Podzimní preventivní prohlídka

behavioralista · Příspěvekod **behavioralista** » 04 lis 2015 09:41

Delfix log:
# DelFix v1.011 - Logfile created 04/11/2015 at 09:40:40
# Updated 18/08/2015 by Xplode
# Username : CZC Počítač - CZCPOČÍTAČ-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #452 [Windows Update | 10/27/2015 13:03:05]
Deleted : RP #453 [Windows Update | 11/01/2015 09:56:38]
Deleted : RP #454 [JRT Pre-Junkware Removal | 11/03/2015 17:20:16]
Deleted : RP #455 [zoek.exe restore point | 11/03/2015 17:55:42]

New restore point created !

########## - EOF - ##########

Reklama

behavioralista · Příspěvekod **behavioralista** » 04 lis 2015 09:42

Brutálně zpomalený internet + žlutý trojúhelník u ikony vpravo na liště.Ale to se začalo objevovat po aplikaci RogueKilleru a restartu PC.

Příspěvekod **Orcus** » 04 lis 2015 11:34

U jaký ikony? Nemáme křišťálovou kouli. ;-)

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

behavioralista · Příspěvekod **behavioralista** » 04 lis 2015 16:56

Jo,myslel jsem u ikonky internetu.Šak než se dostanu na net tak to trvá aspoň deset minut.
Zde log ComboFix:
ComboFix 15-10-28.01 - CZC Počítač 04.11.2015 13:03:12.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8130.6265 [GMT 1:00]
Spuštěný z: c:\users\CZC Počítač\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-04 do 2015-11-04 )))))))))))))))))))))))))))))))
.
.
2015-11-04 12:05 . 2015-11-04 12:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-04 12:05 . 2015-11-04 12:05 -------- d-----w- c:\users\CZCPOT~2\AppData\Local\temp
2015-11-04 12:05 . 2015-11-04 12:05 -------- d-----w- c:\users\CZC Počítač\AppData\Local\temp
2015-11-03 18:04 . 2015-11-03 17:55 24064 ----a-w- c:\windows\zoek-delete.exe
2015-11-03 18:02 . 2015-11-03 18:04 -------- d-----w- C:\zoek
2015-11-03 17:42 . 2015-11-03 17:43 -------- d-----w- c:\users\CZC Počítač\AppData\Local\CrashDumps
2015-11-03 11:53 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18E85B27-FBE1-400C-B8FE-2F05202A504F}\mpengine.dll
2015-10-29 14:53 . 2015-10-29 15:08 -------- d-----w- c:\users\CZC Počítač\AppData\Local\Ori and the Blind Forest
2015-10-21 10:51 . 2015-10-21 10:51 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2015-10-18 14:50 . 2015-10-18 14:50 -------- d-----w- c:\users\CZC Počítač\AppData\Local\Electronic Arts
2015-10-14 17:32 . 2015-09-29 03:16 5569472 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-14 17:31 . 2015-07-18 13:08 984448 ----a-w- c:\windows\system32\ucrtbase.dll
2015-10-14 14:39 . 2015-10-14 14:39 -------- d-----w- c:\programdata\vsosdk
2015-10-14 14:28 . 2015-10-14 14:28 -------- d-----w- c:\users\CZC Počítač\AppData\Roaming\DVDFab9
2015-10-13 11:45 . 2005-07-16 00:35 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2015-10-13 11:45 . 2003-03-18 20:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2015-10-13 11:45 . 2003-02-21 02:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-03 18:16 . 2015-08-06 17:58 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-11-03 14:44 . 2014-07-05 17:56 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-14 17:36 . 2014-03-15 06:15 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-12 03:05 . 2014-06-03 08:46 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:05 . 2014-03-14 11:58 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:04 . 2014-06-03 08:46 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2014-03-14 11:58 1710752 ----a-w- c:\windows\system32\nvspcap64.dll
2015-10-10 16:10 . 2014-05-15 14:38 4218 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2015-10-05 08:50 . 2014-07-05 17:56 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2014-07-05 17:56 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 08:50 . 2014-03-14 12:13 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-01 11:59 . 2015-09-27 09:50 29392 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2015-09-29 02:58 . 2015-10-14 17:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-25 13:07 . 2015-09-25 13:07 27552 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2015-09-25 12:47 . 2014-03-14 12:40 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-25 12:47 . 2014-03-14 12:40 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-25 12:37 . 2015-09-25 12:37 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-25 12:37 . 2014-05-01 09:55 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-25 12:37 . 2014-03-14 11:51 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-09-25 12:37 . 2014-03-14 11:51 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-25 12:37 . 2014-03-14 11:51 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-25 12:37 . 2014-03-14 11:51 448968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-25 12:37 . 2014-03-14 11:51 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-25 12:37 . 2014-03-14 11:51 153744 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-09-25 12:37 . 2015-09-25 12:37 43112 ----a-w- c:\windows\avastSS.scr
2015-09-25 12:37 . 2014-03-14 11:51 1049880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-15 18:11 . 2015-10-14 17:32 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-14 17:32 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-13 08:57 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-13 08:57 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-13 08:57 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-13 08:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-13 08:57 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-13 08:57 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-13 08:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-13 08:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-13 08:57 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-13 08:57 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-13 08:57 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-13 08:57 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-13 08:57 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-13 08:57 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-13 08:57 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-13 08:57 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-13 08:57 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-13 08:57 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-13 08:57 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-23 07:05 . 2014-11-21 19:01 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-08-23 07:05 . 2014-09-03 15:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-08-22 14:33 . 2014-09-03 15:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-08-11 04:52 . 2015-08-24 18:05 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-08-11 04:52 . 2015-08-24 18:05 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-08-11 04:52 . 2014-03-12 07:44 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="d:\avast free antivirus\AvastUI.exe" [2015-09-25 6134544]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - d:\arcsoftware\TMMonitor.exe [2015-10-13 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;d:\malwarebytes antimalware\Malwarebytes Anti-Malware\mbamservice.exe;d:\malwarebytes antimalware\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 DIRECTIO;DIRECTIO;c:\performancetest\DirectIo64.sys;c:\performancetest\DirectIo64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;d:\live update\NTIOLib_X64.sys;d:\live update\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;d:\origin\OriginClientService.exe;d:\origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS;c:\windows\SYSNATIVE\DRIVERS\TVICHW32.SYS [x]
R3 TVICHW64;TVICHW64;c:\windows\SysWOW64\Drivers\TVICHW64.SYS;c:\windows\SysWOW64\Drivers\TVICHW64.SYS [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-23 10:43 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14 12:47]
.
2015-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30 08:33]
.
2015-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30 08:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-25 12:37 780616 ----a-w- d:\avast free antivirus\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-12-11 7666392]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - d:\office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - d:\excel2~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\CZC Počítač\AppData\Roaming\Mozilla\Firefox\Profiles\oxomze9t.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Crysis WARHEAD(R) - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{7353BAE6-5E49-46C4-A9B5-8A269A313789} - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-207758930-3829721579-1519529356-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:00,e4,d0,13,ef,ed,da,44,5f,5b,44,08,c0,69,ef,6a,06,55,85,28,03,1b,66,
fc,d9,c8,b9,20,07,2c,28,1c,dd,04,23,f6,7a,8d,72,4a,3c,d6,85,62,04,2e,74,e1,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-207758930-3829721579-1519529356-1001\Software\SecuROM\License information*]
"datasecu"=hex:02,c7,be,7a,38,af,12,9e,7c,98,47,59,42,24,21,75,b0,60,84,02,ad,
c1,64,3e,54,4c,bc,80,be,6f,45,b8,05,ad,6c,1b,b8,90,bb,ad,f2,8e,5d,fb,04,35,\
"rkeysecu"=hex:04,b7,f8,d9,3b,35,52,8a,28,b0,5f,28,3d,df,ca,43
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-11-04 13:06:28
ComboFix-quarantined-files.txt 2015-11-04 12:06
.
Před spuštěním: Volných bajtů: 79 703 572 480
Po spuštění: Volných bajtů: 79 485 272 064
.
- - End Of File - - 2DCEBA0C2DD18802C80B20A4F1AC6E93
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 04 lis 2015 18:19

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate
cpuz136

RegLock::
[HKEY_USERS\S-1-5-21-207758930-3829721579-1519529356-1001\Software\SecuROM\License information*]
"datasecu"=hex:02,c7,be,7a,38,af,12,9e,7c,98,47,59,42,24,21,75,b0,60,84,02,ad,
 c1,64,3e,54,4c,bc,80,be,6f,45,b8,05,ad,6c,1b,b8,90,bb,ad,f2,8e,5d,fb,04,35,\
"rkeysecu"=hex:04,b7,f8,d9,3b,35,52,8a,28,b0,5f,28,3d,df,ca,43
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:49

Při dokončení práce Combofixu vyskočili tři okna Unable to System restoration nebo co.Bylo nutné to odkliknout NE aby se PC restartoval.
Zde log ComboFix:
ComboFix 15-10-28.01 - CZC Počítač 05.11.2015 11:34:25.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8130.5674 [GMT 1:00]
Spuštěný z: c:\users\CZC Počítač\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\CZC Počítač\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.28.15\goopdate.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{075074CF-A1FE-42B3-B2D5-4FA8F3F1BD3F}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{38FF840E-B7FA-4732-8EDB-59FD9BCAAE3D}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{49392EE3-A564-4AFC-87A3-AC9E92BB533E}\44.0.2403.130_44.0.2403.125_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{4BDEA92D-1E4D-4CB0-9C51-D6BB5E8E8AF1}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{53A340FE-09AF-4B97-804A-3CBBC6068177}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{64167C1F-D5A6-4CB9-B534-65C80DE680DE}\44.0.2403.157_44.0.2403.155_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{71AFFBA1-B144-4D8E-A175-1AAAA0238DE3}\44.0.2403.155_44.0.2403.130_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{7A86E33A-BB6D-4B08-BAD5-28D83F5853F1}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{7B578064-840E-461B-B5C8-10E93B4BA75D}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{841FB2B9-565C-4DCF-A87C-4B5CAA8E9894}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{8439D6A5-E1F9-45C1-8D43-42782922C48B}\44.0.2403.125_44.0.2403.107_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{86F2EB0D-1A14-4BE4-9693-77CAA91CD505}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{8F9D32DE-3C37-43D2-B3F6-37708A52B8E5}\42.0.2311.90_41.0.2272.118_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{95836A7D-6C28-4506-A24C-863E66022EEF}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{99635B4B-BF30-4D02-8700-F9C8BB442C09}\44.0.2403.107_44.0.2403.89_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{99829771-FD18-4FAE-A3F2-9646BBD0683B}\44.0.2403.89_43.0.2357.134_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{9A74FD41-DA65-49E9-8E9F-94A94C127A5C}\45.0.2454.101_45.0.2454.99_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{BDFE1A38-0359-411E-8582-72D51B12C522}\43.0.2357.134_43.0.2357.132_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{BE342F02-3F4F-4F9A-B339-A9467C08EB69}\46.0.2490.71_45.0.2454.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{CB8AE787-454F-417F-B7FE-283A435CE843}\45.0.2454.99_45.0.2454.93_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{D2B609DD-BFCC-4C0E-9ACA-9A9BB3D8C52F}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{D4542122-02A1-473A-9D5F-3CF9221FE5D7}\43.0.2357.132_43.0.2357.130_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{DDFB2890-230B-4BAA-B7D2-D2F35CEC6D6B}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{DE10764F-744F-4DA8-954D-179DDA27A4DB}\45.0.2454.93_45.0.2454.85_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{EF7DECD3-CD35-467E-85C7-8C4AB490A1B4}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{F016E271-676B-4473-A622-F09D1F844B1F}\43.0.2357.130_43.0.2357.124_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{F3362298-B317-4DE9-AA28-21D1D5002266}\46.0.2490.80_46.0.2490.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{F6206C9C-26F8-4816-A521-FB5E5989A0AE}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{FB49E33B-26F3-4DDA-A785-F1BB66B5BDFA}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{FD0BEEAF-6487-40A5-9E21-7563BCED8120}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{FDD17F6A-B684-413B-8A6D-3186E80F6A8C}\45.0.2454.85_44.0.2403.157_chrome_updater.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ136
-------\Service_cpuz136
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-05 do 2015-11-05 )))))))))))))))))))))))))))))))
.
.
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\CZCPOT~2\AppData\Local\temp
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\CZC Poźˇtaź\AppData\Local\temp
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\CZC PoŔÝtaŔ\AppData\Local\temp
2015-11-05 10:36 . 2015-11-05 10:36 -------- d-----w- c:\users\CZC PoÄŤĂtaÄŤ\AppData\Local\temp
2015-11-03 18:04 . 2015-11-03 17:55 24064 ----a-w- c:\windows\zoek-delete.exe
2015-11-03 18:02 . 2015-11-03 18:04 -------- d-----w- C:\zoek
2015-11-03 17:42 . 2015-11-05 10:32 -------- d-----w- c:\users\CZC Počítač\AppData\Local\CrashDumps
2015-11-03 11:53 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18E85B27-FBE1-400C-B8FE-2F05202A504F}\mpengine.dll
2015-10-29 14:53 . 2015-10-29 15:08 -------- d-----w- c:\users\CZC Počítač\AppData\Local\Ori and the Blind Forest
2015-10-21 10:51 . 2015-10-21 10:51 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2015-10-18 14:50 . 2015-10-18 14:50 -------- d-----w- c:\users\CZC Počítač\AppData\Local\Electronic Arts
2015-10-14 17:32 . 2015-09-29 03:16 5569472 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-14 17:31 . 2015-07-18 13:08 984448 ----a-w- c:\windows\system32\ucrtbase.dll
2015-10-14 14:39 . 2015-10-14 14:39 -------- d-----w- c:\programdata\vsosdk
2015-10-14 14:28 . 2015-10-14 14:28 -------- d-----w- c:\users\CZC Počítač\AppData\Roaming\DVDFab9
2015-10-13 11:45 . 2005-07-16 00:35 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2015-10-13 11:45 . 2003-03-18 20:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2015-10-13 11:45 . 2003-02-21 02:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-03 18:16 . 2015-08-06 17:58 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-11-03 14:44 . 2014-07-05 17:56 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-14 17:36 . 2014-03-15 06:15 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-12 03:05 . 2014-06-03 08:46 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:05 . 2014-03-14 11:58 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:04 . 2014-06-03 08:46 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2014-03-14 11:58 1710752 ----a-w- c:\windows\system32\nvspcap64.dll
2015-10-10 16:10 . 2014-05-15 14:38 4218 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2015-10-05 08:50 . 2014-07-05 17:56 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2014-07-05 17:56 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 08:50 . 2014-03-14 12:13 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-01 11:59 . 2015-09-27 09:50 29392 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2015-09-29 02:58 . 2015-10-14 17:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-25 13:07 . 2015-09-25 13:07 27552 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2015-09-25 12:47 . 2014-03-14 12:40 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-25 12:47 . 2014-03-14 12:40 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-25 12:37 . 2015-09-25 12:37 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-25 12:37 . 2014-05-01 09:55 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-25 12:37 . 2014-03-14 11:51 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-09-25 12:37 . 2014-03-14 11:51 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-25 12:37 . 2014-03-14 11:51 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-25 12:37 . 2014-03-14 11:51 448968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-09-25 12:37 . 2014-03-14 11:51 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-25 12:37 . 2014-03-14 11:51 153744 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-09-25 12:37 . 2015-09-25 12:37 43112 ----a-w- c:\windows\avastSS.scr
2015-09-25 12:37 . 2014-03-14 11:51 1049880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-15 18:11 . 2015-10-14 17:32 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-14 17:32 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-13 08:57 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-13 08:57 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-13 08:57 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-13 08:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-13 08:57 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-13 08:57 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-13 08:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-13 08:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-13 08:57 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-13 08:57 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-13 08:57 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-13 08:57 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-13 08:57 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-13 08:57 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-13 08:57 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-13 08:57 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-13 08:57 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-13 08:57 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-13 08:57 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-23 07:05 . 2014-11-21 19:01 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-08-23 07:05 . 2014-09-03 15:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-08-22 14:33 . 2014-09-03 15:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-08-11 04:52 . 2015-08-24 18:05 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-08-11 04:52 . 2015-08-24 18:05 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-08-11 04:52 . 2014-03-12 07:44 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="d:\avast free antivirus\AvastUI.exe" [2015-09-25 6134544]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - d:\arcsoftware\TMMonitor.exe [2015-10-13 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;d:\malwarebytes antimalware\Malwarebytes Anti-Malware\mbamservice.exe;d:\malwarebytes antimalware\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 DIRECTIO;DIRECTIO;c:\performancetest\DirectIo64.sys;c:\performancetest\DirectIo64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;d:\live update\NTIOLib_X64.sys;d:\live update\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;d:\origin\OriginClientService.exe;d:\origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS;c:\windows\SYSNATIVE\DRIVERS\TVICHW32.SYS [x]
R3 TVICHW64;TVICHW64;c:\windows\SysWOW64\Drivers\TVICHW64.SYS;c:\windows\SysWOW64\Drivers\TVICHW64.SYS [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-23 10:43 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14 12:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-25 12:37 780616 ----a-w- d:\avast free antivirus\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-12-11 7666392]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - d:\office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - d:\excel2~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\CZC Počítač\AppData\Roaming\Mozilla\Firefox\Profiles\oxomze9t.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Crysis WARHEAD(R) - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{7353BAE6-5E49-46C4-A9B5-8A269A313789} - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-207758930-3829721579-1519529356-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:00,e4,d0,13,ef,ed,da,44,5f,5b,44,08,c0,69,ef,6a,06,55,85,28,03,1b,66,
fc,d9,c8,b9,20,07,2c,28,1c,dd,04,23,f6,7a,8d,72,4a,3c,d6,85,62,04,2e,74,e1,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-207758930-3829721579-1519529356-1001\Software\SecuROM\License information*]
"datasecu"=hex:02,c7,be,7a,38,af,12,9e,7c,98,47,59,42,24,21,75,b0,60,84,02,ad,
c1,64,3e,54,4c,bc,80,be,6f,45,b8,05,ad,6c,1b,b8,90,bb,ad,f2,8e,5d,fb,04,35,\
"rkeysecu"=hex:04,b7,f8,d9,3b,35,52,8a,28,b0,5f,28,3d,df,ca,43
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\avast free antivirus\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2015-11-05 11:39:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-05 10:39
ComboFix2.txt 2015-11-04 12:06
.
Před spuštěním: Volných bajtů: 79 276 642 304
Po spuštění: Volných bajtů: 78 771 847 168
.
- - End Of File - - 641E301304DDA67A47A33A52FAA43CCA
A36C5E4F47E84449FF07ED3517B43A31

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:50

Zde Log asw Mbr:
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-11-05 11:43:18
-----------------------------
11:43:18.855 OS Version: Windows x64 6.1.7601 Service Pack 1
11:43:18.855 Number of processors: 8 586 0x3C03
11:43:18.855 ComputerName: CZCPOČÍTAČ-PC UserName: CZC Počítač
11:43:18.995 Initialize success
11:43:18.995 VM: initialized successfully
11:43:18.995 VM: Intel CPU BiosDisabled
11:43:20.539 AVAST engine defs: 15110500
11:43:33.612 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:43:33.612 Disk 0 Vendor: ST1000DM003-1CH162 CC49 Size: 953869MB BusType: 11
11:43:33.612 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
11:43:33.612 Disk 1 Vendor: ST1000DM003-1CH162 CC49 Size: 953869MB BusType: 11
11:43:33.612 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\00000073
11:43:33.612 Disk 2 Vendor: Samsung_ EXT0 Size: 114473MB BusType: 11
11:43:33.628 Disk 2 MBR read successfully
11:43:33.628 Disk 2 MBR scan
11:43:33.628 Disk 2 Windows 7 default MBR code
11:43:33.628 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:43:33.628 Disk 2 default boot code
11:43:33.643 Disk 2 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
11:43:33.659 Disk 2 scanning C:\Windows\system32\drivers
11:43:35.890 Service scanning
11:43:40.632 Modules scanning
11:43:40.632 Disk 2 trace - called modules:
11:43:40.632 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
11:43:40.632 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xfffffa8007189060]
11:43:40.632 3 CLASSPNP.SYS[fffff880011a243f] -> nt!IofCallDriver -> [0xfffffa8006c88c50]
11:43:40.632 5 iaStorF.sys[fffff880019f0a84] -> nt!IofCallDriver -> \Device\00000073[0xfffffa8006b02720]
11:43:40.726 AVAST engine scan C:\Windows
11:43:41.085 AVAST engine scan C:\Windows\system32
11:44:26.153 AVAST engine scan C:\Windows\system32\drivers
11:44:28.587 AVAST engine scan C:\Users\CZC Počítač
11:44:40.115 AVAST engine scan C:\ProgramData
11:44:47.369 Disk 2 statistics 4049978/0/0 @ 62,35 MB/s
11:44:47.385 Scan finished successfully
11:45:00.036 Disk 2 MBR has been saved successfully to "C:\Users\CZC Počítač\Desktop\MBR.dat"
11:45:00.052 The log file has been saved successfully to "C:\Users\CZC Počítač\Desktop\aswMBR log.txt"

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:52

FRST Log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015
Ran by CZC Počítač (administrator) on CZCPOČÍTAČ-PC (05-11-2015 11:47:20)
Running from C:\Users\CZC Počítač\Desktop
Loaded Profiles: CZC Počítač (Available Profiles: CZC Počítač)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) D:\AVAST Free Antivirus\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) D:\AVAST Free Antivirus\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => D:\AVAST Free Antivirus\AvastUI.exe [6134544 2015-09-25] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\AVAST Free Antivirus\ashShA64.dll [2015-09-25] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-13]
ShortcutTarget: TMMonitor.lnk -> D:\ARCSoftware\TMMonitor.exe (ArcSoft, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1BC69938-E0C9-42A4-8045-E182786F9201}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-207758930-3829721579-1519529356-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-207758930-3829721579-1519529356-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-207758930-3829721579-1519529356-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\AVAST Free Antivirus\aswWebRepIE64.dll [2015-08-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Excel 2013\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\AVAST Free Antivirus\aswWebRepIE.dll [2015-08-06] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Excel 2013\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\CZC Počítač\AppData\Roaming\Mozilla\Firefox\Profiles\oxomze9t.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-25] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\EXCEL2~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.27.7017\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.27.7017\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\VLC Player\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\VLC Player\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> D:\VLC Player\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC Player\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-207758930-3829721579-1519529356-1001: @Google.com/GoogleEarthPlugin -> C:\Users\CZC Počítač\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\AVAST Free Antivirus\WebRep\FF
FF Extension: Avast Online Security - D:\AVAST Free Antivirus\WebRep\FF [2015-09-25] [not signed]
StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-03]
CHR Extension: (Dokumenty Google) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-03]
CHR Extension: (Disk Google) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Vyhledávání Google) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky Google) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-03]
CHR Extension: (AdBlock) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-03]
CHR Extension: (Avast Online Security) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-03]
CHR Extension: (Gmail) - C:\Users\CZC Počítač\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\AVAST Free Antivirus\WebRep\Chrome\aswWebRepChrome.crx [2015-04-15]

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:52

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; D:\AVAST Free Antivirus\AvastSvc.exe [146600 2015-09-25] (AVAST Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 MBAMService; D:\Malwarebytes Antimalware\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2078216 2015-10-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-25] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-12-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-14] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-09-25] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [3791872 2014-05-16] (Intel Corporation) [File not signed]
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-03-17] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-12-24] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [29392 2015-10-01] () [File not signed]
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [13824 2005-10-09] (EnTech Taiwan) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\PerformanceTest\DirectIo64.sys [X]
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [X]
S3 NTIOLib_1_0_4; \??\D:\Live Update\NTIOLib_X64.sys [X]
S3 TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [X]
U3 aswMBR; \??\D:\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-05 11:47 - 2015-11-05 11:47 - 00020098 _____ C:\Users\CZC Počítač\Desktop\FRST.txt
2015-11-05 11:47 - 2015-11-05 11:47 - 00000000 ____D C:\FRST
2015-11-05 11:46 - 2015-11-05 11:46 - 02198016 _____ (Farbar) C:\Users\CZC Počítač\Desktop\FRST64.exe
2015-11-05 11:45 - 2015-11-05 11:45 - 00000512 _____ C:\Users\CZC Počítač\Desktop\MBR.dat
2015-11-05 11:42 - 2015-11-05 11:42 - 05200384 _____ (AVAST Software) C:\Users\CZC Počítač\Desktop\aswmbr.exe
2015-11-05 11:39 - 2015-11-05 11:39 - 00031310 _____ C:\ComboFix.txt
2015-11-04 13:11 - 2015-11-04 13:11 - 00000954 _____ C:\Users\CZC Počítač\Desktop\AvastUI – zástupce.lnk
2015-11-04 13:02 - 2015-11-05 11:39 - 00000000 ____D C:\Qoobox
2015-11-04 13:02 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-04 13:02 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-04 13:02 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-04 13:02 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-04 13:02 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-04 13:02 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-04 13:02 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-04 13:02 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-04 13:00 - 2015-11-04 13:01 - 05637361 ____R (Swearware) C:\Users\CZC Počítač\Desktop\ComboFix.exe
2015-11-04 09:40 - 2015-11-04 09:40 - 00000748 _____ C:\DelFix.txt
2015-11-03 19:04 - 2015-11-03 18:55 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-11-03 19:02 - 2015-11-03 19:04 - 00000000 ____D C:\zoek
2015-11-03 18:50 - 2015-11-05 11:38 - 00002806 _____ C:\Windows\PFRO.log
2015-11-03 18:23 - 2015-11-03 19:06 - 00000000 ____D C:\Users\CZC Počítač\Desktop\Na vyčištění PC
2015-10-31 10:21 - 2015-11-05 11:38 - 00000896 _____ C:\Windows\setupact.log
2015-10-31 10:21 - 2015-10-31 10:21 - 00000000 _____ C:\Windows\setuperr.log
2015-10-30 13:28 - 2015-10-30 13:28 - 00000550 _____ C:\Users\CZC Počítač\Desktop\CCleaner.lnk
2015-10-29 15:49 - 2015-10-29 15:49 - 00000603 _____ C:\Users\CZC Počítač\Desktop\Ori and the Blind Forest.lnk
2015-10-29 15:49 - 2015-10-29 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ori and the Blind Forest
2015-10-21 11:53 - 2015-10-21 11:53 - 00001001 _____ C:\Users\CZC Počítač\Desktop\EXCEL 2013.lnk
2015-10-21 11:51 - 2015-10-21 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-19 16:29 - 2015-10-19 16:29 - 00000928 _____ C:\Users\CZC Počítač\Desktop\Dying Light.lnk
2015-10-19 16:25 - 2015-10-19 16:25 - 00000000 ____D C:\Users\CZC Počítač\Documents\DyingLight
2015-10-18 15:38 - 2015-10-18 15:38 - 00000000 ____D C:\Users\CZC Počítač\Documents\Electronic Arts
2015-10-17 18:13 - 2015-10-17 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alien Isolation
2015-10-14 18:34 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 18:34 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 18:34 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 18:34 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 18:34 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 18:34 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 18:34 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 18:34 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 18:34 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 18:34 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 18:34 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 18:34 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 18:34 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 18:34 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 18:34 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 18:34 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 18:34 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 18:34 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 18:34 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 18:34 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 18:34 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 18:34 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 18:34 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 18:34 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 18:34 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 18:34 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 18:34 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 18:34 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 18:34 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 18:34 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 18:34 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 18:34 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 18:34 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 18:34 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 18:34 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 18:34 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 18:34 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 18:34 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 18:34 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 18:34 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 18:34 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 18:34 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 18:34 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 18:34 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 18:34 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 18:34 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 18:34 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 18:34 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 18:34 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 18:34 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 18:34 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 18:34 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 18:34 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 18:34 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 18:34 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 18:34 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 18:34 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 18:34 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 18:34 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 18:34 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 18:34 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 18:34 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 18:34 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 18:34 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 18:32 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 18:32 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 18:32 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 18:32 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 18:32 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 18:32 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 18:32 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 18:32 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 18:32 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 18:32 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 18:32 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 18:32 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 18:32 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 18:32 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 18:32 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 18:32 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 18:32 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 18:32 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 18:32 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 18:32 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 18:32 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 18:32 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 18:32 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 18:32 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 18:32 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 18:32 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 18:32 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 18:32 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 18:32 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 18:32 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 18:32 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 18:32 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 18:32 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 18:32 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 18:32 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 18:32 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 18:32 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 18:32 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 18:32 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 18:32 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 18:32 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 18:32 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 18:32 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 18:32 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 18:32 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 18:32 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 18:32 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 18:32 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 18:32 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 18:32 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 18:32 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 18:32 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 18:32 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 18:32 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 18:32 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 18:32 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 18:32 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 18:32 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 18:32 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 18:32 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 18:32 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 18:32 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 18:32 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 18:32 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 18:32 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 18:32 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 18:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 15:39 - 2015-10-14 15:39 - 00000000 ____D C:\ProgramData\vsosdk
2015-10-14 15:28 - 2015-10-14 15:28 - 00000000 ____D C:\Users\CZC Počítač\Documents\DVDFab9
2015-10-14 15:28 - 2015-10-14 15:28 - 00000000 ____D C:\Users\CZC Počítač\AppData\Roaming\DVDFab9
2015-10-14 15:28 - 2015-10-14 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
2015-10-13 12:49 - 2015-10-13 12:49 - 00000000 ____D C:\Users\CZC Počítač\Documents\ArcSoft ToGo
2015-10-13 12:49 - 2015-10-13 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2015-10-13 12:46 - 2015-10-13 12:46 - 00000595 _____ C:\Users\Public\Desktop\TotalMedia 3.5.lnk
2015-10-13 12:46 - 2015-10-13 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia 3.5
2015-10-13 12:45 - 2005-07-16 01:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unicows.dll
2015-10-13 12:45 - 2003-03-18 21:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-10-13 12:45 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-10-11 11:55 - 2015-10-11 11:55 - 00000608 _____ C:\Users\Public\Desktop\Crysis.lnk
2015-10-11 11:55 - 2015-10-11 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2015-10-10 18:37 - 2015-10-10 18:37 - 00000569 _____ C:\Users\Public\Desktop\Crysis 3.lnk
2015-10-10 18:37 - 2015-10-10 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
2015-10-10 18:01 - 2015-10-10 18:01 - 00000964 _____ C:\Users\CZC Počítač\Desktop\Crysis 2.lnk
2015-10-10 17:33 - 2015-10-10 17:33 - 00001144 _____ C:\Users\CZC Počítač\Desktop\Crysis Warhead.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-05 11:46 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-05 11:46 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-05 11:45 - 2011-04-12 09:34 - 04068904 _____ C:\Windows\system32\perfh005.dat
2015-11-05 11:45 - 2011-04-12 09:34 - 01291012 _____ C:\Windows\system32\perfc005.dat
2015-11-05 11:45 - 2009-07-14 06:13 - 00006466 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-05 11:42 - 2015-10-01 18:21 - 01811936 _____ C:\Windows\WindowsUpdate.log
2015-11-05 11:38 - 2014-04-30 13:26 - 00003004 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-11-05 11:38 - 2014-03-12 08:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-05 11:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-05 11:38 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-05 11:36 - 2015-08-31 14:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-05 11:36 - 2015-08-07 10:12 - 00000000 ____D C:\Windows\erdnt
2015-11-05 11:28 - 2014-03-14 12:51 - 00004154 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-04 21:43 - 2014-03-14 13:02 - 00000000 ____D C:\Users\CZC Počítač\AppData\Roaming\vlc
2015-11-04 21:17 - 2015-07-15 14:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 19:16 - 2015-08-06 18:58 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-03 15:44 - 2014-07-05 18:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-01 18:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-30 20:22 - 2014-12-05 20:17 - 00000000 ____D C:\Users\CZC Počítač\AppData\Roaming\dvdcss
2015-10-30 13:29 - 2014-03-14 13:03 - 00000000 ____D C:\Users\CZC Počítač\AppData\Roaming\DAEMON Tools Lite
2015-10-30 13:08 - 2014-07-05 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-29 14:43 - 2014-03-12 08:46 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-10-29 14:43 - 2014-03-12 08:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 13:39 - 2014-06-08 16:44 - 00003800 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1394798764
2015-10-21 14:38 - 2009-07-14 05:45 - 00303224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-21 14:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2015-10-21 11:51 - 2014-04-27 13:10 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-10-21 11:51 - 2014-04-27 13:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-21 11:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-21 11:50 - 2014-04-27 13:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-21 11:50 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2015-10-19 16:25 - 2014-03-14 17:50 - 00000000 ____D C:\ProgramData\Steam
2015-10-18 16:22 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-18 09:41 - 2014-03-14 16:17 - 00000000 ____D C:\Users\CZC Počítač\Documents\My Games
2015-10-18 08:46 - 2014-03-16 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2015-10-17 16:51 - 2015-03-17 11:03 - 00000000 ____D C:\ProgramData\ArcSoft
2015-10-17 16:51 - 2014-03-12 08:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 12:34 - 2014-06-26 14:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 10:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-14 18:38 - 2014-03-15 07:15 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 18:36 - 2014-03-15 07:15 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 14:56 - 2014-05-20 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2015-10-12 04:05 - 2014-06-03 09:46 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-12 04:05 - 2014-03-14 12:58 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-12 04:04 - 2014-06-03 09:46 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-12 04:04 - 2014-03-14 12:58 - 01710752 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-11 11:55 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-10 18:11 - 2014-03-14 13:59 - 00000000 ____D C:\ProgramData\Origin
2015-10-10 18:00 - 2014-04-14 14:20 - 00000000 ____D C:\ProgramData\Solidshield
2015-10-10 17:10 - 2014-05-15 15:38 - 00004218 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:52

==================== Files in the root of some directories =======

2014-04-13 17:41 - 2014-05-05 18:55 - 1065984 _____ () C:\Users\CZC Počítač\AppData\Local\file__0.localstorage
2015-01-04 11:25 - 2015-01-04 11:25 - 0001470 _____ () C:\Users\CZC Počítač\AppData\Local\recently-used.xbel
2014-05-08 17:56 - 2014-07-29 19:00 - 0007618 _____ () C:\Users\CZC Počítač\AppData\Local\Resmon.ResmonCfg
2014-03-12 08:35 - 2014-03-12 08:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-31 17:13

==================== End of FRST.txt ============================

behavioralista · Příspěvekod **behavioralista** » 05 lis 2015 11:53

Addition Log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-11-2015
Ran by CZC Počítač (2015-11-05 11:47:32)
Running from C:\Users\CZC Počítač\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-03-14 11:43:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-207758930-3829721579-1519529356-500 - Administrator - Disabled)
CZC Počítač (S-1-5-21-207758930-3829721579-1519529356-1001 - Administrator - Enabled) => C:\Users\CZC Počítač
Guest (S-1-5-21-207758930-3829721579-1519529356-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.0 - Futuremark Corporation)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Alan Wake American Nightmare (HKLM-x32\...\Alan Wake American Nightmare_is1) (Version: - GOG.com)
Alien Isolation (HKLM-x32\...\Alien Isolation_is1) (Version: - )
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
BurnAware Free 8.5 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version: - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskInfo 6.1.13 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.13 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVDFab 9.2.1.0 (20/08/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Dying Light - Ultimate Edition verze 1.6.1 (HKLM-x32\...\{8F75BF89-C4D5-4D53-B7FC-49F43011AA5D}_is1) (Version: 1.6.1 - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HWiNFO64 Version 5.04 (HKLM\...\HWiNFO64_is1) (Version: 5.04 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Excel 2013 (HKLM\...\Office15.EXCEL) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 cs)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
Opera Stable 33.0.1990.43 (HKLM-x32\...\Opera 33.0.1990.43) (Version: 33.0.1990.43 - Opera Software)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Ovládací panel NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Seznam Software (HKU\S-1-5-21-207758930-3829721579-1519529356-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
Sonic Radar (HKLM\...\{4AD04041-F286-4690-8555-38F175F0B50C}) (Version: 1.0.801 - ASUSTeKcomputer.Inc)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1004 - Firefly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-207758930-3829721579-1519529356-1001\...\WinDirStat) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-207758930-3829721579-1519529356-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-207758930-3829721579-1519529356-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

04-11-2015 09:40:44 End of disinfection

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-11-05 11:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C6A0C39-51C3-4E8A-BCE3-DA867FC5799C} - \SMupdate1 -> No File <==== ATTENTION
Task: {12685B9C-E528-4878-86D1-272D8E0CA4CD} - System32\Tasks\EVGAPrecision => D:\Evga Precision\EVGAPrecision.exe
Task: {21D6D9A5-D3C8-46EF-A5E2-057C4383C8D9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2EECA204-D22B-4794-B247-EAFD3BED5021} - System32\Tasks\Opera scheduled Autoupdate 1394798764 => D:\Opera\launcher.exe [2015-10-26] (Opera Software)
Task: {380D5126-3E10-4963-826D-CF8D55A3E162} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {48869E9C-C457-4260-8AED-717F374CC30F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {5868B80D-D3DA-46DF-88E7-1D9EE44A35CB} - \ShopperProJSUpd -> No File <==== ATTENTION
Task: {63FF7A2F-0D1E-4BF3-8ED8-00712DBE2A74} - System32\Tasks\MSIAfterburner => D:\MSI Afterburner\MSIAfterburner.exe [2015-05-27] ()
Task: {7D71BCBD-38DF-45DD-BE57-B9FCEF262E98} - \ShopperPro -> No File <==== ATTENTION
Task: {895CE09D-75A7-484E-93BC-BFA22A1A2185} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {915C76A5-6B03-46E3-A1AC-DCE332F76D4F} - System32\Tasks\avast! Emergency Update => D:\AVAST Free Antivirus\AvastEmUpdate.exe [2015-09-25] (AVAST Software)
Task: {9DCD7A7F-E365-4AFA-B723-D77B2A2A1C56} - System32\Tasks\{DCA8A217-87D8-49F5-91DC-D09397EB39D2} => pcalua.exe -a "C:\Users\CZC Počítač\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=cvs
Task: {C0A2FBED-22D8-4D0A-8659-CC4DE3DA0EB5} - \SPDriver -> No File <==== ATTENTION
Task: {C5578687-9550-48FA-A41D-D7F3BEE964BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-25] (Adobe Systems Incorporated)
Task: {DF699B33-6A26-46B5-84A5-B9744FA4B687} - System32\Tasks\{836AADB8-4E66-41ED-A79F-B50B76CF9859} => H:\čeština\Praetorians - CZ.exe
Task: {FC9F97F1-493F-467D-B59C-5EF0F9A33FFF} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-12 08:44 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-12 08:28 - 2013-05-07 08:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-09-03 16:56 - 2014-10-12 18:00 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-25 13:37 - 2015-09-25 13:37 - 00103376 _____ () D:\AVAST Free Antivirus\log.dll
2015-09-25 13:37 - 2015-09-25 13:37 - 00123976 _____ () D:\AVAST Free Antivirus\JsonRpcServer.dll
2015-11-05 11:28 - 2015-11-05 11:28 - 02990080 _____ () D:\AVAST Free Antivirus\defs\15110500\algo.dll
2014-03-12 08:28 - 2015-11-05 11:38 - 00031232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-03-12 08:28 - 2013-05-07 08:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-26 19:02 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-03-12 08:31 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-25 13:37 - 2015-09-25 13:37 - 40539648 _____ () D:\AVAST Free Antivirus\libcef.dll
2015-10-23 11:43 - 2015-10-20 15:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 11:43 - 2015-10-20 15:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-207758930-3829721579-1519529356-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CZC Počítač\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{66BD4BB6-EA31-4141-89CD-09D2135D3FA4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BBF53F1E-37AA-4F66-B0BF-E67B33661ABE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{0D524535-361A-4F11-B67B-4341DBCD917C}E:\company of heroes tales of valor\reliccoh.exe] => (Block) E:\company of heroes tales of valor\reliccoh.exe
FirewallRules: [UDP Query User{5CA5ADB9-FF01-43F5-B9F7-49EFB9501740}E:\company of heroes tales of valor\reliccoh.exe] => (Block) E:\company of heroes tales of valor\reliccoh.exe
FirewallRules: [{0A78C24E-3C1A-4F87-82C0-BD7C2B7523C1}] => (Allow) E:\Company of Heroes Tales of Valor\RelicDownloader\RelicDownloader.exe
FirewallRules: [{2E729F4C-69DE-4FB3-B04F-61E455F8621A}] => (Allow) E:\Company of Heroes Tales of Valor\RelicDownloader\RelicDownloader.exe
FirewallRules: [{8A3A31CA-DE1D-484D-A145-5141F5D17249}] => (Allow) E:\Dead Space 3\Dead Space 3\deadspace3.exe
FirewallRules: [{AFB9B438-6508-4563-B523-35172D7AA133}] => (Allow) E:\Dead Space 3\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{604AD206-45F7-490D-A26D-B0687516DF83}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{638F2C25-9DD7-4853-98F1-6F960DADA5F8}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{18617411-C00C-479B-91B7-8290D72F7C32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B71B8CC3-E091-445E-9372-9D34EC815D94}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16827001-4B93-4406-A13F-13DF2D04A76D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{94D981C8-C6A2-48F9-AC31-CDC344C13D3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{658CC6FF-D4E1-4F9B-B5CE-48B43E278ABE}] => (Allow) E:\Call of Duty 4 Modern Warfare\iw3mp.exe
FirewallRules: [{D4834BDC-8CD9-46AC-AB2F-ADBCE363BEAC}] => (Allow) E:\Call of Duty 4 Modern Warfare\iw3mp.exe
FirewallRules: [{11B87AE8-4C24-47F8-B36D-A992F356B7AB}] => (Allow) E:\Need for Speed Hot Pursuit 2010\Launcher.exe
FirewallRules: [{02D460F3-903E-4417-B85B-62495479E266}] => (Allow) E:\Need for Speed Hot Pursuit 2010\Launcher.exe
FirewallRules: [TCP Query User{868D92E4-F61C-4C4C-B1BD-8AB983C2DCB2}E:\need for speed hot pursuit 2010\nfs11.exe] => (Block) E:\need for speed hot pursuit 2010\nfs11.exe
FirewallRules: [UDP Query User{ACABA522-07F9-4D6A-AF49-00B37B0822B4}E:\need for speed hot pursuit 2010\nfs11.exe] => (Block) E:\need for speed hot pursuit 2010\nfs11.exe
FirewallRules: [{CEEA33D1-8693-4A38-ADB1-1804C752806A}] => (Allow) D:\Mozilla Firefox\firefox.exe
FirewallRules: [{0ADAF67B-9F9A-415B-9476-448B0BC4501D}] => (Allow) D:\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F091C486-0946-4383-A9E2-F0F913757185}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4C78E748-E349-4488-B730-8E51ADF891E0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{75866F4D-424A-4F60-9DAE-D37CABB2D5F9}] => (Allow) E:\FIFA 2015\fifasetup\fifaconfig.exe
FirewallRules: [{CFE8046B-EBBB-40BF-AA8D-3CCEF2AC5F47}] => (Allow) E:\FIFA 2015\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{FA39875A-C11A-4F4B-B280-FDEDB1926F14}E:\fifa 2015\fifa15.exe] => (Block) E:\fifa 2015\fifa15.exe
FirewallRules: [UDP Query User{446B7AD9-829A-4C9F-A2A1-0147DE5E990D}E:\fifa 2015\fifa15.exe] => (Block) E:\fifa 2015\fifa15.exe
FirewallRules: [TCP Query User{F8E1D7C3-A5C2-4156-9127-A7F5B497116A}D:\mozilla firefox\firefox.exe] => (Block) D:\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{608A7AFE-115F-4743-A859-4C8F4A6D224A}D:\mozilla firefox\firefox.exe] => (Block) D:\mozilla firefox\firefox.exe
FirewallRules: [{14215F1A-4AAD-49D3-B7C6-CE0227DC01F6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F9AADF21-02FF-48F7-B081-E68F8E6AE315}] => (Allow) E:\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{89F26AB6-A16C-4D7A-989B-805EAAFE40CF}] => (Allow) E:\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [{535DD02F-8A41-42B4-9473-528E0DE84273}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D53CAC72-F410-4E77-B654-B78626575CDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E29BEBFA-37F2-4423-98F3-D68418270C84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B0B7EBAC-DC12-4B92-892C-3E59964B84FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC576672-75A2-42D8-A6DD-C66112939C68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C4C14A8F-7C29-46AA-B4A9-5365D4FA6188}E:\world of warships\wowslauncher.exe] => (Block) E:\world of warships\wowslauncher.exe
FirewallRules: [UDP Query User{61E37180-867B-4B0D-993C-D9393E59E7CB}E:\world of warships\wowslauncher.exe] => (Block) E:\world of warships\wowslauncher.exe
FirewallRules: [TCP Query User{90967E5E-D638-4FE3-ACBD-A504422F8632}E:\crysis 2\bin32\crysis2.exe] => (Block) E:\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{2C79780D-02E1-4130-A10F-D96AEC4DBDCF}E:\crysis 2\bin32\crysis2.exe] => (Block) E:\crysis 2\bin32\crysis2.exe
FirewallRules: [{538AB0D3-E79D-47D5-87A4-8A7AEE98EAEA}] => (Allow) E:\Crysis 3\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{A8E5E16C-C724-4350-8E39-941C0123B845}] => (Allow) E:\Crysis 3\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{4B51DE45-AF56-45BE-B5EC-730385E549F6}] => (Allow) E:\Crysis\Bin32\Crysis.exe
FirewallRules: [{B1D4DB4A-E1FC-4E83-B279-5859E5E41795}] => (Allow) E:\Crysis\Bin32\Crysis.exe
FirewallRules: [{C49F10C3-3DDE-475E-9C7B-387F53ACC686}] => (Allow) E:\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{BE7A689A-8E23-453A-8670-2CF1882C9429}] => (Allow) E:\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{8AFCF227-A571-4634-9DB9-A1423A9182A3}] => (Allow) E:\Crysis\Bin64\Crysis.exe
FirewallRules: [{333EA345-F288-436B-AF86-A0805B65D6E3}] => (Allow) E:\Crysis\Bin64\Crysis.exe
FirewallRules: [{92E0D51A-11F9-4BD8-AA0C-505D7F29AFD7}] => (Allow) E:\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{87C9D42A-1CAD-40EC-8E75-705BA177FA15}] => (Allow) E:\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{421D79DE-E790-4D21-9768-CA5370178BA4}] => (Allow) D:\ARCSoftware\TotalMedia.exe
FirewallRules: [{492C2A2C-BC56-481D-8FAC-9B15A234C1F2}] => (Allow) D:\ARCSoftware\TotalMedia.exe
FirewallRules: [TCP Query User{14580330-CDBC-4B9A-8AD5-5A45DA545B97}E:\outlast\binaries\win64\olgame.exe] => (Block) E:\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{910A32B1-BA89-497B-9397-048D197F6ADC}E:\outlast\binaries\win64\olgame.exe] => (Block) E:\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{88D29043-9ABF-486C-B188-00A50E49CAF1}E:\alien isolation\ai.exe] => (Block) E:\alien isolation\ai.exe
FirewallRules: [UDP Query User{2C5B4CBE-75D8-4E57-A4AC-7CC689AF37EC}E:\alien isolation\ai.exe] => (Block) E:\alien isolation\ai.exe
FirewallRules: [TCP Query User{7B2EC9A9-A9AA-46B4-AA4C-B9334EE194C2}E:\dead space\dead space.exe] => (Block) E:\dead space\dead space.exe
FirewallRules: [UDP Query User{9E433069-15E0-40BD-9F97-F71476084D58}E:\dead space\dead space.exe] => (Block) E:\dead space\dead space.exe
FirewallRules: [{C9331B9C-6E7C-4399-8555-1C01439AE356}] => (Block) E:\Dead Space 2\deadspace2.exe
FirewallRules: [{529E5A0C-9FFD-4B59-86E8-AA7939E43E04}] => (Block) E:\Dead Space 2\deadspace2.exe
FirewallRules: [TCP Query User{D40C2F4F-E5BB-4DA5-B715-67D26DB1821A}E:\dying light\dyinglightgame.exe] => (Block) E:\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{30AA97E7-4C7E-4D23-ADCE-849B8F58E99B}E:\dying light\dyinglightgame.exe] => (Block) E:\dying light\dyinglightgame.exe
FirewallRules: [{03523329-11B1-4E49-9BA7-9E6FACB9CEAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2015 11:45:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (11/05/2015 11:45:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (11/05/2015 11:45:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (11/05/2015 11:38:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2015 11:34:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (11/05/2015 11:34:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (11/05/2015 11:34:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (11/05/2015 11:32:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000bffc2
ID chybujícího procesu: 0xdc4
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3

Error: (11/05/2015 11:28:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/04/2015 05:01:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

System errors:
=============
Error: (11/05/2015 11:36:57 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/05/2015 11:36:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/05/2015 11:36:35 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/05/2015 11:36:35 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/05/2015 11:35:30 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/05/2015 11:34:10 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/04/2015 01:05:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/04/2015 01:04:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/03/2015 07:10:38 PM) (Source: volsnap) (EventID: 16) (User: )
Description: Stínové kopie svazku E: byly přerušeny, protože bylo vynuceno odpojení svazku E:, který obsahuje úložiště stínové kopie pro tyto kopie,

Error: (11/03/2015 07:02:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

CodeIntegrity:
===================================
Date: 2015-11-05 11:36:35.103
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-05 11:36:35.072
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-05 11:36:35.040
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-05 11:36:35.009
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-05 11:34:10.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-05 11:34:10.147
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-07 11:15:09.028
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-07 11:15:09.013
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-07 16:01:26.347
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\TVICHW64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-06-07 16:01:26.316
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\drivers\TVICHW64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 8129.61 MB
Available physical RAM: 5954.77 MB
Total Virtual: 9127.81 MB
Available Virtual: 6845.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:73.3 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:889.04 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:737.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: 350DDE36)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: 350DDE3A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or

(Size: 111.8 GB) (Disk ID: 350DDE29)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Příspěvekod **jaro3** » 05 lis 2015 15:52

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-207758930-3829721579-1519529356-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-207758930-3829721579-1519529356-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=3 -> C:\Program Files (x86)\Maxiget\Updater\70.3.27.7017\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @omaha.maxiget.com/Maxiget Updater;version=9 -> C:\Program Files (x86)\Maxiget\Updater\70.3.27.7017\npMaxigetUpdater3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
Task: {0C6A0C39-51C3-4E8A-BCE3-DA867FC5799C} - \SMupdate1 -> No File <==== ATTENTION
Task: {380D5126-3E10-4963-826D-CF8D55A3E162} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {48869E9C-C457-4260-8AED-717F374CC30F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {5868B80D-D3DA-46DF-88E7-1D9EE44A35CB} - \ShopperProJSUpd -> No File <==== ATTENTION
Task: {7D71BCBD-38DF-45DD-BE57-B9FCEF262E98} - \ShopperPro -> No File <==== ATTENTION
Task: {9DCD7A7F-E365-4AFA-B723-D77B2A2A1C56} - System32\Tasks\{DCA8A217-87D8-49F5-91DC-D09397EB39D2} => pcalua.exe -a "C:\Users\CZC Počítač\AppData\Roaming\mystartsearch\UninstallManager.exe" -c -ptid=cvs
Task: {C0A2FBED-22D8-4D0A-8659-CC4DE3DA0EB5} - \SPDriver -> No File <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Podzimní preventivní prohlídka Vyřešeno

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Re: Podzimní preventivní prohlídka

Kdo je online