kontrola logu Vyřešeno

[Varg]

Prosím tě tyhle dvě věci neumím najít
IObit Malware Fighter
Advanced SystemCare 6

Nevíš jak na to?

[Reklama]

[Varg]

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-15 10:34:33) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
SearchScopes: HKU\S-1-5-21-3832753693-3646972138-179110667-1004 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3832753693-3646972138-179110667-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
2015-11-15 09:10 - 2015-09-19 12:05 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 07:14 - 2015-09-19 12:05 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
Task: {05639E6A-F8BD-4289-AF4A-8FD0292DC87E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2A3B9A33-FC34-4825-94B0-9D5F5CF6D925} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2EE9B358-588B-44FB-8415-9211B537EBAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3C7A66F9-7B1C-4B76-AFFF-C611B04CC031} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3D4E88C9-7666-4C97-ADC9-B1990BADF374} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5A9F7E8D-6083-4E55-AC34-840E678A47B4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {878FC9E0-BB81-4372-814E-C579818BB785} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B114E92F-7603-47FA-898C-B587E4196C5E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BB31753D-C688-4DAA-BDE2-869572E36585} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BC1E005D-166D-4B5C-BE07-52935BD2D66E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C570D6EB-6F4F-442D-9F09-FAE68EE36A48} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {CAFEBF1F-F82F-4A9D-8AAC-8B8F448A0FF8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EF40356E-D95D-4F6C-BA9C-306807478AD7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2004search.cc -> 2004search.cc
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Pokki"

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05639E6A-F8BD-4289-AF4A-8FD0292DC87E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05639E6A-F8BD-4289-AF4A-8FD0292DC87E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A3B9A33-FC34-4825-94B0-9D5F5CF6D925}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A3B9A33-FC34-4825-94B0-9D5F5CF6D925}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EE9B358-588B-44FB-8415-9211B537EBAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE9B358-588B-44FB-8415-9211B537EBAB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C7A66F9-7B1C-4B76-AFFF-C611B04CC031}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7A66F9-7B1C-4B76-AFFF-C611B04CC031}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D4E88C9-7666-4C97-ADC9-B1990BADF374}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D4E88C9-7666-4C97-ADC9-B1990BADF374}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A9F7E8D-6083-4E55-AC34-840E678A47B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A9F7E8D-6083-4E55-AC34-840E678A47B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{878FC9E0-BB81-4372-814E-C579818BB785}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{878FC9E0-BB81-4372-814E-C579818BB785}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B114E92F-7603-47FA-898C-B587E4196C5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B114E92F-7603-47FA-898C-B587E4196C5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB31753D-C688-4DAA-BDE2-869572E36585}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB31753D-C688-4DAA-BDE2-869572E36585}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC1E005D-166D-4B5C-BE07-52935BD2D66E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC1E005D-166D-4B5C-BE07-52935BD2D66E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C570D6EB-6F4F-442D-9F09-FAE68EE36A48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C570D6EB-6F4F-442D-9F09-FAE68EE36A48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAFEBF1F-F82F-4A9D-8AAC-8B8F448A0FF8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAFEBF1F-F82F-4A9D-8AAC-8B8F448A0FF8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF40356E-D95D-4F6C-BA9C-306807478AD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF40356E-D95D-4F6C-BA9C-306807478AD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101hotteens.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123expressview.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12don.info" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17gamo.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17webplace.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1autocity.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ive.net" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1traff.us" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ze.net" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2-antispyware.com" => key removed successfully
"HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2004search.cc" => key removed successfully
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Pokki" => value not found.
EmptyTemp: => 105.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:34:40 ====

[jaro3]

znovu sken FRST.

[Varg]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on PETRMALENKA (15-11-2015 10:42:30)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-21] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 83.240.0.136 192.168.0.1
Tcpip\..\Interfaces\{ee0c896d-1f39-4a43-969b-4ff4c7f00d2c}: [DhcpNameServer] 83.240.0.136 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.tsbohemia.cz
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-19] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-19] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\iq10j0za.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\Free Media Player\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3832753693-3646972138-179110667-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-14] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-21] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-29]

Opera:
=======
OPR Extension: (Přeložit) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-09-25]
OPR Extension: (Gladiatus Crazy Add On) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggbidmjnmplnobkkjiinjmbnhccpkbj [2015-08-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-21] (AVAST Software)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [63040 2007-08-15] ()
S3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-21] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-08-07] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 10:36 - 2015-11-15 10:36 - 00016148 _____ C:\WINDOWS\system32\PETRMALENKA_Petr_HistoryPrediction.bin
2015-11-15 09:51 - 2015-11-15 09:51 - 00038605 _____ C:\Users\Petr\Desktop\Addition.txt
2015-11-15 09:50 - 2015-11-15 10:42 - 00013368 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-15 09:50 - 2015-11-15 10:42 - 00000000 ____D C:\FRST
2015-11-15 09:49 - 2015-11-15 09:50 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-14 20:43 - 2015-11-15 10:36 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-14 19:25 - 2015-11-14 19:25 - 00001190 _____ C:\DelFix.txt
2015-11-14 10:35 - 2015-11-14 10:18 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-14 09:50 - 2015-11-14 09:50 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-13 12:47 - 2015-11-13 12:47 - 00883372 _____ C:\Users\Petr\Downloads\PLÁN VÝROBY 2015 (20).xlsx
2015-11-12 18:05 - 2015-11-12 18:08 - 794800128 _____ C:\Users\Petr\Downloads\Tali-Ihantala 1944.avi
2015-11-12 18:03 - 2015-11-12 18:10 - 2010634458 _____ C:\Users\Petr\Downloads\1944.(2015).DVDRip.avi
2015-11-12 14:43 - 2015-11-13 17:13 - 00001088 _____ C:\Users\Petr\AppData\Local\FSDownloader.nast
2015-11-12 14:40 - 2015-11-12 14:40 - 00935936 _____ (File-share.top) C:\Users\Petr\Downloads\FSDownloader.exe
2015-11-11 18:49 - 2015-11-03 19:20 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-11 18:49 - 2015-11-03 19:20 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 14:39 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 14:39 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 14:39 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 14:39 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 14:39 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 14:39 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 14:39 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 14:39 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 14:39 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 14:39 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 14:39 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 14:39 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 14:39 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 14:39 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 14:39 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 14:39 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 14:39 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 14:39 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 14:39 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 14:39 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 14:39 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 14:39 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 14:39 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 14:39 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 14:39 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 14:39 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 14:39 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 14:39 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 14:39 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 14:39 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 14:39 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 14:39 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 14:39 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 14:39 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 14:39 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 14:39 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 14:39 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 14:39 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 14:39 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 14:39 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 14:39 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 14:39 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 14:39 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 14:39 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 14:39 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 14:39 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 14:39 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 11:27 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-10 11:27 - 2015-11-05 15:41 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-11-10 11:26 - 2015-11-07 04:19 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-10 11:26 - 2015-11-05 18:00 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 37882160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 22343800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 18487552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 18389112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 15933912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 13533608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 12870192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 02876720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435891.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435891.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00674096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00539648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00500872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00422568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00369456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-09 11:18 - 2015-11-09 11:19 - 101541048 _____ C:\Users\Petr\Downloads\2014 The Committee - Power Through Unity.rar
2015-11-08 17:20 - 2015-11-08 17:35 - 999180569 _____ C:\Users\Petr\Downloads\h118.rar
2015-11-08 17:20 - 2015-11-08 17:33 - 683350208 _____ C:\Users\Petr\Downloads\d121.rar
2015-11-07 16:04 - 2015-11-07 16:04 - 74172356 _____ C:\Users\Petr\Downloads\LIMBO.rar
2015-11-07 09:40 - 2015-11-07 09:40 - 48232380 _____ C:\Users\Petr\Downloads\Tank Genocide - La Victoire Ou La Mort (2015).rar
2015-11-06 21:42 - 2015-11-06 21:42 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 21:42 - 2015-11-06 21:42 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-06 13:16 - 2015-11-06 13:16 - 00001789 _____ C:\Users\Public\Desktop\Webium's Modpack.lnk
2015-11-06 13:12 - 2015-11-06 13:13 - 72149796 _____ (myWOTmods.com ) C:\Users\Petr\Downloads\webium-WOT-0.9.10-modpack-installer-v9.10.18.exe
2015-11-06 12:00 - 2015-11-06 12:00 - 85591380 _____ C:\Users\Petr\Downloads\Hid.rar
2015-11-05 17:46 - 2015-11-02 23:49 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-11-05 17:46 - 2015-11-02 23:49 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-11-05 17:46 - 2015-11-02 23:49 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-11-05 17:46 - 2015-11-02 18:03 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435887.dll
2015-11-05 17:46 - 2015-11-02 18:03 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435887.dll
2015-11-05 14:55 - 2015-11-05 14:55 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1397060391
2015-11-03 20:22 - 2015-11-03 20:28 - 1047527424 _____ C:\Users\Petr\Downloads\G1757.part2.rar
2015-11-03 20:22 - 2015-11-03 20:28 - 1047527424 _____ C:\Users\Petr\Downloads\G1757.part1.rar
2015-11-03 20:22 - 2015-11-03 20:22 - 69861073 _____ C:\Users\Petr\Downloads\G1757.part3.rar
2015-11-03 20:21 - 2015-11-03 20:23 - 523335796 _____ C:\Users\Petr\Downloads\sdazvmd.rar
2015-11-01 17:07 - 2015-11-01 17:07 - 00000000 ____D C:\Users\Public\Documents\SEGA Rally
2015-11-01 12:47 - 2015-11-01 12:47 - 00000000 ____D C:\Users\Petr\Documents\SEGA Rally
2015-10-29 15:37 - 2015-11-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2015-10-29 15:02 - 2015-10-29 18:52 - 00000000 ____D C:\Users\Petr\AppData\Local\ESL Wire Game Client
2015-10-29 15:02 - 2015-10-29 15:02 - 00000820 _____ C:\Users\Public\Desktop\ESL Wire.lnk
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\ProgramData\ESL Wire
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\Program Files\EslWire
2015-10-29 15:00 - 2015-10-29 15:00 - 00939656 _____ (Turtle Entertainment GmbH) C:\Users\Petr\Downloads\ESLWireSetup-1.18.0.8101.exe
2015-10-29 14:39 - 2015-10-29 14:39 - 08206600 _____ (TeamViewer GmbH) C:\Users\Petr\Downloads\TeamViewer_Setup_cs.exe
2015-10-26 17:57 - 2015-10-12 04:04 - 01710752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-26 16:55 - 2015-10-26 16:58 - 00000000 ____D C:\Users\Petr\Documents\BFH
2015-10-26 16:52 - 2015-10-26 16:52 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-10-26 14:01 - 2015-10-26 14:54 - 214300522 _____ C:\Users\Petr\Desktop\Pán Prstenů - Navrat krale.mkv
2015-10-26 12:03 - 2015-11-01 12:33 - 00000000 ____D C:\Users\Petr\Downloads\Tomáš 6
2015-10-26 09:03 - 2015-10-26 09:03 - 00001959 _____ C:\Users\Petr\Desktop\Webshare Klient.lnk
2015-10-26 09:03 - 2015-10-26 09:03 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare
2015-10-26 08:58 - 2015-10-26 08:59 - 17403694 _____ C:\Users\Petr\Downloads\FreeRapid-0.9u4.zip
2015-10-26 08:52 - 2015-10-26 09:56 - 2064831428 _____ C:\Users\Petr\Desktop\Pán Prstenů - Dvě věže.mkv
2015-10-26 06:54 - 2015-10-26 07:46 - 4043921194 _____ C:\Users\Petr\Desktop\Pán Prstenů - Společenstvo prstenu.mkv
2015-10-24 17:43 - 2015-10-26 11:23 - 00000000 ____D C:\Users\Petr\Downloads\doktoři bez hranic
2015-10-24 17:43 - 2015-10-26 09:21 - 00000000 ____D C:\Users\Petr\Downloads\přístav
2015-10-24 16:18 - 2015-10-24 16:18 - 00000279 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2015-10-23 15:18 - 2015-11-12 18:03 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Webshare
2015-10-23 15:17 - 2015-10-23 15:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-10-23 15:16 - 2015-10-26 09:03 - 00000000 ____D C:\Program Files (x86)\Webshare
2015-10-23 15:16 - 2015-10-26 09:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-21 13:42 - 2015-10-21 13:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 13:33 - 2015-10-21 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\15102101_stream
2015-10-21 13:33 - 2015-10-21 13:33 - 00000000 ____D C:\WINDOWS\SysWOW64\15102100_stream
2015-10-20 18:43 - 2015-10-20 18:43 - 00000000 ____D C:\Users\Petr\AppData\Local\CEF
2015-10-18 17:23 - 2015-10-18 17:23 - 00000000 ____D C:\Users\Petr\Documents\Codemasters
2015-10-18 17:22 - 2015-10-18 17:22 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Codemasters
2015-10-18 17:20 - 2015-10-18 17:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\InstallShield
2015-10-18 17:20 - 2015-10-18 17:20 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-18 17:03 - 2015-10-18 17:03 - 00000000 ____D C:\Users\Public\Documents\Monolith Productions
2015-10-18 17:00 - 2015-10-18 17:00 - 00000866 _____ C:\Users\Public\Desktop\F.E.A.R..lnk
2015-10-18 17:00 - 2015-10-18 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-10-18 16:59 - 2015-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Sierra

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-15 10:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-15 10:35 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 10:35 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-15 10:35 - 2014-08-04 18:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-14 19:31 - 2014-01-02 13:38 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2015-11-14 19:31 - 2013-09-08 08:53 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AIMP3
2015-11-14 19:30 - 2014-08-01 19:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-14 19:29 - 2015-01-11 09:48 - 00000000 ____D C:\Users\Petr\Downloads\backups
2015-11-13 18:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-13 17:08 - 2015-08-06 19:07 - 01787952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-13 17:08 - 2015-07-10 17:02 - 00753718 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-13 17:08 - 2015-07-10 17:02 - 00153934 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-13 13:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 18:50 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 18:49 - 2013-07-19 11:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 18:45 - 2013-05-29 06:02 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 15:11 - 2015-03-29 18:40 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-10 11:28 - 2015-08-06 18:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-10 11:28 - 2015-02-28 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-10 11:27 - 2015-08-06 18:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-09 18:29 - 2015-05-31 17:26 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-11-09 17:30 - 2015-09-21 13:34 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-09 13:24 - 2014-02-02 12:37 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-08 10:52 - 2015-08-30 08:39 - 00000000 ____D C:\Users\Petr\Desktop\Hudba 1
2015-11-05 16:08 - 2014-08-04 18:34 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-05 16:08 - 2014-08-04 18:34 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-05 15:10 - 2014-02-02 12:37 - 00003902 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-05 14:55 - 2014-04-09 17:19 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-03 16:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 12:31 - 2014-09-28 08:16 - 00000000 ____D C:\The KMPlayer
2015-10-29 16:12 - 2015-08-06 18:51 - 00000000 ____D C:\Users\Petr
2015-10-29 14:40 - 2014-10-12 18:39 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-29 13:44 - 2015-07-10 13:20 - 00382960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-29 10:32 - 2014-01-02 13:38 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-28 14:49 - 2014-08-04 18:34 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-10-26 18:16 - 2013-05-28 12:00 - 00000000 ____D C:\Users\Petr\AppData\Local\Packages
2015-10-26 18:16 - 2012-10-16 10:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-26 18:12 - 2013-05-28 14:11 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-26 17:57 - 2015-02-28 18:57 - 00001476 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-26 17:04 - 2015-09-27 09:23 - 00000000 ____D C:\Users\Petr\Downloads\filmy
2015-10-21 13:42 - 2015-04-04 20:18 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 13:42 - 2014-07-06 15:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 13:41 - 2015-04-04 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 13:37 - 2015-08-19 20:09 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Files in the root of some directories =======

2013-07-08 13:32 - 2013-07-08 13:32 - 0093696 _____ () C:\Users\Petr\AppData\Roaming\ezpinst.exe
2013-07-08 13:16 - 2013-08-02 15:04 - 0007859 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.cat
2013-07-08 13:16 - 2013-08-02 15:04 - 0001167 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.inf
2013-07-08 13:16 - 2013-08-02 15:04 - 0082816 _____ (VSO Software) C:\Users\Petr\AppData\Roaming\pcouffin.sys
2013-07-08 14:14 - 2013-08-02 15:04 - 0001057 _____ () C:\Users\Petr\AppData\Roaming\vso_ts_preview.xml
2015-11-12 14:43 - 2015-11-13 17:13 - 0001088 _____ () C:\Users\Petr\AppData\Local\FSDownloader.nast
2013-05-31 14:28 - 2013-05-31 14:28 - 0000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-08 20:11

==================== End of FRST.txt ============================

[jerabina]

Ještě by to chtělo Addition.txt

[Varg]

Jejda tak to jsem udělal něco špatně.

Raději posílám oba s dneška.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on PETRMALENKA (16-11-2015 15:13:28)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-21] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll [2013-09-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 83.240.0.135 192.168.0.1
Tcpip\..\Interfaces\{ee0c896d-1f39-4a43-969b-4ff4c7f00d2c}: [DhcpNameServer] 83.240.0.135 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.tsbohemia.cz
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-19] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-19] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\iq10j0za.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\Free Media Player\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3832753693-3646972138-179110667-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-14] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-21] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-29]

Opera:
=======
OPR Extension: (Přeložit) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-09-25]
OPR Extension: (Gladiatus Crazy Add On) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggbidmjnmplnobkkjiinjmbnhccpkbj [2015-08-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-21] (AVAST Software)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [63040 2007-08-15] ()
S3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-21] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-08-07] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-16 14:19 - 2015-11-16 14:19 - 00016148 _____ C:\WINDOWS\system32\PETRMALENKA_Petr_HistoryPrediction.bin
2015-11-15 12:52 - 2015-11-15 12:55 - 692758904 _____ (Spidla ) C:\Users\Petr\Downloads\Snomor.Utek.ze.snu_Setup.exe
2015-11-15 09:51 - 2015-11-15 09:51 - 00038605 _____ C:\Users\Petr\Desktop\Addition.txt
2015-11-15 09:50 - 2015-11-16 15:13 - 00013254 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-15 09:50 - 2015-11-16 15:13 - 00000000 ____D C:\FRST
2015-11-15 09:49 - 2015-11-15 09:50 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-14 19:25 - 2015-11-14 19:25 - 00001190 _____ C:\DelFix.txt
2015-11-14 10:35 - 2015-11-14 10:18 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-14 09:50 - 2015-11-14 09:50 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-12 18:05 - 2015-11-12 18:08 - 794800128 _____ C:\Users\Petr\Downloads\Tali-Ihantala 1944.avi
2015-11-12 18:03 - 2015-11-12 18:10 - 2010634458 _____ C:\Users\Petr\Downloads\1944.(2015).DVDRip.avi
2015-11-12 14:43 - 2015-11-13 17:13 - 00001088 _____ C:\Users\Petr\AppData\Local\FSDownloader.nast
2015-11-11 18:49 - 2015-11-03 19:20 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-11 18:49 - 2015-11-03 19:20 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 14:39 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 14:39 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 14:39 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 14:39 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 14:39 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 14:39 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 14:39 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 14:39 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 14:39 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 14:39 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 14:39 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 14:39 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 14:39 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 14:39 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 14:39 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 14:39 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 14:39 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 14:39 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 14:39 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 14:39 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 14:39 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 14:39 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 14:39 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 14:39 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 14:39 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 14:39 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 14:39 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 14:39 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 14:39 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 14:39 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 14:39 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 14:39 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 14:39 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 14:39 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 14:39 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 14:39 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 14:39 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 14:39 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 14:39 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 14:39 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 14:39 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 14:39 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 14:39 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 14:39 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 14:39 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 14:39 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 14:39 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 14:39 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 14:39 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 11:27 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-10 11:27 - 2015-11-05 15:41 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-11-10 11:26 - 2015-11-07 04:19 - 11227280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-10 11:26 - 2015-11-05 18:00 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 37882160 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 22343800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 18487552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 18389112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 15933912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 13533608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 12870192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 02876720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435891.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435891.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00674096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00539648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00500872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00422568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00369456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-10 11:26 - 2015-11-05 18:00 - 00034493 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-09 11:18 - 2015-11-09 11:19 - 101541048 _____ C:\Users\Petr\Downloads\2014 The Committee - Power Through Unity.rar
2015-11-08 17:20 - 2015-11-08 17:35 - 999180569 _____ C:\Users\Petr\Downloads\h118.rar
2015-11-08 17:20 - 2015-11-08 17:33 - 683350208 _____ C:\Users\Petr\Downloads\d121.rar
2015-11-07 16:04 - 2015-11-07 16:04 - 74172356 _____ C:\Users\Petr\Downloads\LIMBO.rar
2015-11-06 21:42 - 2015-11-06 21:42 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-06 21:42 - 2015-11-06 21:42 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-06 13:16 - 2015-11-06 13:16 - 00001789 _____ C:\Users\Public\Desktop\Webium's Modpack.lnk
2015-11-06 12:00 - 2015-11-06 12:00 - 85591380 _____ C:\Users\Petr\Downloads\Hid.rar
2015-11-05 17:46 - 2015-11-02 23:49 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-11-05 17:46 - 2015-11-02 23:49 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-11-05 17:46 - 2015-11-02 23:49 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-11-05 17:46 - 2015-11-02 18:03 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435887.dll
2015-11-05 17:46 - 2015-11-02 18:03 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435887.dll
2015-11-05 14:55 - 2015-11-05 14:55 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1397060391
2015-11-03 20:22 - 2015-11-03 20:28 - 1047527424 _____ C:\Users\Petr\Downloads\G1757.part2.rar
2015-11-03 20:22 - 2015-11-03 20:28 - 1047527424 _____ C:\Users\Petr\Downloads\G1757.part1.rar
2015-11-03 20:22 - 2015-11-03 20:22 - 69861073 _____ C:\Users\Petr\Downloads\G1757.part3.rar
2015-11-03 20:21 - 2015-11-03 20:23 - 523335796 _____ C:\Users\Petr\Downloads\sdazvmd.rar
2015-11-01 17:07 - 2015-11-01 17:07 - 00000000 ____D C:\Users\Public\Documents\SEGA Rally
2015-11-01 12:47 - 2015-11-01 12:47 - 00000000 ____D C:\Users\Petr\Documents\SEGA Rally
2015-10-29 15:37 - 2015-11-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
2015-10-29 15:02 - 2015-10-29 18:52 - 00000000 ____D C:\Users\Petr\AppData\Local\ESL Wire Game Client
2015-10-29 15:02 - 2015-10-29 15:02 - 00000820 _____ C:\Users\Public\Desktop\ESL Wire.lnk
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\ProgramData\ESL Wire
2015-10-29 15:02 - 2015-10-29 15:02 - 00000000 ____D C:\Program Files\EslWire
2015-10-29 14:39 - 2015-10-29 14:39 - 08206600 _____ (TeamViewer GmbH) C:\Users\Petr\Downloads\TeamViewer_Setup_cs.exe
2015-10-26 17:57 - 2015-10-12 04:04 - 01710752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-26 16:55 - 2015-10-26 16:58 - 00000000 ____D C:\Users\Petr\Documents\BFH
2015-10-26 16:52 - 2015-10-26 16:52 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-10-26 14:01 - 2015-10-26 14:54 - 214300522 _____ C:\Users\Petr\Desktop\Pán Prstenů - Navrat krale.mkv
2015-10-26 12:03 - 2015-11-01 12:33 - 00000000 ____D C:\Users\Petr\Downloads\Tomáš 6
2015-10-26 09:03 - 2015-10-26 09:03 - 00001959 _____ C:\Users\Petr\Desktop\Webshare Klient.lnk
2015-10-26 09:03 - 2015-10-26 09:03 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare
2015-10-26 08:52 - 2015-10-26 09:56 - 2064831428 _____ C:\Users\Petr\Desktop\Pán Prstenů - Dvě věže.mkv
2015-10-26 06:54 - 2015-10-26 07:46 - 4043921194 _____ C:\Users\Petr\Desktop\Pán Prstenů - Společenstvo prstenu.mkv
2015-10-24 17:43 - 2015-11-15 16:08 - 00000000 ____D C:\Users\Petr\Downloads\přístav
2015-10-24 17:43 - 2015-10-26 11:23 - 00000000 ____D C:\Users\Petr\Downloads\doktoři bez hranic
2015-10-24 16:18 - 2015-10-24 16:18 - 00000279 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2015-10-23 15:18 - 2015-11-15 15:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Webshare
2015-10-23 15:17 - 2015-10-23 15:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-10-23 15:16 - 2015-10-26 09:03 - 00000000 ____D C:\Program Files (x86)\Webshare
2015-10-23 15:16 - 2015-10-26 09:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-21 13:42 - 2015-10-21 13:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 13:33 - 2015-10-21 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\15102101_stream
2015-10-21 13:33 - 2015-10-21 13:33 - 00000000 ____D C:\WINDOWS\SysWOW64\15102100_stream
2015-10-20 18:43 - 2015-10-20 18:43 - 00000000 ____D C:\Users\Petr\AppData\Local\CEF
2015-10-18 17:23 - 2015-10-18 17:23 - 00000000 ____D C:\Users\Petr\Documents\Codemasters
2015-10-18 17:22 - 2015-10-18 17:22 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Codemasters
2015-10-18 17:20 - 2015-10-18 17:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\InstallShield
2015-10-18 17:20 - 2015-10-18 17:20 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-18 17:03 - 2015-10-18 17:03 - 00000000 ____D C:\Users\Public\Documents\Monolith Productions
2015-10-18 17:00 - 2015-10-18 17:00 - 00000866 _____ C:\Users\Public\Desktop\F.E.A.R..lnk
2015-10-18 17:00 - 2015-10-18 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-10-18 16:59 - 2015-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\Sierra

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-16 14:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-15 17:13 - 2015-08-06 19:07 - 01787952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-15 17:13 - 2015-07-10 17:02 - 00753718 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-15 17:13 - 2015-07-10 17:02 - 00153934 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-15 12:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-15 10:35 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 10:35 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-15 10:35 - 2014-08-04 18:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-14 19:31 - 2014-01-02 13:38 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2015-11-14 19:31 - 2013-09-08 08:53 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AIMP3
2015-11-14 19:30 - 2014-08-01 19:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-14 19:29 - 2015-01-11 09:48 - 00000000 ____D C:\Users\Petr\Downloads\backups
2015-11-13 18:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-13 13:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 18:50 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 18:49 - 2013-07-19 11:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 18:45 - 2013-05-29 06:02 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 15:11 - 2015-03-29 18:40 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-10 11:28 - 2015-08-06 18:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-10 11:28 - 2015-02-28 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-10 11:27 - 2015-08-06 18:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-09 18:29 - 2015-05-31 17:26 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-11-09 17:30 - 2015-09-21 13:34 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-09 13:24 - 2014-02-02 12:37 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-08 10:52 - 2015-08-30 08:39 - 00000000 ____D C:\Users\Petr\Desktop\Hudba 1
2015-11-05 16:08 - 2014-08-04 18:34 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-05 16:08 - 2014-08-04 18:34 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-05 16:08 - 2014-08-04 18:34 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-05 15:10 - 2014-02-02 12:37 - 00003902 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-05 14:55 - 2014-04-09 17:19 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-01 12:31 - 2014-09-28 08:16 - 00000000 ____D C:\The KMPlayer
2015-10-29 16:12 - 2015-08-06 18:51 - 00000000 ____D C:\Users\Petr
2015-10-29 14:40 - 2014-10-12 18:39 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-29 13:44 - 2015-07-10 13:20 - 00382960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-29 10:32 - 2014-01-02 13:38 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-28 14:49 - 2014-08-04 18:34 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-10-26 18:16 - 2013-05-28 12:00 - 00000000 ____D C:\Users\Petr\AppData\Local\Packages
2015-10-26 18:16 - 2012-10-16 10:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-26 18:12 - 2013-05-28 14:11 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-26 17:57 - 2015-02-28 18:57 - 00001476 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-26 17:04 - 2015-09-27 09:23 - 00000000 ____D C:\Users\Petr\Downloads\filmy
2015-10-21 13:42 - 2015-04-04 20:18 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 13:42 - 2014-07-06 15:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 13:41 - 2015-04-04 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 13:37 - 2015-08-19 20:09 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-17 18:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Files in the root of some directories =======

2013-07-08 13:32 - 2013-07-08 13:32 - 0093696 _____ () C:\Users\Petr\AppData\Roaming\ezpinst.exe
2013-07-08 13:16 - 2013-08-02 15:04 - 0007859 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.cat
2013-07-08 13:16 - 2013-08-02 15:04 - 0001167 _____ () C:\Users\Petr\AppData\Roaming\pcouffin.inf
2013-07-08 13:16 - 2013-08-02 15:04 - 0082816 _____ (VSO Software) C:\Users\Petr\AppData\Roaming\pcouffin.sys
2013-07-08 14:14 - 2013-08-02 15:04 - 0001057 _____ () C:\Users\Petr\AppData\Roaming\vso_ts_preview.xml
2015-11-12 14:43 - 2015-11-13 17:13 - 0001088 _____ () C:\Users\Petr\AppData\Local\FSDownloader.nast
2013-05-31 14:28 - 2013-05-31 14:28 - 0000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-08 20:11

==================== End of FRST.txt ============================

[Varg]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-16 15:14:17)
Running from C:\Users\Petr\Desktop
Windows 10 Home (X64) (2015-08-06 18:12:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3832753693-3646972138-179110667-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3832753693-3646972138-179110667-503 - Limited - Disabled)
Guest (S-1-5-21-3832753693-3646972138-179110667-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3832753693-3646972138-179110667-1270 - Limited - Enabled)
Petr (S-1-5-21-3832753693-3646972138-179110667-1004 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2.0 (HKLM-x32\...\Free Video to GIF Converter_is1) (Version: 2.0 - www.video-gif-converter.com)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed(R) III v1.04 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.04 - Ubisoft)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
Free Video Editor version 1.4.12.415 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.415 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Johny_Bafak's Vertical Techtree verze 0.72 (HKLM-x32\...\{EFCA3CAE-86A1-4A6B-B703-6C2FF5EFD6EF}_is1) (Version: 0.72 - Johny_Bafak)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV)
Medal of Honor Airborne (HKLM-x32\...\{25F28E39-FDBB-11DB-8314-0800200C9A66}) (Version: 1.0.1.0 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: 33.0.1990.58 - Opera Software)
Ovládací panel NVIDIA 358.91 (Version: 358.91 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Sniper Elite (HKLM-x32\...\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}) (Version: - )
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
webiums modpack 0.9.10 v9.10.18 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: 9.10.18 - myWOTmods.com)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks - Common Test (HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XnView 2.25 (HKLM-x32\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

14-11-2015 19:25:30 End of disinfection

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-11-14 10:21 - 2015-11-14 10:21 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2B5F2724-20D4-4E67-B7BC-A2B15303DC76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {372C44EF-B85F-4A9E-AD98-3389F078FAD1} - System32\Tasks\{76ED66D3-EC50-47F4-919A-06935A6D2627} => pcalua.exe -a "C:\Users\Petr\Desktop\Medal of Honor-Pacific Assault\CZ\mohpacificassaultcz.exe" -d "C:\Users\Petr\Desktop\Medal of Honor-Pacific Assault\CZ"
Task: {3DA351F1-E913-46C2-A9F4-B2B7E1216366} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-21] (AVAST Software)
Task: {5415A7AE-3483-42F4-A5AE-AAF1BB52CF43} - System32\Tasks\{971B0503-70CC-43FD-8A22-42982980216C} => pcalua.exe -a "C:\Users\Petr\Desktop\Wolfenstein (2009) .by kobra.CZ\Čeština do hry Wolfenstein - 2009\WolfensteinBetaCz.exe" -d "C:\Users\Petr\Desktop\Wolfenstein (2009) .by kobra.CZ\Čeština do hry Wolfenstein - 2009"
Task: {5D81C6F4-D0FA-47A4-8D01-AB18897DF0C4} - System32\Tasks\Opera scheduled Autoupdate 1397060391 => C:\Program Files (x86)\Opera\launcher.exe [2015-10-30] (Opera Software)
Task: {94C2483A-9762-4160-BF66-4300BA88CC83} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {9FA3D604-B948-4A1C-A7A8-2510B3B0DC6B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-05] (Adobe Systems Incorporated)
Task: {DC2F4754-F31A-4141-99BF-34EF4BA8E1AC} - System32\Tasks\{74B2946B-5177-4EAC-A333-11289300C3F3} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe" -d "C:\Program Files (x86)\EA GAMES\Medal of Honor Pacific Assault(tm)"
Task: {E48B5E1F-32DA-499B-AA19-99CD5560C786} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-06 19:35 - 2015-08-06 19:35 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 19:23 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-29 15:02 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2015-10-29 15:02 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2007-08-15 08:49 - 2007-08-15 08:49 - 00063040 _____ () C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
2014-08-04 18:34 - 2015-11-05 16:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-14 16:03 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 16:03 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-14 16:03 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-14 16:03 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-14 16:02 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-14 16:02 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-14 16:03 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-21 13:21 - 2015-09-21 13:21 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-21 13:21 - 2015-09-21 13:21 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-15 09:52 - 2015-11-15 09:52 - 02991104 _____ () C:\Program Files\AVAST Software\Avast\defs\15111500\algo.dll
2015-03-31 16:26 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-21 13:21 - 2015-09-21 13:21 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2004synchronationals.org -> 2004synchronationals.org
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2009download-best-soft.com -> 2009download-best-soft.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2019wyt.com -> 2019wyt.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\20health.com -> 20health.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\20x2p.com -> 20x2p.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\23drf.com -> 23drf.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\24-7find.com -> 24-7find.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\24qas.info -> 24qas.info
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2828hfdy.com -> 2828hfdy.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\2pursuit.com -> 2pursuit.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\3344g.com -> 3344g.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\33search.cc -> 33search.cc
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\34f.com -> 34f.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\366ent.com -> 366ent.com

There are 4748 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\304549.jpg
DNS Servers: 83.240.0.135 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Advanced SystemCare 6"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{3FB7BB9A-DE26-49F0-B1CF-02522A6B80E7}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{CDB2FE86-1F41-43F3-B5D4-F159F8ED17D5}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{6968135D-8929-4FEE-B466-84BC44714C26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DD59AC3C-DBBF-4A26-956C-BA9F3ED843AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{9AD730A9-8D49-4CD7-87A8-C2D8DB1B9E5C}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{E9289F72-0B16-4649-AC44-7BF126312E5F}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{67022AB5-14EB-4D51-A5ED-3B9B6098C1AC}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{8722C005-1282-41DB-A504-9575FA89E56D}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{50A5986C-EFC6-44E9-831E-3746A1BFCCD4}C:\program files (x86)\rayman legends\rayman legends.exe] => (Block) C:\program files (x86)\rayman legends\rayman legends.exe
FirewallRules: [TCP Query User{059748E2-ECC2-4202-AB04-D85E2AEBA9CC}C:\program files (x86)\rayman legends\rayman legends.exe] => (Block) C:\program files (x86)\rayman legends\rayman legends.exe
FirewallRules: [{EFC89F5B-C0CE-4E86-87C1-857F9FBF10D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{812385AB-65F3-4D20-87F8-11940B6261B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{ED6A17C8-FE5C-4C9E-BDB0-0BC0E748B770}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B5DB82D9-8B2A-4D5B-AB40-630A896C6C46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09F61A09-5B74-4146-9000-2005959D9A88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{41C597E6-B0E3-4153-A816-D244F46E3138}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{A32B5A79-6D49-49FE-93FA-48EA7D5F1F33}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{710883E4-4B0E-43BF-B176-421A609A9125}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{D49D41F9-C15E-491F-BD05-89D0FEBF24EF}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [{0D752E78-F661-47B2-9FA7-202A8E799C74}] => (Allow) C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{D55648ED-2E29-4821-8E45-F643FAC72157}] => (Allow) C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{E5352418-C31C-4F35-A67B-B85C26AA7AD5}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [{724CE475-8938-4C84-ADD7-7CBA40ECE3DE}] => (Allow) C:\Program Files (x86)\Sierra\FEAR\FEAR.exe
FirewallRules: [TCP Query User{ADE7F9F1-56E2-491C-AAF7-2AA80368222C}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{070A1F00-1561-4DE6-8DA1-8E5F0B49F7B2}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{E5D781F7-F4C2-4C5F-A5C5-2F11A1F873CA}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{27BC8880-183C-424D-A65D-611413146DA8}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{7229DABC-81C3-4A8D-881C-7296CDD61666}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6FBBD087-ECF6-41C1-B540-F7595BEF9515}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{ADD5F0C9-8B86-49C5-A2F0-802B4B130200}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{1199499B-70BC-43CC-A3FA-0E21D73D953F}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{9C13AE9D-4D69-45DD-981D-E837A7F7997E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2015 03:26:03 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1364) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/15/2015 03:26:03 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1364) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/15/2015 03:25:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1364) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/15/2015 03:25:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1364) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/15/2015 03:25:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1364) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/15/2015 03:25:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1364) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/15/2015 03:25:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1364) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/15/2015 03:25:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1364) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/15/2015 03:25:22 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1364) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/15/2015 03:25:22 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1364) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (11/16/2015 03:11:40 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače NTB,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{EE0C896D-1F39-4A43-969B-4FF4C7F00D2C}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (11/15/2015 08:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 08:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 08:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 08:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 04:11:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 04:11:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 04:11:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 04:11:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/15/2015 10:35:38 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.


CodeIntegrity:
===================================
Date: 2015-08-20 19:52:18.538
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:18.375
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:18.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:18.097
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.963
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.850
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.406
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-20 19:52:17.255
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 8173.43 MB
Available physical RAM: 6657.56 MB
Total Virtual: 9453.43 MB
Available Virtual: 7905.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:466.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: C0729418)
Partition 1: (Active) - (Size=352 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

[jaro3]

Aktualizuj javu:
[url= http://www.oracle.com/technetwork/java/ ... 33155.html
Java SE Runtime Environment 8

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Advanced SystemCare 6"

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Co problémy?

[Varg]

Děkuji tady je log

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-16 16:16:28) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Advanced SystemCare 6"
*****************

HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3832753693-3646972138-179110667-1004\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-3832753693-3646972138-179110667-1004\...\StartupApproved\Run: => "Advanced SystemCare 6" => value not found.

==== End of Fixlog 16:16:28 ====


Vypadá že vše jede ok.
Chybová hláška se již neobjevila a hraní se vrátilo k normálu.
WoT nelaguje a ani se mně nezasekává.
Jen občas se stane že se blokne prohlížeč.
Stránka se načítá delší dobu a vlastně v tu chvíli nereaguje pc.
Nechávám tak a ono se během několika minut rozjede samo.

[Orcus]

OK, tak ještě použijem OTL.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Varg]

OTL logfile created on: 16.11.2015 21:11:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,98 Gb Total Physical Memory | 6,47 Gb Available Physical Memory | 81,02% Memory free
9,23 Gb Paging File | 7,61 Gb Available in Paging File | 82,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,73 Gb Total Space | 456,94 Gb Free Space | 49,10% Space Free | Partition Type: NTFS

Computer Name: PETRMALENKA | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Petr\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_Session3) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (EslWireHelper) -- C:\Program Files\EslWire\service\WireHelperSvc.exe ()
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys ()
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (fcvsc) -- C:\Windows\SysNative\drivers\fcvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.tsbohemia.cz [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.defaultthis.engineName: "Seznam"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\Free Media Player\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.09.21 13:21:21 | 000,000,000 | ---D | M]

[2014.12.03 19:08:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Extensions
[2015.08.22 12:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\mozilla\Firefox\Profiles\iq10j0za.default\extensions
[2014.05.27 18:44:45 | 000,002,823 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\mozilla\firefox\profiles\iq10j0za.default\searchplugins\Google.xml

O1 HOSTS File: ([2015.11.14 10:21:07 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: blank ([]about in Computer)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.135 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ee0c896d-1f39-4a43-969b-4ff4c7f00d2c}: DhcpNameServer = 83.240.0.135 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

[Varg]

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.07.10 15:19:46 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015.11.16 21:06:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2015.11.16 16:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.11.16 16:12:38 | 000,110,176 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2015.11.16 16:12:38 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015.11.16 16:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015.11.15 09:50:17 | 000,000,000 | ---D | C] -- C:\FRST
[2015.11.15 09:49:25 | 002,198,528 | ---- | C] (Farbar) -- C:\Users\Petr\Desktop\FRST64.exe
[2015.11.14 10:39:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.11.14 10:35:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2015.11.14 10:35:46 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\Temp
[2015.11.11 18:49:31 | 000,810,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015.11.11 18:49:31 | 000,176,632 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015.11.11 14:39:19 | 002,180,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2015.11.11 14:39:18 | 002,987,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2015.11.11 14:39:18 | 001,795,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2015.11.11 14:39:16 | 021,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2015.11.11 14:39:15 | 018,803,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2015.11.11 14:39:13 | 002,675,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2015.11.11 14:39:13 | 002,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2015.11.11 14:39:13 | 000,541,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcupdate_GenuineIntel.dll
[2015.11.11 14:39:12 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
[2015.11.11 14:39:12 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
[2015.11.11 14:39:11 | 003,248,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2015.11.11 14:39:11 | 001,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015.11.11 14:39:11 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2015.11.11 14:39:10 | 008,020,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015.11.11 14:39:10 | 002,418,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2015.11.11 14:39:10 | 000,459,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2015.11.11 14:39:09 | 002,647,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2015.11.11 14:39:09 | 001,392,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2015.11.11 14:39:08 | 001,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2015.11.11 14:39:07 | 003,587,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2015.11.11 14:39:07 | 002,639,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2015.11.11 14:39:07 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2015.11.11 14:39:07 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
[2015.11.11 14:39:07 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2015.11.11 14:39:06 | 000,961,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2015.11.11 14:39:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2015.11.11 14:39:05 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2015.11.11 14:39:05 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2015.11.11 14:39:04 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2015.11.11 14:39:04 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2015.11.11 14:39:04 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2015.11.11 14:39:03 | 001,383,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2015.11.11 14:39:03 | 000,966,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2015.11.11 14:39:03 | 000,762,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2015.11.11 14:39:03 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2015.11.11 14:39:02 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015.11.11 14:39:02 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2015.11.11 14:39:01 | 000,650,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015.11.11 14:39:01 | 000,607,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2015.11.11 14:39:00 | 000,539,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2015.11.10 11:27:45 | 000,102,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2015.11.10 11:27:26 | 000,062,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2015.11.10 11:26:01 | 022,343,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2015.11.10 11:26:01 | 018,487,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2015.11.10 11:26:01 | 018,389,112 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2015.11.10 11:26:01 | 016,561,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2015.11.10 11:26:01 | 015,933,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2015.11.10 11:26:01 | 015,839,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2015.11.10 11:26:01 | 014,844,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2015.11.10 11:26:01 | 013,533,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2015.11.10 11:26:01 | 012,870,192 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2015.11.10 11:26:01 | 012,040,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2015.11.10 11:26:01 | 003,540,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2015.11.10 11:26:01 | 003,126,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2015.11.10 11:26:01 | 002,876,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2015.11.10 11:26:01 | 002,496,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2015.11.10 11:26:01 | 001,905,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435891.dll
[2015.11.10 11:26:01 | 001,564,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435891.dll
[2015.11.10 11:26:01 | 001,016,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2015.11.10 11:26:01 | 000,877,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2015.11.10 11:26:01 | 000,861,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2015.11.10 11:26:01 | 000,823,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2015.11.10 11:26:01 | 000,689,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2015.11.10 11:26:01 | 000,674,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2015.11.10 11:26:01 | 000,539,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2015.11.10 11:26:01 | 000,503,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2015.11.10 11:26:01 | 000,500,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2015.11.10 11:26:01 | 000,446,768 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2015.11.10 11:26:01 | 000,445,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2015.11.10 11:26:01 | 000,422,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2015.11.10 11:26:01 | 000,414,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2015.11.10 11:26:01 | 000,369,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2015.11.10 11:26:01 | 000,177,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2015.11.10 11:26:01 | 000,155,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2015.11.10 11:26:01 | 000,151,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2015.11.10 11:26:01 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2015.11.06 21:42:15 | 001,059,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys
[2015.11.06 21:42:15 | 000,449,992 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2015.11.05 17:46:08 | 001,905,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435887.dll
[2015.11.05 17:46:08 | 001,572,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2015.11.05 17:46:08 | 001,564,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435887.dll
[2015.11.05 17:46:08 | 000,205,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2015.11.05 17:46:08 | 000,039,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2015.11.01 17:07:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SEGA Rally
[2015.11.01 12:47:40 | 000,000,000 | ---D | C] -- C:\Users\Petr\Documents\SEGA Rally
[2015.10.29 15:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webium's modpack
[2015.10.29 15:02:05 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\ESL Wire Game Client
[2015.10.29 15:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
[2015.10.29 15:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2015.10.29 15:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ESL Wire
[2015.10.26 17:57:50 | 001,710,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2015.10.26 16:55:41 | 000,000,000 | ---D | C] -- C:\Users\Petr\Documents\BFH
[2015.10.26 16:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2015.10.26 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare
[2015.10.23 15:18:12 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Webshare
[2015.10.23 15:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2015.10.23 15:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2015.10.23 15:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webshare
[2015.10.21 13:33:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\15102101_stream
[2015.10.21 13:33:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\15102100_stream
[2015.10.20 18:43:15 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\CEF
[2015.10.18 17:23:18 | 000,000,000 | ---D | C] -- C:\Users\Petr\Documents\Codemasters
[2015.10.18 17:22:02 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Codemasters
[2015.10.18 17:20:04 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\InstallShield
[2015.10.18 17:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2015.10.18 17:03:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2015.10.18 17:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2015.10.18 16:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra
[2013.07.08 13:16:05 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Petr\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2015.11.16 21:15:17 | 000,016,148 | ---- | M] () -- C:\WINDOWS\SysNative\PETRMALENKA_Petr_HistoryPrediction.bin
[2015.11.16 21:07:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2015.11.16 19:50:01 | 001,787,952 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015.11.16 19:50:01 | 000,753,718 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2015.11.16 19:50:01 | 000,739,462 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015.11.16 19:50:01 | 000,153,934 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2015.11.16 19:50:01 | 000,141,654 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015.11.16 16:12:33 | 000,110,176 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2015.11.16 14:19:25 | 3428,179,968 | -HS- | M] () -- C:\hiberfil.sys
[2015.11.16 14:19:24 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015.11.15 10:35:30 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015.11.15 09:50:04 | 002,198,528 | ---- | M] (Farbar) -- C:\Users\Petr\Desktop\FRST64.exe
[2015.11.14 10:21:07 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015.11.14 10:18:55 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2015.11.14 09:50:22 | 000,037,624 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2015.11.13 17:13:43 | 000,001,088 | ---- | M] () -- C:\Users\Petr\AppData\Local\FSDownloader.nast
[2015.11.11 15:11:09 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.11.09 13:24:56 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015.11.06 21:42:14 | 001,059,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys
[2015.11.06 21:42:14 | 000,449,992 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2015.11.06 13:16:48 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\Webium's Modpack.lnk
[2015.11.05 18:00:13 | 042,914,096 | ---- | M] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2015.11.05 18:00:13 | 037,882,160 | ---- | M] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2015.11.05 18:00:13 | 022,343,800 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2015.11.05 18:00:13 | 018,487,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2015.11.05 18:00:13 | 018,389,112 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2015.11.05 18:00:13 | 016,561,320 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2015.11.05 18:00:13 | 015,933,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2015.11.05 18:00:13 | 015,839,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2015.11.05 18:00:13 | 014,844,304 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2015.11.05 18:00:13 | 013,533,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2015.11.05 18:00:13 | 012,870,192 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2015.11.05 18:00:13 | 012,040,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2015.11.05 18:00:13 | 003,540,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2015.11.05 18:00:13 | 003,126,800 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2015.11.05 18:00:13 | 002,876,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2015.11.05 18:00:13 | 002,496,632 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2015.11.05 18:00:13 | 001,905,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435891.dll
[2015.11.05 18:00:13 | 001,564,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435891.dll
[2015.11.05 18:00:13 | 001,016,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2015.11.05 18:00:13 | 000,877,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2015.11.05 18:00:13 | 000,861,816 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2015.11.05 18:00:13 | 000,823,232 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2015.11.05 18:00:13 | 000,689,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2015.11.05 18:00:13 | 000,674,096 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2015.11.05 18:00:13 | 000,539,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2015.11.05 18:00:13 | 000,503,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2015.11.05 18:00:13 | 000,500,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2015.11.05 18:00:13 | 000,446,768 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2015.11.05 18:00:13 | 000,445,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2015.11.05 18:00:13 | 000,422,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2015.11.05 18:00:13 | 000,414,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2015.11.05 18:00:13 | 000,369,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2015.11.05 18:00:13 | 000,177,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2015.11.05 18:00:13 | 000,155,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2015.11.05 18:00:13 | 000,151,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2015.11.05 18:00:13 | 000,128,512 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2015.11.05 18:00:13 | 000,034,493 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2015.11.05 16:08:02 | 006,358,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2015.11.05 16:08:02 | 002,983,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2015.11.05 16:08:00 | 002,554,672 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2015.11.05 16:08:00 | 000,385,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2015.11.05 16:08:00 | 000,062,584 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2015.11.05 15:41:48 | 000,102,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2015.11.05 06:15:45 | 008,020,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015.11.05 06:15:43 | 000,541,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcupdate_GenuineIntel.dll
[2015.11.05 06:14:21 | 000,459,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2015.11.05 06:11:46 | 001,392,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2015.11.05 06:06:10 | 000,966,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2015.11.05 06:01:05 | 000,607,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2015.11.05 05:56:48 | 001,083,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015.11.05 05:56:44 | 000,025,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2015.11.05 05:30:20 | 000,961,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2015.11.05 05:23:42 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2015.11.05 05:23:32 | 000,762,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2015.11.05 05:20:43 | 021,873,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2015.11.05 05:18:37 | 003,248,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2015.11.05 05:18:34 | 000,539,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2015.11.05 05:17:35 | 002,418,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2015.11.05 05:12:31 | 000,515,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
[2015.11.05 05:11:30 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2015.11.05 05:10:48 | 002,987,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2015.11.05 05:06:41 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2015.11.05 05:05:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015.11.05 05:03:52 | 002,180,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2015.11.05 05:03:49 | 001,015,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2015.11.05 05:01:41 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2015.11.05 05:01:38 | 000,713,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2015.11.05 04:59:20 | 003,587,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2015.11.05 04:59:13 | 002,675,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2015.11.05 04:58:50 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2015.11.05 04:58:36 | 001,383,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2015.11.05 04:56:30 | 001,795,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2015.11.05 04:55:55 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dssvc.dll
[2015.11.05 04:54:44 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
[2015.11.05 04:42:23 | 002,647,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2015.11.05 04:40:41 | 001,918,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2015.11.05 04:35:47 | 018,803,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2015.11.05 04:35:04 | 002,639,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2015.11.05 04:34:45 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2015.11.05 04:33:09 | 000,650,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015.11.05 04:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2015.11.05 04:27:12 | 000,464,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2015.11.05 04:23:15 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
[2015.11.03 19:20:11 | 000,810,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015.11.03 19:20:11 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015.11.02 23:49:25 | 001,572,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2015.11.02 23:49:25 | 000,205,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2015.11.02 23:49:25 | 000,039,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2015.11.02 18:03:07 | 001,905,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6435887.dll
[2015.11.02 18:03:07 | 001,564,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6435887.dll
[2015.10.29 15:02:05 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2015.10.29 13:44:21 | 000,382,960 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015.10.28 14:49:44 | 006,027,430 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2015.10.26 18:12:18 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.10.26 17:57:49 | 000,001,476 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015.10.26 14:54:11 | 214,300,518 | ---- | M] () -- C:\Users\Petr\Desktop\Pán Prstenů - Navrat krale.mkv
[2015.10.26 09:56:26 | 2064,831,425 | ---- | M] () -- C:\Users\Petr\Desktop\Pán Prstenů - Dvě věže.mkv
[2015.10.26 09:03:58 | 000,001,959 | ---- | M] () -- C:\Users\Petr\Desktop\Webshare Klient.lnk
[2015.10.26 07:46:19 | 4043,921,191 | ---- | M] () -- C:\Users\Petr\Desktop\Pán Prstenů - Společenstvo prstenu.mkv
[2015.10.21 13:37:11 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015.10.18 17:00:02 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\F.E.A.R..lnk

========== Files Created - No Company Name ==========

[2015.11.16 21:15:17 | 000,016,148 | ---- | C] () -- C:\WINDOWS\SysNative\PETRMALENKA_Petr_HistoryPrediction.bin
[2015.11.14 10:35:47 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2015.11.14 09:50:22 | 000,037,624 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2015.11.12 14:43:00 | 000,001,088 | ---- | C] () -- C:\Users\Petr\AppData\Local\FSDownloader.nast
[2015.11.10 11:26:01 | 042,914,096 | ---- | C] () -- C:\WINDOWS\SysNative\nvcompiler.dll
[2015.11.10 11:26:01 | 037,882,160 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2015.11.10 11:26:01 | 000,034,493 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2015.11.06 13:16:48 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\Webium's Modpack.lnk
[2015.10.29 15:02:05 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\ESL Wire.lnk
[2015.10.26 14:01:10 | 214,300,518 | ---- | C] () -- C:\Users\Petr\Desktop\Pán Prstenů - Navrat krale.mkv
[2015.10.26 09:03:58 | 000,001,959 | ---- | C] () -- C:\Users\Petr\Desktop\Webshare Klient.lnk
[2015.10.26 08:52:10 | 2064,831,425 | ---- | C] () -- C:\Users\Petr\Desktop\Pán Prstenů - Dvě věže.mkv
[2015.10.26 06:54:22 | 4043,921,191 | ---- | C] () -- C:\Users\Petr\Desktop\Pán Prstenů - Společenstvo prstenu.mkv
[2015.10.24 16:18:30 | 000,000,279 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
[2015.10.18 17:00:02 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\F.E.A.R..lnk
[2015.10.14 16:03:11 | 001,766,952 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2015.08.19 19:23:31 | 001,823,232 | ---- | C] () -- C:\WINDOWS\SysWow64\InputService.dll
[2015.08.19 19:23:26 | 000,200,704 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2015.07.10 13:20:52 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015.07.10 12:04:39 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015.07.10 12:04:38 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015.07.10 12:00:35 | 000,161,632 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015.07.10 12:00:33 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015.07.10 12:00:32 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015.07.10 12:00:31 | 000,156,672 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2015.07.10 12:00:30 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015.07.10 12:00:29 | 000,081,408 | ---- | C] () -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2015.07.10 12:00:29 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2015.07.10 12:00:29 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\WpKbdLayout.dll
[2015.07.10 12:00:29 | 000,022,016 | ---- | C] () -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2015.07.10 12:00:28 | 000,270,848 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015.07.10 12:00:27 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015.07.10 12:00:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015.07.10 12:00:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015.07.10 12:00:24 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015.07.10 11:59:51 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015.05.10 16:32:55 | 000,000,207 | ---- | C] () -- C:\WINDOWS\tweaking.com-regbackup-PETRMALENKA-Windows-8.1-(64-bit).dat
[2014.11.19 13:37:36 | 000,000,331 | ---- | C] () -- C:\WINDOWS\game.ini
[2013.12.01 09:55:46 | 000,000,017 | ---- | C] () -- C:\WINDOWS\KA.ini
[2013.07.08 14:14:05 | 000,001,057 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\vso_ts_preview.xml
[2013.07.08 13:32:30 | 000,093,696 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\ezpinst.exe
[2013.07.08 13:16:05 | 000,007,859 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\pcouffin.cat
[2013.07.08 13:16:05 | 000,001,167 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\pcouffin.inf
[2013.05.31 14:28:34 | 000,000,017 | ---- | C] () -- C:\Users\Petr\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2015.10.18 17:03:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2015.09.17 07:49:11 | 006,487,248 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2015.09.17 07:28:40 | 005,120,056 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.07.10 11:59:53 | 000,995,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015.07.10 12:00:23 | 000,754,688 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015.07.10 11:59:55 | 000,516,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.11.16 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AIMP3
[2014.06.20 17:24:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Artogon
[2015.04.08 17:41:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ashampoo
[2013.10.26 13:21:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVAST Software
[2015.02.24 16:13:40 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BadFlyInteractive
[2013.07.04 08:25:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe Limited
[2015.10.18 17:22:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Codemasters
[2014.04.27 07:08:24 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Day 1 Studios
[2014.11.30 09:48:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Dropbox
[2015.05.04 07:40:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDVideoSoft
[2014.01.01 19:31:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\EleFun Games
[2014.05.20 15:52:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ERS G-Studio
[2014.06.14 17:55:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ERS Game Studios
[2014.11.21 07:38:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ffDiaporama
[2015.04.08 17:55:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\FreeDownloadManager.ORG
[2014.07.11 17:25:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\freepicturesolutions
[2014.06.14 21:47:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2014.01.01 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Gold Casual Games
[2013.07.07 09:39:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IObit
[2014.05.11 08:58:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Karate Panda
[2014.02.09 09:27:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\OpenOffice
[2014.04.09 17:20:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera Software
[2014.11.30 09:48:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\SpaceEngineers
[2014.06.14 18:00:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Specialbit
[2014.10.08 06:20:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Steam
[2015.10.29 14:40:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TeamViewer
[2013.11.09 10:14:16 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Transcend Elite
[2015.11.14 19:31:08 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TS3Client
[2013.12.18 16:59:40 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Tunngle
[2014.06.20 17:22:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\URSE Games
[2013.11.07 08:08:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\VitySoft
[2013.08.02 15:04:32 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Vso
[2013.07.07 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2015.11.16 19:52:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Webshare
[2014.06.29 18:02:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinUpdate
[2015.10.09 15:41:20 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\XnView
[2013.10.20 10:56:12 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\CENZURA HD
[2013.12.05 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Špidla Data Processing, s.r.o

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Petr\SkyDrive:ms-properties

< End of report >