Kontrola logu prosím

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 12 kvě 2017 09:22

Tak VLC zatím v pohodě už 30 minut, ale blblo to spíš vždycky večer. Teď o víkendu nebudu doma, tak v pondělí nahodím logy poreferuji jak to vypadá. Zatím moc děkuji.



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36911
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod jaro3 » 12 kvě 2017 17:38

Udělej pak ještě script v CF+ aswmbr.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 15 kvě 2017 10:28

ComboFix 17-05-09.01 - PECHY 12.05.2017 8:32.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8120.6211 [GMT 2:00]
Spuštěný z: c:\users\PECHY\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PECHY\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-04-12 do 2017-05-12 )))))))))))))))))))))))))))))))
.
.
2017-05-12 06:34 . 2017-05-12 06:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-05-12 06:30 . 2017-05-12 06:30 -------- d-----w- c:\programdata\SWCUTemp
2017-05-10 12:53 . 2017-05-10 13:02 -------- d-----w- c:\users\PECHY\AppData\Local\CrashDumps
2017-05-10 12:46 . 2017-05-10 12:46 -------- d-----w- c:\users\PECHY\AppData\Local\Adobe
2017-05-10 12:42 . 2017-05-10 12:59 -------- d-----w- c:\users\PECHY\AppData\Local\Zemana
2017-05-10 10:57 . 2017-05-12 06:34 -------- d-----w- c:\users\PECHY\AppData\Local\Temp
2017-05-10 10:57 . 2017-05-10 10:44 24064 ----a-w- c:\windows\zoek-delete.exe
2017-05-09 21:59 . 2017-05-10 08:57 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-05-09 21:59 . 2017-05-09 22:12 -------- d-----w- c:\programdata\RogueKiller
2017-05-09 18:45 . 2017-05-09 18:45 -------- d-----w- c:\users\PECHY\AppData\Local\CEF
2017-05-08 08:20 . 2017-05-01 20:14 134592 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2017-05-08 08:10 . 2017-05-08 08:10 824848 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2017-05-08 08:10 . 2017-05-08 08:10 199760 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2017-05-03 06:38 . 2017-03-10 16:32 300544 ----a-w- c:\windows\system32\pdh.dll
2017-05-03 06:38 . 2017-03-10 16:32 1389056 ----a-w- c:\windows\system32\pla.dll
2017-05-03 06:38 . 2017-03-10 16:20 1508352 ----a-w- c:\windows\SysWow64\pla.dll
2017-05-03 06:38 . 2017-03-10 16:20 237056 ----a-w- c:\windows\SysWow64\pdh.dll
2017-05-03 06:38 . 2017-03-10 15:57 9216 ----a-w- c:\windows\system32\plasrv.exe
2017-05-03 06:38 . 2017-03-10 15:55 205312 ----a-w- c:\windows\system32\drivers\fastfat.sys
2017-05-03 06:38 . 2017-03-10 15:55 195584 ----a-w- c:\windows\system32\drivers\exfat.sys
2017-05-03 06:38 . 2017-03-09 16:34 2048 ----a-w- c:\windows\system32\tzres.dll
2017-05-03 06:38 . 2017-03-09 16:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2017-04-26 08:21 . 2017-04-20 01:57 1988216 ----a-w- c:\windows\system32\nvdispco6438189.dll
2017-04-26 08:21 . 2017-04-20 01:57 1589880 ----a-w- c:\windows\system32\nvdispgenco6438189.dll
2017-04-25 20:07 . 2017-03-28 03:32 47552 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-04-25 20:07 . 2017-03-28 03:32 153536 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-04-25 20:07 . 2017-03-28 03:32 127424 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-05-10 08:44 . 2015-05-09 17:51 156335152 -c--a-w- c:\windows\system32\MRT.exe
2017-05-01 22:32 . 2017-04-07 10:56 17423240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-05-01 22:32 . 2017-03-04 18:01 28592760 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-05-01 22:32 . 2017-03-04 18:01 3592312 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-05-01 22:32 . 2017-01-04 14:05 491024 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-05-01 22:32 . 2015-02-19 23:18 20063696 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-05-01 22:32 . 2015-02-19 23:18 4075936 ----a-w- c:\windows\system32\nvapi64.dll
2017-05-01 20:52 . 2017-02-10 11:52 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-05-01 20:51 . 2015-05-09 18:40 6437312 ----a-w- c:\windows\system32\nvcpl.dll
2017-05-01 20:51 . 2015-05-09 18:40 2479552 ----a-w- c:\windows\system32\nvsvc64.dll
2017-05-01 20:51 . 2015-12-22 15:22 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-05-01 20:51 . 2015-12-22 15:22 548800 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-05-01 20:51 . 2015-05-09 18:40 69752 ----a-w- c:\windows\system32\nvshext.dll
2017-05-01 20:51 . 2015-05-09 18:40 392312 ----a-w- c:\windows\system32\nvmctray.dll
2017-05-01 20:51 . 2015-05-09 18:40 1762752 ----a-w- c:\windows\system32\nvsvcr.dll
2017-04-28 01:10 . 2017-05-10 08:43 345600 ----a-w- c:\windows\system32\schannel.dll
2017-04-28 01:10 . 2017-05-10 08:43 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-04-28 00:32 . 2017-05-10 08:43 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-04-28 00:32 . 2017-05-10 08:43 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-04-28 00:32 . 2017-05-10 08:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-04-26 05:40 . 2017-03-10 12:42 1882048 ----a-w- c:\windows\system32\nvspcap64.dll
2017-04-26 05:40 . 2017-03-10 12:42 1472960 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-04-26 05:40 . 2017-03-10 12:42 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2017-04-26 05:40 . 2017-03-10 12:42 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2017-04-26 05:40 . 2017-03-10 12:42 121280 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-04-26 05:03 . 2017-04-07 10:59 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-04-25 21:11 . 2015-05-09 18:40 7944687 ----a-w- c:\windows\system32\nvcoproc.bin
2017-04-20 11:58 . 2015-05-10 13:36 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-04-20 11:58 . 2015-05-10 13:36 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-04-02 16:12 . 2017-04-07 10:56 46008 ----a-w- c:\windows\system32\nvhdap64.dll
2017-04-02 16:12 . 2017-04-07 10:56 218040 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-04-02 16:12 . 2017-01-04 14:26 1600560 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-04-01 03:20 . 2017-04-07 10:56 1988032 ----a-w- c:\windows\system32\nvdispco6438165.dll
2017-04-01 03:20 . 2017-04-07 10:56 1591352 ----a-w- c:\windows\system32\nvdispgenco6438165.dll
2017-04-01 00:41 . 2017-04-07 10:56 76840 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-03-26 18:33 . 2017-03-26 18:33 28344 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-21 15:32 . 2015-05-09 17:08 548928 ----a-w- c:\windows\system32\drivers\aswsp.sys
2017-03-17 00:59 . 2017-03-21 13:15 1983424 ----a-w- c:\windows\system32\nvdispco6437892.dll
2017-03-17 00:59 . 2017-03-21 13:15 1589696 ----a-w- c:\windows\system32\nvdispgenco6437892.dll
2017-03-14 09:42 . 2015-05-09 17:08 337592 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2017-03-10 21:17 . 2017-03-10 21:17 525600 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-42-1.dll
2017-03-10 21:17 . 2016-03-17 13:02 525600 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-03-10 21:17 . 2017-03-10 21:17 233760 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-42-1.exe
2017-03-10 21:17 . 2016-03-17 13:02 233760 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-03-10 21:17 . 2017-03-10 21:17 536864 ----a-w- c:\windows\system32\vulkan-1-1-0-42-1.dll
2017-03-10 21:17 . 2016-03-17 13:02 536864 ----a-w- c:\windows\system32\vulkan-1.dll
2017-03-10 21:17 . 2017-03-10 21:17 254240 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-42-1.exe
2017-03-10 21:17 . 2016-03-17 13:02 254240 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-03-07 01:54 . 2017-03-07 01:54 398408 ----a-w- c:\windows\system32\aswBoot.exe
2017-03-07 01:54 . 2015-05-09 17:08 75704 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-03-07 01:54 . 2015-05-09 17:08 38296 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-03-07 01:54 . 2015-05-09 17:08 162528 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-03-07 01:54 . 2015-05-09 17:08 126600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-03-07 01:54 . 2015-05-09 17:08 100640 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-03-07 01:54 . 2016-02-09 13:22 32088 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-03-07 01:54 . 2015-05-09 17:08 993608 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-03-07 01:53 . 2017-03-07 01:54 48528 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-03-07 01:53 . 2017-03-07 01:54 334600 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-03-07 01:53 . 2017-03-07 01:54 309272 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-03-07 01:53 . 2017-03-07 01:54 189768 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-03-04 18:01 . 2017-03-04 18:01 1589696 ----a-w- c:\windows\system32\nvdispgenco6437866.dll
2017-03-04 18:01 . 2017-03-04 18:01 1983424 ----a-w- c:\windows\system32\nvdispco6437866.dll
2017-02-23 10:34 . 2017-03-10 12:51 1985080 ----a-w- c:\windows\system32\nvdispco6437878.dll
2017-02-23 10:34 . 2017-03-10 12:51 1589696 ----a-w- c:\windows\system32\nvdispgenco6437878.dll
2017-02-23 10:34 . 2015-05-09 18:40 512960 ----a-w- c:\windows\system32\OpenCL.dll
2017-02-23 10:34 . 2015-05-09 18:40 420408 ----a-w- c:\windows\SysWow64\OpenCL.dll
2017-02-22 23:42 . 2017-03-16 11:58 84712 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-02-22 23:37 . 2017-03-16 11:58 1285632 ----a-w- c:\windows\system32\aeinv.dll
2017-02-18 14:05 . 2017-03-16 11:58 646656 ----a-w- c:\windows\system32\generaltel.dll
2017-02-18 14:05 . 2017-03-16 11:58 1609216 ----a-w- c:\windows\system32\appraiser.dll
2017-02-16 09:28 . 2017-02-16 09:28 1985080 ----a-w- c:\windows\system32\nvdispco6437849.dll
2017-02-16 09:28 . 2017-02-16 09:28 1591352 ----a-w- c:\windows\system32\nvdispgenco6437849.dll
2017-02-16 09:26 . 2017-02-16 09:26 5545472 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2017-02-16 09:26 . 2017-02-16 09:26 15202032 ----a-w- c:\windows\system32\YamahaAE3.dll
2017-02-16 09:26 . 2017-02-16 09:26 984912 ----a-w- c:\windows\system32\sl3apo64.dll
2017-02-16 09:26 . 2017-02-16 09:26 965024 ----a-w- c:\windows\system32\SFSS_APO.dll
2017-02-16 09:26 . 2017-02-16 09:26 962128 ----a-w- c:\windows\system32\tosasfapo64.dll
2017-02-16 09:26 . 2017-02-16 09:26 90912 ----a-w- c:\windows\system32\SFCOM64.dll
2017-02-16 09:26 . 2017-02-16 09:26 88344 ----a-w- c:\windows\system32\RTEEG64A.dll
2017-02-16 09:26 . 2017-02-16 09:26 88320 ----a-w- c:\windows\system32\SFAPO64.dll
2017-02-16 09:26 . 2017-02-16 09:26 873464 ----a-w- c:\windows\system32\tadefxapo264.dll
2017-02-16 09:26 . 2017-02-16 09:26 866096 ----a-w- c:\windows\SysWow64\SEHDHF32.dll
2017-02-16 09:26 . 2017-02-16 09:26 859912 ----a-w- c:\windows\system32\SEHDRA64.dll
2017-02-16 09:26 . 2017-02-16 09:26 854208 ----a-w- c:\windows\system32\SECOMN64.dll
2017-02-16 09:26 . 2017-02-16 09:26 83624 ----a-w- c:\windows\SysWow64\SFCOM.dll
2017-02-16 09:26 . 2017-02-16 09:26 75536 ----a-w- c:\windows\system32\tepeqapo64.dll
2017-02-16 09:26 . 2017-02-16 09:26 726112 ----a-w- c:\windows\SysWow64\SECOMN32.dll
2017-02-16 09:26 . 2017-02-16 09:26 689880 ----a-w- c:\windows\system32\RtDataProc64.dll
2017-02-16 09:26 . 2017-02-16 09:26 601144 ----a-w- c:\windows\system32\tossaemaxapo64.dll
2017-02-16 09:26 . 2017-02-16 09:26 571376 ----a-w- c:\windows\system32\tbb_waves.dll
2017-02-16 09:26 . 2017-02-16 09:26 532376 ----a-w- c:\windows\system32\SRSTSX64.dll
2017-02-16 09:26 . 2017-02-16 09:26 514872 ----a-w- c:\windows\system32\SEAPO64.dll
2017-02-16 09:26 . 2017-02-16 09:26 467152 ----a-w- c:\windows\system32\SRAPO64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-06-14 11:41 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-06-14 11:41 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-06-14 11:41 1741104 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-04-10 9532120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-03-07 205512]
.
c:\users\PECHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE XTREME GAMING ENGINE.lnk - c:\program files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe /r [2017-3-10 172176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\program files\Killer Networking\Network Manager\NetworkManager.exe -minimize [2015-2-5 330240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
R1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMChameleon;MBAMChameleon;c:\windows\system32\drivers\MBAMChameleon.sys;c:\windows\SYSNATIVE\drivers\MBAMChameleon.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Killer Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Killer Service V2;Killer Service V2;c:\program files\Killer Networking\Network Manager\KillerService.exe;c:\program files\Killer Networking\Network Manager\KillerService.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KillerEth;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\e2xw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e2xw7x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Device Service;c:\windows\system32\DRIVERS\XtuAcpiDriver.sys;c:\windows\SYSNATIVE\DRIVERS\XtuAcpiDriver.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-04-06 09:28 1319256 ----a-w- c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-06-14 11:37 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-06-14 11:37 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-06-14 11:37 2348848 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-07 01:54 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-07 01:54 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2017-02-16 9197568]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2017-04-26 1882048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{23658c02-145e-483d-ba6b-1eb82c580529} - c:\programdata\Package Cache\{23658c02-145e-483d-ba6b-1eb82c580529}\VC_redist.x86.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{e46eca4f-393b-40df-9f49-076faf788d83} - c:\programdata\Package Cache\{e46eca4f-393b-40df-9f49-076faf788d83}\VC_redist.x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_148_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_148_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2017-05-12 08:35:43
ComboFix-quarantined-files.txt 2017-05-12 06:35
ComboFix2.txt 2017-05-11 19:54
.
Před spuštěním: Volných bajtů: 21 933 830 144
Po spuštění: Volných bajtů: 21 595 873 280
.
- - End Of File - - E287516CA84C81F07083A500DC71EEFB
A36C5E4F47E84449FF07ED3517B43A31

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-05-12 08:38:14
-----------------------------
08:38:14.608 OS Version: Windows x64 6.1.7601 Service Pack 1
08:38:14.608 Number of processors: 8 586 0x3C03
08:38:14.608 ComputerName: PECHY-PC UserName: PECHY
08:38:14.936 Initialize success
08:38:14.936 VM: initialized successfully
08:38:14.936 VM: Intel CPU supported virtualized
08:38:26.249 VM: disk I/O iaStorA.sys
08:38:34.457 AVAST engine defs: 17051106
08:38:58.969 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000076
08:38:58.969 Disk 0 Vendor: KINGSTON 583A Size: 114473MB BusType: 11
08:38:58.969 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000077
08:38:58.985 Disk 1 Vendor: ST1000DM CC49 Size: 953869MB BusType: 11
08:38:58.985 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000078
08:38:58.985 Disk 2 Vendor: Hitachi_ ST2O Size: 305245MB BusType: 11
08:38:59.000 Disk 0 MBR read successfully
08:38:59.016 Disk 0 MBR scan
08:38:59.016 Disk 0 Windows 7 default MBR code
08:38:59.016 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:38:59.016 Disk 0 Boot: NTFS code=1
08:38:59.032 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
08:38:59.032 Disk 0 scanning C:\Windows\system32\drivers
08:39:00.935 Service scanning
08:39:05.117 Modules scanning
08:39:05.117 Disk 0 trace - called modules:
08:39:05.132 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
08:39:05.148 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80072fb060]
08:39:05.148 3 CLASSPNP.SYS[fffff88001e9f43f] -> nt!IofCallDriver -> [0xfffffa80071a2c50]
08:39:05.148 5 iaStorF.sys[fffff88001bf5a88] -> nt!IofCallDriver -> \Device\00000076[0xfffffa8006645410]
08:39:05.382 AVAST engine scan C:\Windows
08:39:05.756 AVAST engine scan C:\Windows\system32
08:39:44.855 AVAST engine scan C:\Windows\system32\drivers
08:39:47.351 AVAST engine scan C:\Users\PECHY
08:39:57.446 AVAST engine scan C:\ProgramData
08:40:06.232 Disk 0 statistics 4542513/0/0 @ 88,15 MB/s
08:40:06.247 Scan finished successfully
08:40:57.380 Disk 0 MBR has been saved successfully to "C:\Users\PECHY\Desktop\MBR.dat"
08:40:57.380 The log file has been saved successfully to "C:\Users\PECHY\Desktop\aswMBR.txt"

Tak dne ráno zase vypadlo asi 2 minuty po spuštění...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36911
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod jaro3 » 15 kvě 2017 18:36

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 15 kvě 2017 21:52

Tak VLC občas prostě pořád vypadává no, možná to bude něčím jiným.

# DelFix v1.013 - Logfile created 15/05/2017 at 21:50:44
# Updated 17/04/2016 by Xplode
# Username : PECHY - PECHY-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\Users\PECHY\Desktop\hijackthis.exe
Deleted : C:\Users\PECHY\Downloads\hijackthis.exe
Deleted : C:\Users\PECHY\Downloads\OTC.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

########## - EOF - ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36911
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod jaro3 » 15 kvě 2017 22:08

vlc nemáš nainstalováno víc variant tohoto programu?

můžeš zkusit dočistit:
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 16 kvě 2017 22:20

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by PECHY (16-05-2017 22:17:36)
Running from C:\Users\PECHY\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-05-09 16:18:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-50467274-3595313862-2648565765-500 - Administrator - Disabled)
Guest (S-1-5-21-50467274-3595313862-2648565765-501 - Limited - Enabled)
PECHY (S-1-5-21-50467274-3595313862-2648565765-1000 - Administrator - Enabled) => C:\Users\PECHY

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Aktualizace NVIDIA 24.0.0.0 (Version: 24.0.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dead Space 3 Kompletní Edice (HKLM-x32\...\{DAFCE011-B674-4A72-BD05-489DFF691857}_is1) (Version: 1.0.0.0 - Electronic Arts)
Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hitman (HKLM-x32\...\Hitman_is1) (Version: - )
Killer Bandwidth Control Filter Driver (Version: 1.1.50.1073 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.50.1073 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.50.1073 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.50.1073 - Rivet Networks)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic: Heroes 7 (HKLM-x32\...\Might & Magic: Heroes 7_is1) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Golf Club - Collectors Edition (HKLM-x32\...\The Golf Club - Collectors Edition_is1) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.2.1 - GIGABYTE Technology Co.,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BDBFDE5-0EF2-44FB-B282-010979672A7C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {0EBCFE84-59D1-4A58-9AF1-7F9587463CB6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {19957585-41BF-46B4-A2EA-19F4B3C41A22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2669476F-221B-43F1-988D-3C0D7ED8479F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation)
Task: {26E59CF7-E7EB-4732-B5C0-7309F996D800} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2D65E5BA-131D-4F7C-9F91-64D326CFC862} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {30336689-21BF-4C86-A580-2DB930E338DC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {459E6BBB-F4CC-4E35-90AA-DF69102A224D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-20] (Adobe Systems Incorporated)
Task: {4B6B1C70-A7B1-44D0-9B3C-237F32DBAB4A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-07] (AVAST Software)
Task: {82C5384A-0578-4DD4-A53A-BB0E6B4D6F6D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A3700D85-4117-4524-B672-4FB6CAE4F2D3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation)
Task: {AC45E95B-F2C4-4305-871D-BBDAA0B79EE9} - System32\Tasks\SafeZone scheduled Autoupdate 1455036191 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {AD589DD7-4A82-4231-A478-0462451A84DF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {B60730C5-D54D-43DA-A260-39CD4E30F35D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B8235B43-022A-4316-BECE-7F9E0F488C8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {CEDCCDB1-1C7A-4109-ADA4-B0EB5D0C83DA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {D02F67D9-4E2C-4183-B8C1-49C8B151DECF} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-01-25] (GIGABYTE Technology Co.,Ltd.)
Task: {DCECB4C9-FC8A-4143-91E9-D8B366E1FA6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EF2035E8-606E-4096-A66B-E4D14D0F0A89} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-03-10 14:42 - 2017-04-26 07:40 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-07 03:53 - 2017-03-07 03:53 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-07 03:54 - 2017-03-07 03:54 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-05-12 20:58 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 20:58 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-03-07 03:54 - 2017-03-07 03:54 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-15 21:23 - 2017-05-15 21:23 - 06084088 _____ () C:\Program Files\AVAST Software\Avast\defs\17051512\algo.dll
2017-03-07 03:54 - 2017-03-07 03:54 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-16 15:29 - 2017-05-16 15:29 - 06084088 _____ () C:\Program Files\AVAST Software\Avast\defs\17051602\algo.dll
2017-03-10 14:47 - 2017-01-19 11:04 - 00225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll
2017-03-10 14:47 - 2017-01-19 11:04 - 00025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll
2016-09-26 15:29 - 2016-09-26 15:29 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-07 03:53 - 2017-03-07 03:53 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-10 14:42 - 2017-04-26 07:40 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-10 14:42 - 2017-04-26 07:39 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-03-10 14:42 - 2017-04-26 07:03 - 02442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-03-10 14:42 - 2017-04-26 07:03 - 00361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-03-10 14:42 - 2017-04-26 07:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-03-10 14:42 - 2017-04-26 07:03 - 00384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-03-10 14:42 - 2017-04-26 07:03 - 00467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-03-10 14:42 - 2017-04-26 07:03 - 00572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-05-11 21:53 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-50467274-3595313862-2648565765-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PECHY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{5AD61F7C-F04C-4309-A869-459370BF9542}C:\users\pechy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pechy\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9D14303B-AD20-4884-A5BD-0646C532CFB1}C:\users\pechy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pechy\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{42DE0915-2511-4FD2-B881-5953D77BF35C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A49369B9-3784-4B70-9D82-B34463CB970B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{20CE22C0-A4F3-4A5A-9EF1-42E332C82639}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1A60934F-1B44-44F4-9D7F-6A8251D37EDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8E37CBEA-EA11-458A-8039-F1475FB7BC65}] => (Allow) C:\Users\PECHY\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{C3A8F7C2-DC7F-4739-8174-2FC90D08C932}] => (Allow) C:\Users\PECHY\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{B4532023-5583-4ED3-9492-1C126D2C09D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{92309D76-E5BA-4841-AC85-1F8AFB14468B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FE652E59-D99D-4AE7-9F25-B1768CECDFF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1259D334-1EB0-49A6-9855-8E2057DDAA00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC13C8B2-5A05-4BB9-86A9-BBE914D129D2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6B00B899-1A63-4CF8-A8A3-BE0FD04EB97A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{E5F120E0-15E6-4B2B-AFA3-73DEBBA13880}] => (Allow) G:\Virtua Tennis 4\VT4.exe
FirewallRules: [{D95EF6F6-9C70-429A-8109-CDD210F2722E}] => (Allow) G:\Virtua Tennis 4\VT4.exe
FirewallRules: [TCP Query User{9ECCF816-1A21-45FA-B504-56A303F18784}G:\games\might & magic - heroes 7\binaries\win64\mmh7game-win64-shipping.exe] => (Block) G:\games\might & magic - heroes 7\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [UDP Query User{52AC16DD-AB13-458B-9023-EA76C368DFF8}G:\games\might & magic - heroes 7\binaries\win64\mmh7game-win64-shipping.exe] => (Block) G:\games\might & magic - heroes 7\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [{5E6D8496-1954-433C-87D9-3BA840EF44A9}] => (Block) G:\Games\Might & Magic - Heroes 7\Binaries\Win64\MMH7Game-Win64-Shipping.exe
FirewallRules: [{8860C17F-B5B1-44D9-9BB8-C433D8CF9947}] => (Block) G:\Games\Might & Magic - Heroes 7\Binaries\Win64\MMH7Game-Win64-Shipping.exe
FirewallRules: [{395DF5F8-AE6A-4E9D-A82D-E15BE1E4F4E3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{07854FC1-5F4B-4284-A7F8-EC0E31A881AB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{0B8C736E-BB29-40F7-91AC-D48A97CD1DFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1CC43338-2038-4C96-B36A-E144967BC279}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{0D68948C-4112-4B93-81CC-0D799FF9301C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
FirewallRules: [{0203A3EB-555D-45DA-9F7A-C16A987F29C4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{73B8250C-5D47-4B25-9F59-B84C2E996801}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
FirewallRules: [{BA36C2E3-7534-4F24-A48C-B3D4BD1F6B1C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{F7F8936B-E2A3-4695-AEF0-956E6472DD79}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
FirewallRules: [{EA61C807-5E72-463B-B8D6-FC306651A522}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

10-05-2017 14:58:11 Revo Uninstaller's restore point - Zemana AntiMalware
10-05-2017 14:59:46 Revo Uninstaller's restore point - Sophos Virus Removal Tool
12-05-2017 08:31:13 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2017 11:38:51 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/16/2017 11:28:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/15/2017 09:48:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/15/2017 09:31:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2017 09:21:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/14/2017 10:30:18 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/14/2017 10:20:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/13/2017 07:23:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/13/2017 09:15:06 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/13/2017 09:04:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (05/16/2017 07:24:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (05/16/2017 07:24:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (05/16/2017 07:24:03 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (05/16/2017 07:24:03 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk3\DR3.

Error: (05/16/2017 11:28:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (05/16/2017 11:28:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/15/2017 09:48:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (05/15/2017 09:48:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/15/2017 09:21:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (05/15/2017 09:21:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MBAMChameleon neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
Date: 2017-05-11 21:52:51.555
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-11 21:52:51.524
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 34%
Total physical RAM: 8119.93 MB
Available physical RAM: 5338.04 MB
Total Virtual: 16238.05 MB
Available Virtual: 13041.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:19.2 GB) NTFS
Drive d: (Filmy & Hudba) (Fixed) (Total:298.09 GB) (Free:145.31 GB) NTFS
Drive f: (VT4) (CDROM) (Total:2.77 GB) (Free:0 GB) CDFS
Drive g: (Data) (Fixed) (Total:931.51 GB) (Free:231.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 61E95CE1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A6328A24)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C600C600)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 16 kvě 2017 22:21

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by PECHY (administrator) on PECHY-PC (16-05-2017 22:17:20)
Running from C:\Users\PECHY\Downloads
Loaded Profiles: PECHY (Available Profiles: PECHY)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-02-16] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-07] (AVAST Software)
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-07] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-05-09]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\Users\PECHY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-05-16]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4B5B67F5-336E-4DFA-9431-BB7DC9CF296E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-50467274-3595313862-2648565765-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-07] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-07] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> G:\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-50467274-3595313862-2648565765-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-01-24] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default [2017-05-16]
CHR Extension: (Prezentace Google) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-10]
CHR Extension: (Dokumenty Google) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-10]
CHR Extension: (Disk Google) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-10]
CHR Extension: (YouTube) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-10]
CHR Extension: (Adobe Acrobat) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-10]
CHR Extension: (Tabulky Google) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-10]
CHR Extension: (AdBlock) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-11]
CHR Extension: (Avast Online Security) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-10]
CHR Extension: (Gmail) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-10]
CHR Extension: (Chrome Media Router) - C:\Users\PECHY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-07] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [386560 2015-02-05] (Rivet Networks) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-04-26] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-07] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [100400 2015-01-29] (Rivet Networks, LLC.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-10-10] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-10] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-10] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2015-12-22] ()
S3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [125488 2015-11-10] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\Windows\System32\DRIVERS\e2xw7x64.sys [134296 2016-04-14] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2017-05-08] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-04-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-12-22] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-10-10] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-10-10] (Samsung Electronics Co., Ltd.)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-16 22:17 - 2017-05-16 22:17 - 00017995 _____ C:\Users\PECHY\Downloads\FRST.txt
2017-05-16 22:17 - 2017-05-16 22:17 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-16 22:17 - 2017-05-16 22:17 - 00000000 ____D C:\FRST
2017-05-16 22:16 - 2017-05-16 22:17 - 02429952 _____ (Farbar) C:\Users\PECHY\Downloads\FRST64.exe
2017-05-15 19:46 - 2017-05-15 19:46 - 00797760 _____ C:\Users\PECHY\Downloads\delfix_1.013 (1).exe
2017-05-14 23:58 - 2017-05-14 23:58 - 00173434 _____ C:\Users\PECHY\Downloads\[CzT]Pirati_z_Karibiku_1_4_Pirates_of_the_Caribbean_1_4_2003_2011_720p_.torrent
2017-05-14 22:32 - 2017-05-14 22:32 - 00014508 _____ C:\Users\PECHY\Downloads\[CzT]Divadlo_Jary_Cimrmana_Posel_z_Liptakova.torrent
2017-05-11 21:49 - 2017-05-11 21:53 - 00000000 ____D C:\Windows\erdnt
2017-05-10 20:45 - 2017-05-15 21:50 - 00000571 _____ C:\DelFix.txt
2017-05-10 20:43 - 2017-05-10 20:43 - 00797760 _____ C:\Users\PECHY\Downloads\delfix_1.013.exe
2017-05-10 14:53 - 2017-05-10 15:02 - 00000000 ____D C:\Users\PECHY\AppData\Local\CrashDumps
2017-05-10 14:46 - 2017-05-10 14:47 - 00000000 ____D C:\Users\PECHY\Desktop\Životopisy a výpovědi
2017-05-10 14:46 - 2017-05-10 14:46 - 00000000 ____D C:\Users\PECHY\AppData\Local\Adobe
2017-05-10 14:42 - 2017-05-10 15:16 - 00081611 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-10 14:42 - 2017-05-10 14:59 - 00000000 ____D C:\Users\PECHY\AppData\Local\Zemana
2017-05-10 14:42 - 2017-05-10 14:58 - 00041494 _____ C:\Windows\ZAM.krnl.trace
2017-05-10 14:42 - 2017-05-10 14:42 - 05774688 _____ (Zemana Ltd. ) C:\Users\PECHY\Downloads\Zemana.AntiMalware.Setup.exe
2017-05-10 12:57 - 2017-05-10 12:44 - 00024064 _____ C:\Windows\zoek-delete.exe
2017-05-10 10:52 - 2017-05-10 10:52 - 00038358 _____ C:\Users\PECHY\Downloads\Hlinkova_20170510_084236 (1).pdf
2017-05-10 10:46 - 2017-05-10 10:46 - 00038358 _____ C:\Users\PECHY\Downloads\Hlinkova_20170510_084236.pdf
2017-05-10 10:43 - 2017-04-28 03:14 - 05547240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 10:43 - 2017-04-28 03:14 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-05-10 10:43 - 2017-04-28 03:14 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-05-10 10:43 - 2017-04-28 03:14 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-05-10 10:43 - 2017-04-28 03:14 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-05-10 10:43 - 2017-04-28 03:11 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-05-10 10:43 - 2017-04-28 03:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 03:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:36 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 10:43 - 2017-04-28 02:36 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 10:43 - 2017-04-28 02:34 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:19 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 10:43 - 2017-04-28 02:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-05-10 10:43 - 2017-04-28 02:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 10:43 - 2017-04-28 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-05-10 10:43 - 2017-04-28 02:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-05-10 10:43 - 2017-04-28 02:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-05-10 10:43 - 2017-04-28 02:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 10:43 - 2017-04-28 02:11 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 10:43 - 2017-04-28 02:11 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 10:43 - 2017-04-28 02:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-05-10 10:43 - 2017-04-28 02:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-05-10 10:43 - 2017-04-28 02:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-05-10 10:43 - 2017-04-28 02:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-05-10 10:43 - 2017-04-28 02:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 10:43 - 2017-04-28 02:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-05-10 10:43 - 2017-04-28 02:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-05-10 10:43 - 2017-04-28 02:07 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 10:43 - 2017-04-28 02:07 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:07 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 10:43 - 2017-04-28 02:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 10:43 - 2017-04-26 16:59 - 03220992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 10:43 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-05-10 10:43 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-05-10 10:43 - 2017-04-20 02:00 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 10:43 - 2017-04-20 01:16 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 10:43 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 10:43 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 10:43 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 10:43 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-05-10 10:43 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-05-10 10:43 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 10:43 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 10:43 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-05-10 10:43 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-05-10 10:43 - 2017-04-16 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-05-10 10:43 - 2017-04-16 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-05-10 10:43 - 2017-04-16 10:57 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-05-10 10:43 - 2017-04-16 10:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-05-10 10:43 - 2017-04-16 10:55 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-05-10 10:43 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 10:43 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 10:43 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 10:43 - 2017-04-16 10:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-05-10 10:43 - 2017-04-16 10:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-05-10 10:43 - 2017-04-16 10:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-05-10 10:43 - 2017-04-16 10:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-05-10 10:43 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 10:43 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 10:43 - 2017-04-16 10:36 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-05-10 10:43 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 10:43 - 2017-04-16 10:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 10:43 - 2017-04-16 10:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-05-10 10:43 - 2017-04-16 10:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-05-10 10:43 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 10:43 - 2017-04-16 10:11 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 10:43 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 10:43 - 2017-04-16 10:09 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-05-10 10:43 - 2017-04-16 10:04 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-05-10 10:43 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 10:43 - 2017-04-16 10:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-05-10 10:43 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 10:43 - 2017-04-16 10:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-05-10 10:43 - 2017-04-16 10:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 10:43 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 10:43 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 10:43 - 2017-04-16 09:57 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-05-10 10:43 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 10:43 - 2017-04-16 09:52 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 10:43 - 2017-04-16 09:52 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-05-10 10:43 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 10:43 - 2017-04-16 09:48 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-05-10 10:43 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 10:43 - 2017-04-16 09:47 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 10:43 - 2017-04-16 09:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 10:43 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 10:43 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 10:43 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 10:43 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 10:43 - 2017-04-16 09:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-05-10 10:43 - 2017-04-16 09:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 10:43 - 2017-04-16 09:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 10:43 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 10:43 - 2017-04-16 09:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-05-10 10:43 - 2017-04-16 09:25 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-05-10 10:43 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 10:43 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 10:43 - 2017-04-16 09:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-05-10 10:43 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 10:43 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 10:43 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 10:43 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 10:43 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 10:43 - 2017-04-16 09:08 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 10:43 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 10:43 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 10:43 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 10:43 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 10:43 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 10:43 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 10:43 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 10:43 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 10:43 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-05-10 10:43 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-05-10 10:43 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-05-10 10:43 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-05-10 10:43 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 10:43 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 10:43 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 10:43 - 2017-04-07 17:34 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 10:43 - 2017-04-07 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 10:43 - 2017-04-07 17:30 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 10:43 - 2017-04-07 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-05-10 10:43 - 2017-04-07 17:22 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 10:43 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 10:43 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 10:43 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-05-10 10:43 - 2017-04-04 17:34 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-05-10 10:43 - 2017-04-04 17:34 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-05-10 10:43 - 2017-04-04 17:34 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-05-10 10:43 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-05-10 10:43 - 2017-04-04 16:53 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-05-09 23:59 - 2017-05-10 10:57 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-05-09 23:59 - 2017-05-10 00:12 - 00000000 ____D C:\ProgramData\RogueKiller
2017-05-09 22:14 - 2017-05-09 22:14 - 166211496 _____ (Sophos Limited) C:\Users\PECHY\Downloads\Sophos Virus Removal Tool.exe
2017-05-09 21:45 - 2017-05-09 21:45 - 00012066 _____ C:\Users\PECHY\Downloads\[CzT]Zastav_a_neprezijes_Crank.torrent
2017-05-09 20:52 - 2017-05-09 20:52 - 60107896 _____ (Malwarebytes ) C:\Users\PECHY\Downloads\mb3-setup-consumer-3.0.6.1469-10103 (1).exe
2017-05-09 20:45 - 2017-05-09 20:45 - 00000000 ____D C:\Users\PECHY\AppData\Local\CEF
2017-05-09 20:41 - 2017-05-09 20:41 - 00050688 _____ (Atribune.org) C:\Users\PECHY\Downloads\ATF-Cleaner.exe
2017-05-08 10:20 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-05-08 10:18 - 2017-05-02 00:32 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 35348600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 16434624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 14270072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-05-08 10:18 - 2017-05-02 00:32 - 13401256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 10547624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 09245560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 08805416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 03432896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 03012032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 01053816 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00507504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-05-08 10:18 - 2017-05-02 00:32 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-05-08 10:10 - 2017-05-08 10:10 - 00824848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2017-05-08 10:10 - 2017-05-08 10:10 - 00199760 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2017-05-03 08:38 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-05-03 08:38 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-05-03 08:38 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-05-03 08:38 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-05-03 08:38 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-05-03 08:38 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-05-03 08:38 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-05-03 08:38 - 2017-03-09 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-05-03 08:38 - 2017-03-09 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-05-02 20:16 - 2017-05-02 20:16 - 00061879 _____ C:\Users\PECHY\Downloads\[CzT]Bylo_nebylo_Once_Upon_a_Time_4_serie_CZ_TvRip_.torrent
2017-05-01 12:40 - 2017-05-10 14:46 - 00000000 ____D C:\Users\PECHY\Desktop\Červená skříńka kuchyň
2017-05-01 10:26 - 2017-05-01 10:28 - 17866872 _____ (IObit ) C:\Users\PECHY\Downloads\driver_booster_setup.exe
2017-04-30 10:34 - 2017-04-30 10:39 - 60107896 _____ (Malwarebytes ) C:\Users\PECHY\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-29 22:03 - 2017-04-29 22:03 - 00039811 _____ C:\Users\PECHY\Downloads\[CzT]Osm_hroznych_The_Hateful_Eight_2015_720pHD_.torrent
2017-04-29 22:00 - 2017-04-29 22:00 - 00026341 _____ C:\Users\PECHY\Downloads\[CzT]Zhasni_a_zemres_Lights_Out_2016_CZ_EN_720pHD_.torrent
2017-04-29 16:22 - 2017-04-29 16:22 - 09390672 _____ (Piriform Ltd) C:\Users\PECHY\Downloads\ccsetup529.exe
2017-04-29 16:20 - 2017-04-29 16:21 - 00309356 _____ (Piriform Ltd) C:\Users\PECHY\Downloads\Nepotvrzeno 505969.crdownload
2017-04-26 10:21 - 2017-04-20 03:57 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438189.dll
2017-04-26 10:21 - 2017-04-20 03:57 - 01589880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438189.dll
2017-04-25 22:07 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-04-25 22:07 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-04-25 22:07 - 2017-03-28 05:32 - 00047552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-04-25 08:53 - 2017-04-25 08:53 - 00219058 _____ C:\Users\PECHY\Downloads\rozpočet Pechal Ukrajinská 14.xlsx
2017-04-24 19:57 - 2017-04-24 19:57 - 00021203 _____ C:\Users\PECHY\Downloads\[CzT]Andele_vsedniho_dne_2014_CZ_ (1).torrent
2017-04-24 19:07 - 2017-04-24 19:07 - 00015001 _____ C:\Users\PECHY\Downloads\[CzT]Andele_vsedniho_dne_2014_CZ_.torrent
2017-04-24 19:04 - 2017-04-24 19:04 - 00017870 _____ C:\Users\PECHY\Downloads\[CzT]Zmizeni_Prisoners_2013_CZ_.torrent
2017-04-21 22:44 - 2017-04-21 22:44 - 00000000 ____D C:\Users\PECHY\Documents\CPY_SAVES
2017-04-21 19:29 - 2017-04-21 19:29 - 00000413 _____ C:\Users\Public\Desktop\Hitman.lnk
2017-04-20 16:51 - 2017-04-20 16:51 - 00015869 _____ C:\Users\PECHY\Downloads\444B8F7E0552739B5C4F0152E5A421A12103FF8F.torrent
2017-04-20 16:40 - 2017-04-20 16:40 - 00056833 _____ C:\Users\PECHY\Downloads\E3E8DAFF7799586102736FF4BE7EAAA5FAC0709F.torrent

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 16 kvě 2017 22:21

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-16 21:39 - 2015-05-10 01:30 - 00000000 ____D C:\Users\PECHY\AppData\Roaming\uTorrent
2017-05-16 19:27 - 2010-11-21 11:27 - 00672122 _____ C:\Windows\system32\perfh005.dat
2017-05-16 19:27 - 2010-11-21 11:27 - 00142810 _____ C:\Windows\system32\perfc005.dat
2017-05-16 19:27 - 2009-07-14 07:13 - 01593322 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-16 19:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-16 18:52 - 2015-05-10 14:11 - 00000000 ____D C:\Users\PECHY\AppData\Roaming\vlc
2017-05-16 12:25 - 2015-05-09 20:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-16 11:40 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-16 11:40 - 2009-07-14 06:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-16 11:29 - 2017-03-10 14:47 - 00003322 _____ C:\Windows\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE
2017-05-16 11:28 - 2017-03-10 14:47 - 00000000 ____D C:\Users\PECHY\Documents\temp
2017-05-16 11:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-15 10:34 - 2017-04-07 14:08 - 00000000 ____D C:\Users\PECHY\Desktop\Autobar
2017-05-12 20:58 - 2015-05-09 19:08 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 20:58 - 2015-05-09 19:08 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-12 08:34 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2017-05-10 14:52 - 2015-05-09 19:01 - 01568036 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-10 14:45 - 2015-05-09 18:18 - 00000000 ____D C:\Users\PECHY\AppData\Local\VirtualStore
2017-05-10 14:42 - 2015-05-09 18:18 - 00000000 ____D C:\Users\PECHY
2017-05-10 13:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-05-10 12:42 - 2009-07-14 06:45 - 00433288 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-10 12:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 10:46 - 2015-05-09 19:51 - 00000000 ____D C:\Windows\system32\MRT
2017-05-10 10:44 - 2015-05-09 19:51 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-09 22:16 - 2015-05-10 14:12 - 00000000 ____D C:\Users\PECHY\AppData\LocalLow\IObit
2017-05-08 10:20 - 2017-03-10 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-08 10:20 - 2016-03-17 15:02 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-08 10:20 - 2015-05-09 20:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-08 10:11 - 2017-03-10 14:42 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-08 10:11 - 2017-03-10 14:42 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-08 10:11 - 2015-05-09 20:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-08 10:11 - 2015-05-09 20:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-08 10:10 - 2016-11-04 09:03 - 00002274 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-05-07 18:54 - 2015-05-10 14:32 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-02 00:32 - 2017-04-07 12:56 - 17423240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-05-02 00:32 - 2017-03-04 20:01 - 28592760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-02 00:32 - 2017-03-04 20:01 - 03592312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-02 00:32 - 2017-01-04 16:05 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-05-02 00:32 - 2015-02-20 01:18 - 20063696 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-05-02 00:32 - 2015-02-20 01:18 - 04075936 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-02 00:32 - 2015-02-20 01:18 - 00042897 _____ C:\Windows\system32\nvinfo.pb
2017-05-01 22:52 - 2017-02-10 13:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-01 22:51 - 2015-12-22 17:22 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-01 22:51 - 2015-12-22 17:22 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2015-05-09 20:40 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-01 22:51 - 2015-05-09 20:40 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-01 22:51 - 2015-05-09 20:40 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-01 22:51 - 2015-05-09 20:40 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-01 22:51 - 2015-05-09 20:40 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-05-01 10:44 - 2016-11-04 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-04-30 22:11 - 2016-11-21 10:29 - 00001078 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-30 22:11 - 2015-05-09 22:34 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-30 10:50 - 2015-05-10 14:12 - 00000000 ____D C:\ProgramData\IObit
2017-04-29 16:20 - 2016-02-06 22:21 - 00000000 ____D C:\Windows\Minidump
2017-04-29 16:20 - 2015-05-10 13:57 - 00000000 ____D C:\Users\PECHY\AppData\Roaming\DAEMON Tools Lite
2017-04-27 19:15 - 2015-05-09 19:08 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-27 19:15 - 2015-05-09 19:08 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 07:40 - 2017-03-10 14:42 - 01882048 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-04-26 07:40 - 2017-03-10 14:42 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-04-26 07:40 - 2017-03-10 14:42 - 01472960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-04-26 07:40 - 2017-03-10 14:42 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-04-26 07:40 - 2017-03-10 14:42 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-04-26 07:03 - 2017-04-07 12:59 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-25 23:11 - 2015-05-09 20:40 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-04-21 22:44 - 2015-05-10 14:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-04-21 17:42 - 2015-09-18 11:28 - 00000000 ____D C:\Users\PECHY\Documents\Vlastní šablony Office
2017-04-21 16:33 - 2016-11-21 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-20 13:58 - 2015-05-10 15:36 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-20 13:58 - 2015-05-10 15:36 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-20 13:58 - 2015-05-10 15:36 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-20 13:58 - 2015-05-10 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-20 13:58 - 2015-05-10 15:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-19 10:44 - 2009-07-14 07:08 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-05-09 19:00 - 2015-05-09 19:00 - 0000000 _____ () C:\Users\PECHY\AppData\Local\Driver_LOM_8161Present.flag
2015-05-10 14:20 - 2015-05-10 14:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-14 22:52

==================== End of FRST.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36911
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod jaro3 » 16 kvě 2017 23:15

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {19957585-41BF-46B4-A2EA-19F4B3C41A22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DCECB4C9-FC8A-4143-91E9-D8B366E1FA6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-50467274-3595313862-2648565765-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:111.69 GB) (Free:19.2 GB) NTFS
možná uvolnit volné místo na syst. disku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
PECHY15
Level 2.5
Level 2.5
Příspěvky: 399
Registrován: červenec 07
Bydliště: Milín
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod PECHY15 » 17 kvě 2017 08:34

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by PECHY (17-05-2017 08:31:27) Run:1
Running from C:\Users\PECHY\Desktop
Loaded Profiles: PECHY (Available Profiles: PECHY)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Task: {19957585-41BF-46B4-A2EA-19F4B3C41A22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DCECB4C9-FC8A-4143-91E9-D8B366E1FA6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-50467274-3595313862-2648565765-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{19957585-41BF-46B4-A2EA-19F4B3C41A22} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19957585-41BF-46B4-A2EA-19F4B3C41A22} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCECB4C9-FC8A-4143-91E9-D8B366E1FA6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCECB4C9-FC8A-4143-91E9-D8B366E1FA6E} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-50467274-3595313862-2648565765-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8852632 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 13744 B
Edge => 0 B
Chrome => 338205979 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 33058 B
LocalService => 33125 B
NetworkService => 0 B
PECHY => 12670797 B

RecycleBin => 0 B
EmptyTemp: => 351.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:31:31 ====

Bylo by to lepší no, jenže vubec nevim jak je možné, že se mi to SSd tak zaplnilo ikdyž tam je jen windows a systemove programy co potřebuju.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36911
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu prosím

Příspěvekod jaro3 » 17 kvě 2017 16:42

možná to zaplňují body obnovy , system volume information.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Brandwatch [Bot], CommonCrawl [Bot] a 4 hosti