:08 - 00000221 _____ C:\Users\Acer PC\Desktop\Empire Total War.url
2015-07-05 17:37 - 2015-07-05 17:37 - 00000222 _____ C:\Users\Acer PC\Desktop\Outlast.url
2015-07-05 16:05 - 2015-07-13 11:01 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-05 16:05 - 2015-07-06 16:24 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-05 16:05 - 2015-07-05 16:05 - 02434856 _____ C:\Windows\SysWOW64\pbsvc_bc2.exe
2015-07-05 16:05 - 2015-07-05 16:05 - 00000000 ____D C:\Users\Acer PC\Documents\BFBC2
2015-07-05 09:00 - 2015-07-05 09:00 - 00000000 ____D C:\Users\Acer PC\AppData\Local\CEF
2015-07-04 10:41 - 2015-07-04 10:52 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\PhotoFiltre 7
2015-07-04 10:41 - 2015-07-04 10:41 - 00001046 _____ C:\Users\Acer PC\Desktop\PhotoFiltre 7.lnk
2015-07-04 10:41 - 2015-07-04 10:41 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-07-04 10:41 - 2015-07-04 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-07-04 10:41 - 2015-07-04 10:41 - 00000000 ____D C:\Program Files (x86)\PhotoFiltre 7
2015-07-03 12:52 - 2015-07-03 12:52 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Sony Creative Software Inc
2015-07-03 09:51 - 2015-07-03 09:51 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-07-02 12:56 - 2015-07-02 12:56 - 00000891 _____ C:\Users\Acer PC\Desktop\vegas120.exe.lnk
2015-07-02 12:47 - 2015-07-02 12:48 - 00000000 ____D C:\Users\Acer PC\AppData\Local\Sony
2015-07-02 12:47 - 2015-07-02 12:47 - 00000000 ____D C:\ProgramData\Sony
2015-07-02 12:47 - 2015-07-02 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-02 12:47 - 2015-07-02 12:47 - 00000000 ____D C:\Program Files (x86)\Sony
2015-07-02 12:44 - 2015-07-06 09:52 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Sony
2015-07-02 11:25 - 2015-07-02 11:25 - 00000553 _____ C:\Users\Acer PC\Desktop\Dxtory.lnk
2015-07-02 11:25 - 2015-07-02 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2015-07-02 11:25 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec64.dll
2015-07-02 11:25 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2015-07-02 09:52 - 2015-07-02 09:52 - 00000000 ____D C:\Users\Acer PC\Desktop\Far Cry 4
2015-07-01 17:27 - 2015-07-01 17:27 - 00001368 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-07-01 17:27 - 2015-07-01 17:27 - 00001295 _____ C:\Users\Acer PC\Desktop\Movie Maker.lnk
2015-07-01 17:27 - 2015-07-01 17:27 - 00000000 ____D C:\Windows\sk
2015-07-01 17:26 - 2015-07-01 17:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-01 17:25 - 2015-07-01 17:26 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-01 17:25 - 2015-07-01 17:25 - 00000000 ____D C:\Windows\PCHEALTH
2015-07-01 17:23 - 2015-07-08 13:01 - 00000000 ____D C:\Users\Acer PC\AppData\Local\Windows Live
2015-07-01 16:44 - 2015-07-01 16:45 - 00000000 ____D C:\Users\Acer PC\Documents\Freemake
2015-07-01 16:44 - 2015-07-01 16:45 - 00000000 ____D C:\ProgramData\Freemake
2015-07-01 16:44 - 2015-07-01 16:44 - 00001330 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2015-07-01 16:44 - 2015-07-01 16:44 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-07-01 16:44 - 2015-07-01 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-07-01 16:44 - 2015-07-01 16:44 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-07-01 14:45 - 2015-07-02 11:25 - 00000000 ____D C:\Users\Acer PC\AppData\Local\Dxtory Software
2015-07-01 14:45 - 2015-07-01 14:45 - 00000000 ____D C:\Program Files (x86)\ExKode
2015-07-01 14:44 - 2015-07-01 14:45 - 03588632 _____ (ExKode Co. Ltd. ) C:\Users\Acer PC\Desktop\DxtorySetup2.0.130.exe
2015-07-01 14:15 - 2015-07-01 14:15 - 00000000 ____D C:\Users\Acer PC\Documents\4A Games
2015-07-01 14:11 - 2015-07-01 14:11 - 00000000 ____D C:\Users\Acer PC\AppData\Local\4A Games
2015-06-30 09:25 - 2015-07-02 15:37 - 00012630 _____ C:\Users\Acer PC\Documents\TombRaider.log
2015-06-29 20:02 - 2015-06-29 20:02 - 00000222 _____ C:\Users\Acer PC\Desktop\Tomb Raider.url
2015-06-27 09:05 - 2015-06-27 09:05 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-23 14:35 - 2015-06-23 14:35 - 00000000 ____D C:\Users\Acer PC\AppData\Local\2K Games

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 15:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-20 14:44 - 2015-06-08 18:47 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-20 14:04 - 2014-12-18 15:44 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-20 11:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-20 11:12 - 2014-12-17 19:12 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3812361727-838257335-1277264128-1001
2015-07-20 10:16 - 2014-12-17 19:18 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B92F81A-C371-4B4A-A3D3-2EAE53AAA0BE}
2015-07-20 10:15 - 2015-06-02 14:21 - 00000000 ____D C:\Users\Acer PC\AppData\Local\CrashDumps
2015-07-19 19:49 - 2014-12-17 20:45 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-07-19 19:22 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-19 18:07 - 2015-06-06 16:56 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-19 18:03 - 2014-03-06 09:42 - 00000000 ____D C:\Windows\oem
2015-07-19 15:51 - 2015-06-06 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-19 15:44 - 2015-04-04 11:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-19 15:23 - 2014-12-17 19:05 - 00000000 ____D C:\Users\Acer PC
2015-07-19 12:59 - 2014-03-06 08:43 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-18 16:53 - 2014-12-18 17:02 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-18 10:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-18 10:08 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-17 18:25 - 2015-01-24 15:04 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\TS3Client
2015-07-17 16:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-17 10:33 - 2014-12-18 09:11 - 00000000 ____D C:\Windows\pss
2015-07-17 09:38 - 2014-12-20 10:41 - 00000000 ____D C:\Windows\system32\MRT
2015-07-17 08:52 - 2015-04-05 15:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 08:52 - 2015-04-05 15:45 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 15:54 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-16 11:51 - 2015-01-19 10:51 - 00001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-16 11:51 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-16 11:48 - 2015-01-19 10:52 - 00000000 ____D C:\Users\Acer PC\AppData\Local\NVIDIA Corporation
2015-07-16 11:37 - 2015-01-19 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-16 11:35 - 2014-06-17 15:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 11:33 - 2015-06-07 12:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 17:44 - 2013-08-22 16:44 - 00337904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-15 17:40 - 2014-12-19 21:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 17:40 - 2014-12-19 21:05 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 17:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 17:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sk-SK
2015-07-14 21:06 - 2015-01-19 10:51 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 19:57 - 2014-12-17 19:35 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-10 17:10 - 2014-12-18 20:46 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\Skype
2015-07-08 15:11 - 2014-12-31 12:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-07-05 16:05 - 2015-05-26 15:03 - 00000000 ____D C:\Users\Acer PC\AppData\Local\PunkBuster
2015-07-03 08:43 - 2014-12-20 10:41 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 18:02 - 2014-12-17 20:45 - 00000000 ____D C:\Users\Acer PC\Documents\My Games
2015-07-01 17:25 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-30 12:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-29 12:51 - 2015-06-10 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-06-29 12:51 - 2015-06-10 15:18 - 00000000 ____D C:\Program Files\HWiNFO64
2015-06-23 17:13 - 2015-01-21 09:50 - 00000000 ____D C:\Users\Acer PC\Desktop\Stronghold Crusader
2015-06-23 13:05 - 2015-02-07 10:52 - 00000000 ____D C:\Users\Acer PC\AppData\Roaming\uTorrent

==================== Files in the root of some directories =======

2015-07-07 15:07 - 2015-07-07 15:07 - 0062888 _____ () C:\Program Files (x86)\CSGO.veg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-19 08:37

==================== End of log ============================

[DJAdam]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by Acer PC at 2015-07-20 15:40:38
Running from C:\Users\Acer PC\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Acer PC (S-1-5-21-3812361727-838257335-1277264128-1001 - Administrator - Enabled) => C:\Users\Acer PC
Administrator (S-1-5-21-3812361727-838257335-1277264128-500 - Administrator - Disabled)
Guest (S-1-5-21-3812361727-838257335-1277264128-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3812361727-838257335-1277264128-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.5.11.45 (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Assassins Creed III v1.0.1 (HKLM-x32\...\Assassins Creed III_is1) (Version: 1.0.1 - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.3.804 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3716.57 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version: - Paradox Interactive)
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
FastStone Capture 8.1 (HKLM-x32\...\FastStone Capture) (Version: 8.1 - FastStone Soft)
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Converter verzia 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
GameRanger (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8102 - Acer Incorporated)
HWiNFO64 Version 4.64 (HKLM\...\HWiNFO64_is1) (Version: 4.64 - Martin Malík - REALiX)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Infinite HD™ App (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1c3caad7-d0ad-4f7c-87e0-f47627304993}) (Version: 1.3.3.1036 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware verzia 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft)
Metro 2033 Redux (HKLM-x32\...\Steam App 286690) (Version: - 4A GAMES)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA 3D Vision radič ovládača 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Grafický ovládač 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuálny zvuk Miracast 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Ovládací panel NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\PhotoFiltre 7) (Version: - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SSIII Solo Ultratus 1.2 (HKLM-x32\...\SSIII Solo Ultratus) (Version: 1.2 - 3RDsense)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: - )
Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0004 - Firefly Studios)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{CE8CFA2A-CF8F-4C5A-9401-33F4D78F817E}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.8.0.120 - PandoraTV)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Unity Web Player (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
War Thunder Launcher 1.0.1.467 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows 8 Manager (HKLM\...\{C5548FB4-CEAC-4D93-A360-54DFE8367F3E}) (Version: 2.2.0 - Yamicsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

01-07-2015 17:24:02 Windows Live Essentials
05-07-2015 16:03:25 Nainštalované Microsoft Visual C++ 2005 Redistributable
06-07-2015 18:51:03 Installed XSplit Gamecaster
15-07-2015 12:30:16 Windows Update
19-07-2015 18:20:41 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-19 19:06 - 2015-07-19 19:06 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {065F4047-3B70-4008-AF8B-11E47E13B40D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-08] (Adobe Systems Incorporated)
Task: {1AFB4CD0-7918-429A-8BDD-BDC63674CF9F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {3754308F-7229-4803-BA0D-50FC495237F8} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {517517A5-5A13-4C3C-BBE7-094F66F6BCE3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {7B83B803-5E5E-4A6D-AD39-CF349EA7AC5D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {84C5AF9F-7871-4A33-B3DE-5DA044729B4B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] ()
Task: {8A6784D7-E7AA-4EC3-AB7C-06203DA68212} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-12-31] (Acer Incorporated)
Task: {90EB7AAA-E70E-4600-BD1D-C72EE4548DCE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {AC2BDFE8-0D3D-4320-B058-B219581DA871} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {C6FBD1DD-3C0C-4C95-BA8B-6A7246ADE9C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {E8EAF201-9873-4AC0-B6B3-C5449EFBE5F4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {ECB1CFB4-A60B-4142-A1E1-2D10EC0CC660} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {F03F46F6-297B-4C11-89F3-A6296BB8D8BF} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-05 16:05 - 2015-07-06 16:24 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2015-05-03 07:44 - 2015-05-03 07:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 07:44 - 2015-05-03 07:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-19 15:25 - 2015-07-19 15:25 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071900\algo.dll
2015-07-20 14:43 - 2015-07-20 14:43 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15072000\algo.dll
2015-04-04 11:37 - 2015-04-04 11:37 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-05 09:00 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-07-05 09:00 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-07-16 09:09 - 2015-07-16 02:53 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2015-07-05 09:00 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-07-05 09:00 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-18 16:02 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-18 16:02 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-18 16:02 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-18 16:02 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-18 16:02 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-07-16 09:09 - 2015-07-16 02:53 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-09 10:01 - 2015-07-07 22:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-07-05 09:00 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2004search.cc -> 2004search.cc

There are 4768 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer PC\Downloads\1954465-1680x1050.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: 0150851421411946mcinstcleanup => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: CCDMonitorService => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: Intel(R) TechnologyAccessService => 2
MSCONFIG\Services: iumsvc => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UEIPSvc => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "BacKGround Agent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Octoshape Streaming Services"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{87B85081-3E32-4106-9D74-D19C4CE201BF}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{0CEE9708-BE4F-49D7-A586-CCF23DC15174}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{9303AF6C-AEFD-4DFD-864D-A73602A9B920}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BB7884FD-15CD-4216-B64E-1EA78ADD4E68}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9BC65F97-9A38-4D34-B342-8A54D64E36C1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EA789DCF-8BED-451E-AEA4-07FD6B5372D6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{77AA6952-28EE-4C46-9033-A6ADFA8945E3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3FC56E80-8B74-4BB8-AE6F-09C7A51595BD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5BCD5C63-6890-44D6-92E6-7790EF464EBF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{94ED4613-A10A-47C1-9C22-D43FD7EFEC5B}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{7840E259-3A97-4092-A803-0183523E931C}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{F4153DAE-8974-4BFD-8047-20498E968DDD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{324D6ED1-09CF-4638-BE66-458599248807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3D8D98B4-C9C2-4497-941A-AE3BC8602581}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3315A4A0-135F-49A5-9000-4DA1A9720893}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BF87CA1A-E333-4D48-9B7F-27FCFC7FB850}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B6249A27-C02C-4F27-A548-F9EE990B0306}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{900443D3-1A7D-46E6-81E4-1555755BDF22}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A98E88FC-4EBA-45F7-8748-492DF6444CFF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A1D6606D-6B3D-4A43-8E96-174FA5355FD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F2A6DC0E-97A7-430C-A276-E53FD668DC1F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9B557519-30DB-41B7-BD12-0F69A05A8825}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9F30DB47-73BE-4385-A5BA-BC0435F0846F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F28D3C4-B828-47D0-8A4B-789B81538E25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{29EFDB9D-8376-45DC-8EF2-B7FCF374DED0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B3ECC20E-7921-4B91-93FD-0C7850E9EDCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{638A7DB1-FA09-4463-976C-BF93ADE868B9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5B950D5-D8B3-4730-9201-EDC5ECEA2A22}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE712D3C-471C-4960-A739-226B311D88D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CC050B05-9CB3-4586-8965-2A7F1C34E629}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{CB50633B-5AE7-4246-8F40-3BD6424A356F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E6BA0A0F-D6F9-4A7F-B79D-4020FD87C2C4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7FCD6BC0-EE4F-4415-AEEA-2FD45E9166EB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{DD16A9BE-D196-41B9-8FB7-F19853749D48}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D25D5FCE-0243-4F0C-8E21-3CEFF72D9B39}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4B7EC176-80F8-431D-A61A-23492DAB3E0B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F6F0B5A3-CBEF-4C8F-B480-4EEE26CE7048}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4002294D-DFCB-4C1F-BBF7-49AD8DCB5A35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63E3B03D-5719-49C0-8EA5-8FFE53EE6673}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F7846765-E2D9-4838-8BB0-10AD480E13DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{813E69C3-06E9-4305-90C8-D5B3A2AC83DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2BE48527-546D-461C-98EC-C7CCBD90CB55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{778AD7D4-C99E-463D-A7CF-B325A20B63B1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B1030B2D-65BE-4A76-A6B9-10C80D2AEBF5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FE9C270A-0307-4423-AA5F-A5E08727097E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C8C03622-15B5-4767-BAC6-A64D7EB48B26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{840A35A2-13A1-4638-BBB8-9D4E1FF95D6A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C8FF11A-E210-49B4-84BF-1FD98F2E810B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{876D988D-DB61-4410-9A65-ECA262BD247C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A84FF9FF-4851-45C4-A061-F0F53621AF33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29FFF6FB-A9D8-4D51-AA77-C706ECA49FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3767CDAC-9AEA-44E2-8A4B-660A62A3E17A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2015 03:41:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:40:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:35 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:34 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:33 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:32 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:31 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:30 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:29 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).

Error: (07/20/2015 03:39:28 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (1324) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 15, PgnoRoot: 56) of database C:\Windows\system32\SRU\SRUDB.dat (1266 => 1867, svchost0).


System errors:
=============
Error: (07/20/2015 01:57:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\Windows\system32\athExt.dll
Kód chyby: 126

Error: (07/20/2015 01:57:17 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Atheros AR9271 Wireless Network Adapter, {3DF0F798-87FA-402A-ADF3-5DE85789567E}, had event 74

Error: (07/20/2015 11:09:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d0a: microsoft.windowscommunicationsapps.

Error: (07/20/2015 11:09:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d0a: Evernote.Evernote.

Error: (07/20/2015 11:07:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d0a: Microsoft.BingFinance.

Error: (07/20/2015 11:07:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8000000e: AccuWeather.AccuWeatherforWindows8.

Error: (07/20/2015 11:07:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8000000e: Microsoft.WindowsReadingList.

Error: (07/20/2015 11:07:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8000000e: Microsoft.WindowsScan.

Error: (07/20/2015 11:07:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8000000e: eBayInc.eBay.

Error: (07/20/2015 11:07:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x8000000e: Microsoft.WindowsAlarms.


Microsoft Office:
=========================
Error: (07/20/2015 03:41:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:40:00 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:35 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:34 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:33 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:32 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:31 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:30 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:29 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469

Error: (07/20/2015 03:39:28 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost1324SRUJet: -3271556C:\Windows\system32\SRU\SRUDB.dat12661867469


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 4035.32 MB
Available physical RAM: 2773.98 MB
Total Virtual: 11436.32 MB
Available Virtual: 9888.26 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:223.88 GB) (Free:103.29 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.88 GB) (Free:133.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1761ADAE)

Partition: GPT Partition Type.

==================== End of log ============================

[jerabina]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-18] ()
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Dxtory Update Checker 2.0] => D:\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

C:\ProgramData\RogueKiller

Task: {065F4047-3B70-4008-AF8B-11E47E13B40D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-08] (Adobe Systems Incorporated)
Task: {90EB7AAA-E70E-4600-BD1D-C72EE4548DCE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2004search.cc -> 2004search.cc

Folder: C:\Windows\PCHEALTH
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[DJAdam]

https://www.virustotal.com/sk/file/da9e ... /analysis/

[DJAdam]

https://www.virustotal.com/sk/file/2d66 ... /analysis/

[DJAdam]

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Acer PC at 2015-07-21 11:16:50 Run:1
Running from C:\Users\Acer PC\Desktop
Loaded Profiles: Acer PC (Available Profiles: Acer PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-18] ()
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Dxtory Update Checker 2.0] => D:\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

C:\ProgramData\RogueKiller

Task: {065F4047-3B70-4008-AF8B-11E47E13B40D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-08] (Adobe Systems Incorporated)
Task: {90EB7AAA-E70E-4600-BD1D-C72EE4548DCE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\2004search.cc -> 2004search.cc

Folder: C:\Windows\PCHEALTH
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ProductUpdater => value removed successfully
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Dxtory Update Checker 2.0 => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\ProgramData\RogueKiller => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{065F4047-3B70-4008-AF8B-11E47E13B40D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{065F4047-3B70-4008-AF8B-11E47E13B40D}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{90EB7AAA-E70E-4600-BD1D-C72EE4548DCE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90EB7AAA-E70E-4600-BD1D-C72EE4548DCE}" => key removed successfully
C:\Windows\System32\Tasks\UbtFrameworkService => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101hotteens.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123expressview.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12don.info" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17gamo.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17webplace.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1autocity.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ive.net" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1traff.us" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ze.net" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2-antispyware.com" => key removed successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2004search.cc" => key removed successfully

========================= Folder: C:\Windows\PCHEALTH ========================

2015-07-01 17:25 - 2015-07-01 17:25 - 0000000 ____D () C:\Windows\PCHEALTH\ERRORREP
2015-07-01 17:25 - 2015-07-01 17:25 - 0000000 ____D () C:\Windows\PCHEALTH\ERRORREP\QHEADLES
2015-07-01 17:25 - 2015-07-01 17:25 - 0000000 ____D () C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF

====== End of Folder: ======

EmptyTemp: => 495 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 11:16:55 ====