Kontrola Logu - Dekuji

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 16:14

ComboFix 14-12-07.01 - MSI 09.12.2014 15:55:57.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6360.4862 [GMT 1:00]
Spuštěný z: c:\users\MSI\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\MSI\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\log.txt
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod159C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod1CCB.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod23DE.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2563.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2A38.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2B95.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2C73.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod311E.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3393.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3DC7.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3F6E.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4E86.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4E90.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4EEB.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod51CC.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod52B6.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5882.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6265.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod71C8.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod74F8.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod796C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em028_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em028_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_38.0.2125.111_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-09 do 2014-12-09 )))))))))))))))))))))))))))))))
.
.
2014-12-07 23:57 . 2014-12-07 23:57 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-12-06 13:52 . 2014-12-06 13:33 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-06 13:52 . 2014-12-09 15:06 -------- d-----w- c:\users\MSI\AppData\Local\Temp
2014-12-06 13:33 . 2014-12-06 13:49 -------- d-----w- C:\zoek_backup
2014-12-06 13:20 . 2014-12-06 13:20 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-06 13:20 . 2014-12-06 13:20 -------- d-----w- c:\programdata\RogueKiller
2014-12-06 11:07 . 2014-12-06 11:07 -------- d-----w- c:\windows\ERUNT
2014-12-06 10:07 . 2014-12-06 11:02 -------- d-----w- C:\AdwCleaner
2014-11-27 14:42 . 2014-11-27 14:42 -------- d-----w- c:\users\MSI\AppData\Local\MSI
2014-11-27 14:37 . 2014-11-27 14:37 -------- d-----w- c:\program files (x86)\SCM
2014-11-26 23:42 . 2014-11-26 23:42 -------- d-----w- c:\programdata\ATI
2014-11-26 23:37 . 2014-11-26 23:37 -------- d-----w- c:\program files (x86)\AMD AVT
2014-11-26 23:37 . 2014-11-26 23:37 -------- d-----w- c:\program files (x86)\AMD
2014-11-26 23:37 . 2014-11-26 23:37 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2014-11-26 23:35 . 2014-11-26 23:35 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-11-26 23:32 . 2014-11-26 23:37 -------- d-----w- c:\program files\ATI Technologies
2014-11-26 22:23 . 2014-11-26 22:23 -------- d-----w- c:\windows\system32\temp
2014-11-26 22:23 . 2014-11-26 22:23 -------- d-----w- c:\programdata\PassMark
2014-11-26 22:23 . 2014-11-26 22:23 -------- d-----w- c:\program files\BurnInTest
2014-11-26 21:56 . 2014-12-08 22:34 -------- d-----w- c:\users\MSI\AppData\Roaming\TS3Client
2014-11-26 19:52 . 2014-11-26 21:55 -------- d-----w- c:\program files\TeamSpeak 3 Client
2014-11-25 23:03 . 2014-11-25 23:03 -------- d-----w- c:\windows\SysWow64\vbox
2014-11-25 23:03 . 2014-11-25 23:03 -------- d-----w- c:\windows\system32\vbox
2014-11-25 22:57 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E066D8F2-5EB8-4EB9-807E-96111ABFD117}\mpengine.dll
2014-11-25 22:56 . 2014-11-25 22:56 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-25 22:56 . 2014-11-25 22:56 43152 ----a-w- c:\windows\avastSS.scr
2014-11-25 22:47 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-25 22:47 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-25 22:47 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-25 22:47 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-25 13:25 . 2014-11-25 13:25 397592 ----a-w- c:\windows\system32\MBWrp64(196).dll
2014-11-25 13:25 . 2014-11-25 13:25 2000152 ----a-w- c:\windows\system32\MBAPO264(195).dll
2014-11-25 13:25 . 2013-03-27 06:28 1102104 ----a-w- c:\windows\system32\MBAPO264.dll
2014-11-25 13:25 . 2012-06-08 08:23 83072 ----a-w- c:\windows\system32\MBWrp64.dll
2014-11-24 21:56 . 2014-11-24 21:56 -------- d-----w- c:\users\MSI\AppData\Roaming\Apple Computer
2014-11-24 21:56 . 2014-11-25 22:35 -------- d-----w- c:\programdata\IObit
2014-11-24 21:56 . 2014-11-24 21:56 -------- d-----w- c:\program files (x86)\Common Files\IObit
2014-11-24 18:59 . 2014-11-24 19:01 -------- d-----w- C:\CIMTEMP
2014-11-24 18:51 . 2014-11-25 22:35 -------- d-----w- c:\programdata\Norton
2014-11-24 18:51 . 2014-11-25 22:07 -------- d-----w- c:\program files (x86)\Norton Online Backup ARA
2014-11-24 18:46 . 2014-11-25 22:32 -------- d-----w- c:\programdata\Realtek
2014-11-23 23:36 . 2014-11-23 23:36 -------- d-----w- C:\ATI.ACE
2014-11-14 11:39 . 2014-11-14 11:39 -------- d-sh--w- c:\users\MSI\AppData\Local\EmieBrowserModeList
2014-11-12 08:58 . 2014-11-06 03:47 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-12 08:56 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-10 07:14 . 2014-12-08 18:02 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-10 07:14 . 2014-12-06 10:24 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-11-10 07:14 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-10 07:14 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-10 07:14 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-10 07:14 . 2014-11-10 07:14 -------- d-----w- c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-09 15:04 . 2014-09-22 19:26 65536 ----a-w- c:\windows\system32\spu_storage.bin
2014-11-25 23:05 . 2014-08-23 13:42 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-25 23:05 . 2014-08-23 13:42 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-25 22:56 . 2014-08-23 13:37 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-25 22:56 . 2014-08-23 13:37 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-25 22:56 . 2014-08-23 13:37 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-25 22:56 . 2014-08-23 13:37 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-25 22:56 . 2014-08-23 13:37 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-25 22:56 . 2014-08-23 13:37 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-25 22:56 . 2014-08-23 13:37 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-25 22:56 . 2014-08-23 13:37 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-12 12:14 . 2014-08-23 14:06 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-19 09:23 . 2014-11-12 08:56 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-15 22:32 . 2014-09-15 22:32 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-09-15 22:32 . 2014-09-15 22:32 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-09-15 22:31 . 2014-09-15 22:31 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-09-15 22:31 . 2014-09-15 22:31 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-09-15 22:31 . 2014-09-15 22:31 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-09-15 22:31 . 2014-09-15 22:31 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-09-15 22:31 . 2014-09-15 22:31 1335544 ----a-w- c:\windows\system32\aticfx64.dll
2014-09-15 22:31 . 2014-09-15 22:31 1113576 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-09-15 22:31 . 2014-09-15 22:31 10826488 ----a-w- c:\windows\system32\atidxx64.dll
2014-09-15 22:31 . 2014-09-15 22:31 9254184 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-09-15 22:31 . 2014-09-15 22:31 7207592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-09-15 22:31 . 2014-09-15 22:31 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-09-15 22:31 . 2014-09-15 22:31 8044976 ----a-w- c:\windows\system32\atiumd6a.dll
2014-09-15 22:31 . 2014-09-15 22:31 8296296 ----a-w- c:\windows\system32\atiumd64.dll
2014-09-15 22:29 . 2014-09-15 22:29 293088 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-09-15 22:26 . 2014-09-15 22:26 16750080 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-09-15 22:18 . 2014-09-15 22:18 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-09-15 22:18 . 2014-09-15 22:18 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-09-15 22:17 . 2014-09-15 22:17 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-09-15 22:17 . 2014-09-15 22:17 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-09-15 22:17 . 2014-09-15 22:17 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-09-15 22:17 . 2014-09-15 22:17 33867264 ----a-w- c:\windows\system32\amdocl64.dll
2014-09-15 22:17 . 2014-09-15 22:17 28770304 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-09-15 22:16 . 2014-09-15 22:16 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-09-15 22:16 . 2014-09-15 22:16 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-09-15 22:13 . 2014-09-15 22:13 27918336 ----a-w- c:\windows\system32\atio6axx.dll
2014-09-15 22:09 . 2014-09-15 22:09 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-09-15 22:09 . 2014-09-15 22:09 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-09-15 22:09 . 2014-09-15 22:09 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-09-15 22:09 . 2014-09-15 22:09 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-09-15 22:09 . 2014-09-15 22:09 5639168 ----a-w- c:\windows\system32\amdmantle64.dll
2014-09-15 22:08 . 2014-09-15 22:08 23375360 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-09-15 22:07 . 2014-09-15 22:07 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-09-15 22:07 . 2014-09-15 22:07 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-09-15 22:07 . 2014-09-15 22:07 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-09-15 22:07 . 2014-09-15 22:07 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-09-15 22:07 . 2014-09-15 22:07 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-09-15 22:07 . 2014-09-15 22:07 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-09-15 22:06 . 2014-09-15 22:06 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-09-15 22:05 . 2014-09-15 22:05 4480000 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-09-15 22:03 . 2014-09-15 22:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-09-15 22:03 . 2014-09-15 22:03 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-09-15 22:03 . 2014-09-15 22:03 619008 ----a-w- c:\windows\system32\atieclxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-09-15 22:03 . 2014-09-15 22:03 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-09-15 22:03 . 2014-09-15 22:03 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-09-15 22:00 . 2014-09-15 22:00 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-09-15 22:00 . 2014-09-15 22:00 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-09-15 21:59 . 2014-09-15 21:59 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-09-15 21:59 . 2014-09-15 21:59 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-09-15 21:59 . 2014-09-15 21:59 827392 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-09-15 21:59 . 2014-09-15 21:59 1210880 ----a-w- c:\windows\system32\atiadlxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 900608 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-09-15 21:59 . 2014-09-15 21:59 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-09-15 21:59 . 2014-09-15 21:59 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-09-15 21:58 . 2014-09-15 21:58 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-09-15 17:21 . 2014-09-15 17:21 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-09-15 17:19 . 2014-09-15 17:19 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-25 5226600]
"KLM"="c:\program files (x86)\MSI\KLM\KLM.exe" [2013-05-02 1562504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-09-15 767200]
.
c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 3520 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN29B1582905SZ;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2014-8-23 72040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\windows\SysWOW64\MSIService.exe;c:\windows\SysWOW64\MSIService.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 18:57 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-23 23:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-25 22:56 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-02 13516360]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2013-07-05 406920]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2013-07-05 399528]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-12-09 16:12:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-09 15:12
ComboFix2.txt 2014-12-08 11:41
.
Před spuštěním: Volných bajtů: 651 855 519 744
Po spuštění: Volných bajtů: 651 694 219 264
.
- - End Of File - - 2EBAF1B09725BC41B8DE30A9ECAC1825
A36C5E4F47E84449FF07ED3517B43A31

Reklama
cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 16:26

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:25:51, on 9.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\bob internet\bobInternet.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\MSI\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series.lnk = ?
O4 - Global Startup: Killer Network Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{818DDC32-4C21-4D7A-90B9-F44AD8BB2A4C}: NameServer = 194.48.128.199 194.48.139.254
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Windows\SysWOW64\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8436 bytes

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 16:34

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-09 16:28:11
-----------------------------
16:28:11.135 OS Version: Windows x64 6.1.7601 Service Pack 1
16:28:11.135 Number of processors: 4 586 0x1301
16:28:11.135 ComputerName: MSI-PC UserName: MSI
16:28:12.929 Initialize success
16:28:12.944 VM: initialized successfully
16:28:12.944 VM: Amd CPU supported
16:28:16.470 AVAST engine defs: 14120900
16:28:25.128 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
16:28:25.128 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 11
16:28:25.284 Disk 0 MBR read successfully
16:28:25.284 Disk 0 MBR scan
16:28:25.299 Disk 0 Windows 7 default MBR code
16:28:25.299 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1906 MB offset 63
16:28:25.315 Disk 0 default boot code
16:28:25.346 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 713496 MB offset 3905536
16:28:25.471 Disk 0 scanning C:\Windows\system32\drivers
16:28:33.614 Service scanning
16:29:15.532 Modules scanning
16:29:15.532 Disk 0 trace - called modules:
16:29:15.610 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
16:29:15.610 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007157060]
16:29:15.625 3 CLASSPNP.SYS[fffff880018fd43f] -> nt!IofCallDriver -> [0xfffffa8006fd8ac0]
16:29:15.625 5 amd_xata.sys[fffff880010e5d00] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8006fd39c0]
16:29:16.936 AVAST engine scan C:\Windows
16:29:19.634 AVAST engine scan C:\Windows\system32
16:31:26.962 AVAST engine scan C:\Windows\system32\drivers
16:31:36.681 AVAST engine scan C:\Users\MSI
16:32:15.337 AVAST engine scan C:\ProgramData
16:33:10.702 Disk 0 statistics 3858290/0/0 @ 10,64 MB/s
16:33:10.718 Scan finished successfully
16:33:46.551 Disk 0 MBR has been saved successfully to "C:\Users\MSI\Desktop\MBR.dat"
16:33:46.566 The log file has been saved successfully to "C:\Users\MSI\Desktop\aswMBR.txt"

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 16:51

Mam problem s tema dvema soubory ktere mam otestovat. V PC je najdu ale kdyz otevru VIRUS TOTAL tak je nemuzu najit i presto ze se me ukazuji i skryte soubory.
Mem Test jsem otevrel ve vice oknech a vysledek stejny.

Co delam spatne? Muzu poskytnout TeamViewer pokud by jste byli ochotni to zkusit sami, ja si proste nvm rady.

Zatim Dekuji!!! za pomoc.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod jaro3 » 09 pro 2014 18:26

Ne , to zde není zvykem , vše se dá řešit pře tento web.

Soubory si zkopíruj na plochu a poté zkus z tohoto umístění je nanjít na virustotal stránce.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 23:07

OK respektuji nevedel jsem ze to neni mozne
Zde jsou ty dva soubory a jsou bez viru

https://www.virustotal.com/cs/file/62cb ... 418163115/
https://www.virustotal.com/cs/file/bfad ... 418163225/

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 09 pro 2014 23:27


Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod Orcus » 10 pro 2014 09:52

Soubory jsou OK, jak to vypadá s problémy?
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 10 pro 2014 11:18

System nabiha mnohem rychleji coz je super ale netusim proc se me sekaji okna kdyz prepinam mezi hrou a jinymi aplikacemi. Staci se prehodit ani ne na 1min. a cely system totalne zamrzne tento neduh pretrvava. Je zvlastni ze kdyz jsem pred patchem prepinal mezi hrou a jinou aplikaci tak bez problemu ale nyni po patchi se proste kouse. Udelal jsem Uninstal a znovu Instal nekolikrat a nepomohlo to. Doinstaloval jsem vsechny mozne soubory na podporu odinstaloval a nainstaloval znovu vsechny ovladace vc aktualizaci ale problem stale pretrvava. Mozna ze je to ve hre samotne. Uvidim dalsim patchem.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod jaro3 » 10 pro 2014 18:11

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Zadej si nové téma v sekci Problémy s HW.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 11 pro 2014 07:09

OTL logfile created on: 11.12.2014 6:59:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MSI\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,21 Gb Total Physical Memory | 4,08 Gb Available Physical Memory | 65,76% Memory free
12,42 Gb Paging File | 10,24 Gb Available in Paging File | 82,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 696,77 Gb Total Space | 604,31 Gb Free Space | 86,73% Space Free | Partition Type: NTFS
Drive E: | 42,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MSI-PC | User Name: MSI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\MSI\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe ()
PRC - C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\bob internet\bobInternet.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
PRC - C:\Windows\SysWOW64\MSIService.exe (Micro-Star International Co., Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe ()
MOD - C:\Program Files (x86)\bob internet\NDISAPI.dll ()
MOD - C:\Program Files (x86)\bob internet\Skins\bob\bob.dbskin ()
MOD - C:\Program Files (x86)\bob internet\resetregistry.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (Qualcomm Atheros Killer Service V2) -- C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Qualcomm Atheros)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Windows\SysWOW64\MSIService.exe (Micro-Star International Co., Ltd.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys (Avast Software)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AODDriver4.3) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (Ke2200) -- C:\Windows\SysNative\drivers\e22W7x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bflwfx64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.11.25 23:56:47 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.14.4_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\MSI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.12.09 16:06:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [Radio Manager] C:\Program Files (x86)\SCM\Radio Manager.exe (MSI)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - Startup: C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series.lnk = C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D735CBB-AD8C-4240-86FB-F3C3F34E4D5A}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{818DDC32-4C21-4D7A-90B9-F44AD8BB2A4C}: NameServer = 194.48.128.199 194.48.139.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9619DB4D-DE20-49B0-ABE6-D5ED13B7CB5A}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.29 12:11:01 | 000,000,424 | R--- | M] () - E:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.12.11 06:57:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MSI\Desktop\OTL.exe
[2014.12.10 09:45:52 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014.12.10 09:45:48 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.12.10 09:45:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.12.10 09:45:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.12.10 09:45:48 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.12.10 09:45:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.12.10 09:45:47 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.12.10 09:45:47 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.12.10 09:45:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.12.10 09:45:47 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.12.10 09:45:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.12.10 09:45:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.12.10 09:45:44 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.12.10 09:45:44 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.12.10 09:45:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.12.10 09:45:43 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.12.10 09:45:43 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.12.10 09:45:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.12.10 09:45:43 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.12.10 09:45:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.12.10 09:45:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.12.10 09:45:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.12.10 09:45:40 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.12.10 09:45:39 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.12.10 09:45:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.12.10 09:45:38 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.12.10 09:45:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.12.10 09:45:37 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.12.10 09:45:37 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.12.10 09:45:36 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.12.10 09:45:36 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.12.10 09:45:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.12.10 09:45:35 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.12.10 09:45:35 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.12.10 09:45:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.12.10 09:45:34 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.12.09 16:22:22 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\MSI\Desktop\HijackThis.exe
[2014.12.09 16:06:19 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014.12.08 12:32:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.12.08 12:31:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.12.08 00:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2014.12.08 00:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2014.12.06 14:52:44 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014.12.06 14:52:44 | 000,000,000 | ---D | C] -- C:\Users\MSI\AppData\Local\Temp
[2014.12.06 14:33:35 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.12.06 14:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014.12.06 12:07:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.12.06 12:06:17 | 001,707,646 | ---- | C] (Thisisu) -- C:\Users\MSI\Desktop\JRT.exe
[2014.12.06 11:07:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.11.27 15:42:23 | 000,000,000 | ---D | C] -- C:\Users\MSI\AppData\Local\MSI
[2014.11.27 15:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SCM
[2014.11.27 00:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.11.27 00:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.11.27 00:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2014.11.27 00:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.11.27 00:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014.11.27 00:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014.11.27 00:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.11.26 23:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest
[2014.11.26 23:23:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\temp
[2014.11.26 23:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PassMark
[2014.11.26 23:23:27 | 000,000,000 | ---D | C] -- C:\Users\MSI\Documents\PassMark
[2014.11.26 23:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\BurnInTest
[2014.11.26 22:56:06 | 000,000,000 | ---D | C] -- C:\Users\MSI\AppData\Roaming\TS3Client
[2014.11.26 22:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014.11.26 20:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2014.11.26 00:03:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2014.11.26 00:03:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2014.11.25 23:56:47 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.11.25 23:56:45 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.11.25 14:25:55 | 002,000,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264(195).dll
[2014.11.25 14:25:55 | 001,102,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264.dll
[2014.11.25 14:25:55 | 000,397,592 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64(196).dll
[2014.11.25 14:25:55 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2014.11.24 22:56:52 | 000,000,000 | ---D | C] -- C:\Users\MSI\AppData\Roaming\Apple Computer
[2014.11.24 22:56:48 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014.11.24 22:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.11.24 22:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IObit
[2014.11.24 19:59:35 | 000,000,000 | ---D | C] -- C:\CIMTEMP
[2014.11.24 19:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Online Backup ARA
[2014.11.24 19:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014.11.24 19:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014.11.24 19:47:38 | 000,000,000 | ---D | C] -- C:\Users\MSI\Documents\My Bluetooth
[2014.11.24 19:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtek
[2014.11.24 00:36:10 | 000,000,000 | ---D | C] -- C:\ATI.ACE
[2014.11.19 10:00:30 | 000,000,000 | ---D | C] -- C:\Users\MSI\Documents\Soubory aplikace Outlook
[2014.11.19 04:26:34 | 001,614,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FM20.DLL
[2014.11.14 12:39:27 | 000,000,000 | -HSD | C] -- C:\Users\MSI\AppData\Local\EmieBrowserModeList
[2014.11.12 09:59:11 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.11.12 09:59:11 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014.11.12 09:59:11 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014.11.12 09:59:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014.11.12 09:59:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014.11.12 09:56:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.11.12 09:56:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.11.12 09:56:56 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014.11.12 09:56:56 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014.11.12 09:56:54 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.11.12 09:56:54 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.11.12 09:56:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.11.12 09:56:53 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.11.12 09:56:53 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.11.12 09:56:46 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos(198).dll
[2014.11.12 09:56:46 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.11.12 09:56:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.11.12 09:56:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.11.12 09:56:37 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

cedan
nováček
Příspěvky: 33
Registrován: srpen 14
Pohlaví: Muž
Stav:
Offline

Re: Kontrola Logu - Dekuji

Příspěvekod cedan » 11 pro 2014 07:10

========== Files - Modified Within 30 Days ==========

[2014.12.11 06:57:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MSI\Desktop\OTL.exe
[2014.12.11 06:54:37 | 000,001,990 | ---- | M] () -- C:\Users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3520 series.lnk
[2014.12.11 06:53:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.12.11 06:53:47 | 706,752,511 | -HS- | M] () -- C:\hiberfil.sys
[2014.12.11 06:53:19 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014.12.11 06:53:10 | 000,027,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.12.11 06:53:10 | 000,027,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.12.11 06:49:15 | 000,010,422 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141211_064909.reg
[2014.12.11 06:48:45 | 000,025,664 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141211_064837.reg
[2014.12.10 22:36:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.12.09 16:22:25 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\MSI\Desktop\HijackThis.exe
[2014.12.09 16:12:57 | 001,582,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.12.09 16:12:57 | 000,668,376 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.12.09 16:12:57 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.12.09 16:12:57 | 000,141,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.12.09 16:12:57 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.12.09 16:06:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.12.08 19:02:15 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.12.08 00:57:30 | 000,001,186 | ---- | M] () -- C:\Users\MSI\Desktop\CrystalDiskInfo.lnk
[2014.12.06 14:33:35 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014.12.06 14:33:05 | 001,295,360 | ---- | M] () -- C:\Users\MSI\Desktop\zoek.exe
[2014.12.06 14:20:53 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014.12.06 14:18:05 | 018,310,232 | ---- | M] () -- C:\Users\MSI\Desktop\RogueKillerX64.exe
[2014.12.06 12:06:21 | 001,707,646 | ---- | M] (Thisisu) -- C:\Users\MSI\Desktop\JRT.exe
[2014.12.06 11:21:51 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.12.06 11:06:18 | 002,153,472 | ---- | M] () -- C:\Users\MSI\Desktop\AdwCleaner.exe
[2014.12.01 07:17:24 | 000,231,263 | ---- | M] () -- C:\Users\MSI\Documents\Scan0011.pdf
[2014.12.01 07:16:40 | 000,337,751 | ---- | M] () -- C:\Users\MSI\Documents\Scan0010.pdf
[2014.12.01 07:15:43 | 000,357,603 | ---- | M] () -- C:\Users\MSI\Documents\Scan0009.pdf
[2014.12.01 07:14:51 | 000,459,037 | ---- | M] () -- C:\Users\MSI\Documents\Scan0008.pdf
[2014.12.01 07:14:06 | 000,370,197 | ---- | M] () -- C:\Users\MSI\Documents\Scan0007.pdf
[2014.12.01 07:12:12 | 000,238,061 | ---- | M] () -- C:\Users\MSI\Documents\Scan0006.pdf
[2014.12.01 07:11:21 | 000,201,104 | ---- | M] () -- C:\Users\MSI\Documents\Scan0005.pdf
[2014.12.01 07:10:11 | 000,500,135 | ---- | M] () -- C:\Users\MSI\Documents\Scan0004.pdf
[2014.12.01 07:09:28 | 000,365,704 | ---- | M] () -- C:\Users\MSI\Documents\Scan0003.pdf
[2014.11.27 10:33:22 | 000,002,252 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141127_103317.reg
[2014.11.27 10:32:09 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.11.26 23:23:30 | 000,000,755 | ---- | M] () -- C:\Users\MSI\Desktop\BurnInTest.lnk
[2014.11.26 22:55:58 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014.11.26 19:57:31 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.26 17:54:57 | 000,001,228 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141126_175455.reg
[2014.11.26 13:01:35 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2014.11.26 13:01:35 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2014.11.26 12:06:26 | 000,002,016 | ---- | M] () -- C:\Users\MSI\Desktop\Windows Compatibility Report.htm
[2014.11.26 09:37:18 | 000,000,498 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141126_093713.reg
[2014.11.26 00:05:06 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.11.26 00:05:06 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.11.25 23:56:57 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014.11.25 23:56:56 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014.11.25 23:56:46 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014.11.25 23:56:46 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.11.25 23:56:46 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.11.25 23:56:46 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014.11.25 23:56:46 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.11.25 23:56:46 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.11.25 23:56:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.11.25 23:56:46 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.11.25 23:56:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.11.25 14:25:55 | 002,000,152 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264(195).dll
[2014.11.25 14:25:55 | 000,397,592 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64(196).dll
[2014.11.22 04:06:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.11.22 03:50:39 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.11.22 03:50:10 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.11.22 03:49:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.11.22 03:48:20 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.11.22 03:40:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.11.22 03:37:10 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.11.22 03:35:43 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.11.22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.11.22 03:34:51 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.11.22 03:34:07 | 006,039,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.11.22 03:26:31 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.11.22 03:22:40 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.11.22 03:14:16 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.11.22 03:09:12 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.11.22 03:08:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.11.22 03:07:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.11.22 03:06:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.11.22 03:05:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.11.22 03:05:01 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.11.22 02:58:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.11.22 02:56:40 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.11.22 02:55:16 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.11.22 02:54:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.11.22 02:49:29 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.11.22 02:49:28 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.11.22 02:47:10 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.11.22 02:46:58 | 002,125,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.11.22 02:40:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.11.22 02:36:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.11.22 02:35:24 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.11.22 02:22:49 | 002,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.11.22 02:21:57 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.11.22 02:03:42 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.11.22 01:54:44 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.11.21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.11.19 04:26:34 | 001,614,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FM20.DLL
[2014.11.16 11:32:32 | 000,005,160 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141116_113228.reg
[2014.11.12 14:09:15 | 000,024,686 | ---- | M] () -- C:\Users\MSI\Documents\cc_20141112_140909.reg
[2014.11.12 13:42:40 | 000,417,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2014.12.11 06:49:13 | 000,010,422 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141211_064909.reg
[2014.12.11 06:48:42 | 000,025,664 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141211_064837.reg
[2014.12.08 12:24:23 | 000,028,672 | ---- | C] () -- C:\Users\MSI\Desktop\memtest.exe
[2014.12.08 00:57:30 | 000,001,186 | ---- | C] () -- C:\Users\MSI\Desktop\CrystalDiskInfo.lnk
[2014.12.06 14:52:45 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014.12.06 14:33:02 | 001,295,360 | ---- | C] () -- C:\Users\MSI\Desktop\zoek.exe
[2014.12.06 14:20:53 | 000,037,624 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014.12.06 14:17:53 | 018,310,232 | ---- | C] () -- C:\Users\MSI\Desktop\RogueKillerX64.exe
[2014.12.06 11:06:07 | 002,153,472 | ---- | C] () -- C:\Users\MSI\Desktop\AdwCleaner.exe
[2014.12.01 07:17:24 | 000,231,263 | ---- | C] () -- C:\Users\MSI\Documents\Scan0011.pdf
[2014.12.01 07:16:39 | 000,337,751 | ---- | C] () -- C:\Users\MSI\Documents\Scan0010.pdf
[2014.12.01 07:15:43 | 000,357,603 | ---- | C] () -- C:\Users\MSI\Documents\Scan0009.pdf
[2014.12.01 07:14:51 | 000,459,037 | ---- | C] () -- C:\Users\MSI\Documents\Scan0008.pdf
[2014.12.01 07:14:06 | 000,370,197 | ---- | C] () -- C:\Users\MSI\Documents\Scan0007.pdf
[2014.12.01 07:12:12 | 000,238,061 | ---- | C] () -- C:\Users\MSI\Documents\Scan0006.pdf
[2014.12.01 07:11:20 | 000,201,104 | ---- | C] () -- C:\Users\MSI\Documents\Scan0005.pdf
[2014.12.01 07:10:11 | 000,500,135 | ---- | C] () -- C:\Users\MSI\Documents\Scan0004.pdf
[2014.12.01 07:09:28 | 000,365,704 | ---- | C] () -- C:\Users\MSI\Documents\Scan0003.pdf
[2014.11.27 10:33:20 | 000,002,252 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141127_103317.reg
[2014.11.26 23:23:30 | 000,000,755 | ---- | C] () -- C:\Users\MSI\Desktop\BurnInTest.lnk
[2014.11.26 22:55:58 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014.11.26 17:54:56 | 000,001,228 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141126_175455.reg
[2014.11.26 12:04:02 | 000,002,016 | ---- | C] () -- C:\Users\MSI\Desktop\Windows Compatibility Report.htm
[2014.11.26 12:02:14 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2014.11.26 12:02:14 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2014.11.26 09:37:16 | 000,000,498 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141126_093713.reg
[2014.11.26 00:05:07 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.25 23:56:57 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014.11.16 11:32:31 | 000,005,160 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141116_113228.reg
[2014.11.12 14:09:13 | 000,024,686 | ---- | C] () -- C:\Users\MSI\Documents\cc_20141112_140909.reg
[2014.09.15 18:19:58 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.09.12 14:27:57 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014.08.23 12:05:13 | 000,000,000 | ---- | C] () -- C:\Users\MSI\AppData\Local\Driver_LOM_8161Present.flag
[2014.08.23 11:46:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.08.23 11:43:14 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.08.23 11:43:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.08.23 11:43:13 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.08.23 11:43:13 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.08.23 11:43:13 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014.08.23 11:40:54 | 001,558,096 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.08.23 11:05:55 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2014.08.23 11:05:54 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.08.23 14:38:19 | 000,000,000 | ---D | M] -- C:\Users\MSI\AppData\Roaming\AVAST Software
[2014.09.02 19:09:22 | 000,000,000 | ---D | M] -- C:\Users\MSI\AppData\Roaming\Downloaded Installations
[2014.09.22 23:24:44 | 000,000,000 | ---D | M] -- C:\Users\MSI\AppData\Roaming\TeamViewer
[2014.12.11 06:50:21 | 000,000,000 | ---D | M] -- C:\Users\MSI\AppData\Roaming\TS3Client
[2014.11.08 22:57:05 | 000,000,000 | ---D | M] -- C:\Users\MSI\AppData\Roaming\Wargaming.net

========== Purity Check ==========



< End of report >


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 120 hostů