Prosím kontrolu logu - dlouho bootuje a seká se WIN7

J0HN3C · Příspěvekod **J0HN3C** » 18 čer 2015 21:17

ComboFix 15-06-18.01 - Honza 18.06.2015 16:59:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8106.6130 [GMT 2:00]
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\gt.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\version.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-18 do 2015-06-18 )))))))))))))))))))))))))))))))
.
.
2015-06-18 10:23 . 2015-06-18 10:02 24064 ----a-w- c:\windows\zoek-delete.exe
2015-06-17 18:11 . 2015-03-23 09:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-17 18:11 . 2015-03-23 09:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCE55FC8-0108-4B6C-9B70-ED17091F554B}\gapaengine.dll
2015-06-17 18:10 . 2015-05-18 02:51 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E499948B-56D6-4F95-B2FB-3A726194CAA8}\mpengine.dll
2015-06-16 16:49 . 2015-05-18 02:51 12214312 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-06-16 06:18 . 2015-06-16 06:18 -------- d-----w- C:\RegBackup
2015-06-15 19:46 . 2012-08-20 14:48 19032 ------w- c:\windows\system32\pwdrvio.sys
2015-06-15 19:46 . 2012-08-20 14:48 2966720 ----a-w- c:\windows\system32\pwNative.exe
2015-06-15 19:46 . 2012-08-20 14:48 12384 ------w- c:\windows\system32\pwdspio.sys
2015-06-15 12:18 . 2015-06-15 12:18 -------- d-s---w- c:\windows\system32\CompatTel
2015-06-15 12:18 . 2015-06-15 12:18 -------- d-----w- c:\windows\system32\appraiser
2015-06-15 11:58 . 2015-06-15 11:58 -------- d-----w- c:\windows\Migration
2015-06-15 11:47 . 2015-06-15 11:47 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-06-15 11:34 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 11:34 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 11:32 . 2015-06-15 12:15 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2015-06-15 11:32 . 2015-06-15 12:16 -------- d-----w- c:\program files\Microsoft Security Client
2015-06-15 11:30 . 2015-02-03 03:30 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-06-15 11:29 . 2015-05-09 03:27 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-06-15 11:28 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-06-15 11:28 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-06-15 11:28 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-06-15 11:24 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-06-15 11:24 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-06-01 19:01 . 2015-06-01 19:01 544552 ----a-w- c:\windows\system32\iglhsip64.dll
2015-06-01 19:01 . 2015-06-01 19:01 231312 ----a-w- c:\windows\system32\iglhcp64.dll
2015-06-01 19:01 . 2015-06-01 19:01 194880 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2015-06-01 19:01 . 2015-06-01 19:01 12814752 ----a-w- c:\windows\system32\igdumd64.dll
2015-06-01 19:01 . 2015-06-01 19:01 1067696 ----a-w- c:\windows\system32\igfxcmrt64.dll
2015-06-01 19:01 . 2015-06-01 19:01 957472 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2015-06-01 19:01 . 2015-06-01 19:01 539312 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2015-06-01 19:01 . 2015-06-01 19:01 41288 ----a-w- c:\windows\system32\igfxexps.dll
2015-05-30 13:36 . 2015-05-30 13:36 -------- d-----w- c:\users\Honza\AppData\Local\Apple
2015-05-30 09:46 . 2015-05-30 09:46 -------- d-----w- C:\SUPERDelete
2015-05-28 16:49 . 2015-06-15 12:24 -------- d-----w- c:\windows\SysWow64\NV
2015-05-28 16:49 . 2015-06-15 12:24 -------- d-----w- c:\windows\system32\NV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-18 09:49 . 2014-12-07 19:33 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-06-15 19:05 . 2014-12-06 23:23 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-01 19:01 . 2011-04-14 03:01 11223896 ----a-w- c:\windows\SysWow64\igdumd32.dll
2015-06-01 19:01 . 2014-03-20 06:41 11352688 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2015-06-01 19:01 . 2011-04-14 03:01 13059896 ----a-w- c:\windows\system32\igd10umd64.dll
2015-06-01 19:00 . 2011-04-14 03:01 72704 ----a-w- c:\windows\system32\igfxsrvc.dll
2015-06-01 19:00 . 2015-06-01 19:00 437760 ----a-w- c:\windows\system32\igfxrcht.lrc
2015-06-01 19:00 . 2014-01-29 21:02 9016320 ----a-w- c:\windows\system32\igfxress.dll
2015-06-01 19:00 . 2015-06-01 19:00 437248 ----a-w- c:\windows\system32\igfxrchs.lrc
2015-06-01 19:00 . 2011-04-14 03:01 102912 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2015-06-01 19:00 . 2011-04-14 03:01 119296 ----a-w- c:\windows\system32\hccutils.dll
2015-05-27 18:09 . 2012-09-04 07:39 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-27 18:09 . 2011-12-29 20:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-26 22:04 . 2012-08-07 07:49 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-25 18:19 . 2015-06-15 11:30 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-15 11:30 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-15 11:30 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-15 11:30 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-15 11:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-12 06:27 . 2014-12-23 21:01 939080 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-05-12 06:27 . 2014-12-23 21:01 176064 ----a-w- c:\windows\system32\nvinitx.dll
2015-05-12 06:27 . 2014-12-23 21:01 154256 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-05-12 06:27 . 2014-12-23 21:01 12849056 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-05-12 06:27 . 2014-12-23 21:01 1099808 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-05-12 06:27 . 2014-12-23 21:01 3363224 ----a-w- c:\windows\system32\nvapi64.dll
2015-05-12 03:30 . 2014-12-23 21:05 937288 ----a-w- c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2014-12-23 21:05 75080 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-05-12 03:30 . 2014-12-23 21:05 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2014-12-23 21:05 579400 ----a-w- c:\windows\SysWow64\oemdspif.dll
2015-05-12 03:30 . 2014-12-23 21:05 385352 ----a-w- c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2014-12-23 21:05 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2014-12-23 21:05 1059984 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-05-12 03:30 . 2014-12-23 21:05 6872392 ----a-w- c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2014-12-23 21:05 3490448 ----a-w- c:\windows\system32\nvsvc64.dll
2015-05-11 17:01 . 2014-12-23 21:05 4391871 ----a-w- c:\windows\system32\nvcoproc.bin
2015-04-14 07:37 . 2014-12-06 23:22 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2014-12-06 23:22 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2014-12-06 23:22 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-30 6501656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe /h [2010-12-17 1927528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz130;cpuz130;c:\users\Honza\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\Honza\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 gwiopm;gwiopm;c:\users\Honza\AppData\Local\Temp\HBCD\gwiopm.sys;c:\users\Honza\AppData\Local\Temp\HBCD\gwiopm.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SL3;SL3 Driver;c:\windows\system32\Drivers\Sl3.sys;c:\windows\SYSNATIVE\Drivers\Sl3.sys [x]
R3 SL3Usb;SL3 Driver SSL;c:\windows\system32\Drivers\SL3Usb.sys;c:\windows\SYSNATIVE\Drivers\SL3Usb.sys [x]
R3 SL3UsbNoSSL;SL3 Driver No SSL;c:\windows\system32\Drivers\SL3UsbNoSSL.sys;c:\windows\SYSNATIVE\Drivers\SL3UsbNoSSL.sys [x]
R3 strmdrv;Rane SL3;c:\windows\system32\Drivers\strmdrv.sys;c:\windows\SYSNATIVE\Drivers\strmdrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe;c:\program files\Realtek\RtLED\RtLEDService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-11-09 02:01 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1933584]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-11-09 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-11-09 5908928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-14 11697768]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 - c:\program files (x86)\Free CENZURA\unins000.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 - c:\program files (x86)\aTube Catcher 2.0\unins000.exe
AddRemove-uTorrent - c:\users\Honza\AppData\Roaming\uTorrent\uTorrent.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-06-18 17:07:11
ComboFix-quarantined-files.txt 2015-06-18 15:07
.
Před spuštěním: Volných bajtů: 10 470 375 424
Po spuštění: Volných bajtů: 10 160 361 472
.
- - End Of File - - 89748FCDA87148E37443ECD657B19A75

Reklama

Příspěvekod **Orcus** » 19 čer 2015 07:39

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::

KillAll::

File::

Folder::
c:\program files (x86)\Skype\Updater\

Driver::
SkypeUpdate

RegLock::
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

Obrázek

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

J0HN3C · Příspěvekod **J0HN3C** » 22 čer 2015 19:08

ComboFix 15-06-18.01 - Honza 22.06.2015 18:43:00.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8106.6315 [GMT 2:00]
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-22 do 2015-06-22 )))))))))))))))))))))))))))))))
.
.
2015-06-22 16:49 . 2015-06-22 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-18 10:23 . 2015-06-22 16:55 -------- d-----w- c:\users\Honza\AppData\Local\Temp
2015-06-18 10:23 . 2015-06-18 10:02 24064 ----a-w- c:\windows\zoek-delete.exe
2015-06-17 18:11 . 2015-03-23 09:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-17 18:11 . 2015-03-23 09:40 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DCE55FC8-0108-4B6C-9B70-ED17091F554B}\gapaengine.dll
2015-06-16 06:18 . 2015-06-16 06:18 -------- d-----w- C:\RegBackup
2015-06-15 19:46 . 2012-08-20 14:48 19032 ------w- c:\windows\system32\pwdrvio.sys
2015-06-15 19:46 . 2012-08-20 14:48 2966720 ----a-w- c:\windows\system32\pwNative.exe
2015-06-15 19:46 . 2012-08-20 14:48 12384 ------w- c:\windows\system32\pwdspio.sys
2015-06-15 12:18 . 2015-06-15 12:18 -------- d-s---w- c:\windows\system32\CompatTel
2015-06-15 12:18 . 2015-06-15 12:18 -------- d-----w- c:\windows\system32\appraiser
2015-06-15 11:58 . 2015-06-15 11:58 -------- d-----w- c:\windows\Migration
2015-06-15 11:47 . 2015-06-15 11:47 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-06-15 11:34 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 11:34 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 11:32 . 2015-06-15 12:15 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2015-06-15 11:32 . 2015-06-15 12:16 -------- d-----w- c:\program files\Microsoft Security Client
2015-06-15 11:30 . 2015-02-03 03:30 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-06-15 11:29 . 2015-05-09 03:27 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-06-15 11:28 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-06-15 11:28 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-06-15 11:28 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-06-15 11:24 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-06-15 11:24 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-06-01 19:01 . 2015-06-01 19:01 544552 ----a-w- c:\windows\system32\iglhsip64.dll
2015-06-01 19:01 . 2015-06-01 19:01 231312 ----a-w- c:\windows\system32\iglhcp64.dll
2015-06-01 19:01 . 2015-06-01 19:01 194880 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2015-06-01 19:01 . 2015-06-01 19:01 12814752 ----a-w- c:\windows\system32\igdumd64.dll
2015-06-01 19:01 . 2015-06-01 19:01 1067696 ----a-w- c:\windows\system32\igfxcmrt64.dll
2015-06-01 19:01 . 2015-06-01 19:01 957472 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2015-06-01 19:01 . 2015-06-01 19:01 539312 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2015-06-01 19:01 . 2015-06-01 19:01 41288 ----a-w- c:\windows\system32\igfxexps.dll
2015-05-30 13:36 . 2015-05-30 13:36 -------- d-----w- c:\users\Honza\AppData\Local\Apple
2015-05-30 09:46 . 2015-05-30 09:46 -------- d-----w- C:\SUPERDelete
2015-05-28 16:49 . 2015-06-15 12:24 -------- d-----w- c:\windows\SysWow64\NV
2015-05-28 16:49 . 2015-06-15 12:24 -------- d-----w- c:\windows\system32\NV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-18 09:49 . 2014-12-07 19:33 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-06-15 19:05 . 2014-12-06 23:23 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-01 19:01 . 2011-04-14 03:01 11223896 ----a-w- c:\windows\SysWow64\igdumd32.dll
2015-06-01 19:01 . 2014-03-20 06:41 11352688 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2015-06-01 19:01 . 2011-04-14 03:01 13059896 ----a-w- c:\windows\system32\igd10umd64.dll
2015-06-01 19:00 . 2011-04-14 03:01 72704 ----a-w- c:\windows\system32\igfxsrvc.dll
2015-06-01 19:00 . 2015-06-01 19:00 437760 ----a-w- c:\windows\system32\igfxrcht.lrc
2015-06-01 19:00 . 2014-01-29 21:02 9016320 ----a-w- c:\windows\system32\igfxress.dll
2015-06-01 19:00 . 2015-06-01 19:00 437248 ----a-w- c:\windows\system32\igfxrchs.lrc
2015-06-01 19:00 . 2011-04-14 03:01 102912 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2015-06-01 19:00 . 2011-04-14 03:01 119296 ----a-w- c:\windows\system32\hccutils.dll
2015-05-27 18:09 . 2012-09-04 07:39 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-27 18:09 . 2011-12-29 20:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-26 22:04 . 2012-08-07 07:49 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-25 18:19 . 2015-06-15 11:30 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-15 11:30 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-15 11:30 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-15 11:30 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-15 11:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-12 06:27 . 2014-12-23 21:01 939080 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-05-12 06:27 . 2014-12-23 21:01 176064 ----a-w- c:\windows\system32\nvinitx.dll
2015-05-12 06:27 . 2014-12-23 21:01 154256 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-05-12 06:27 . 2014-12-23 21:01 12849056 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-05-12 06:27 . 2014-12-23 21:01 1099808 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-05-12 06:27 . 2014-12-23 21:01 3363224 ----a-w- c:\windows\system32\nvapi64.dll
2015-05-12 03:30 . 2014-12-23 21:05 937288 ----a-w- c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2014-12-23 21:05 75080 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-05-12 03:30 . 2014-12-23 21:05 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2014-12-23 21:05 579400 ----a-w- c:\windows\SysWow64\oemdspif.dll
2015-05-12 03:30 . 2014-12-23 21:05 385352 ----a-w- c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2014-12-23 21:05 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2014-12-23 21:05 1059984 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-05-12 03:30 . 2014-12-23 21:05 6872392 ----a-w- c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2014-12-23 21:05 3490448 ----a-w- c:\windows\system32\nvsvc64.dll
2015-05-11 17:01 . 2014-12-23 21:05 4391871 ----a-w- c:\windows\system32\nvcoproc.bin
2015-04-14 07:37 . 2014-12-06 23:22 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2014-12-06 23:22 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2014-12-06 23:22 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-30 6501656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe /h [2010-12-17 1927528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz130;cpuz130;c:\users\Honza\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\Honza\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 gwiopm;gwiopm;c:\users\Honza\AppData\Local\Temp\HBCD\gwiopm.sys;c:\users\Honza\AppData\Local\Temp\HBCD\gwiopm.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SL3;SL3 Driver;c:\windows\system32\Drivers\Sl3.sys;c:\windows\SYSNATIVE\Drivers\Sl3.sys [x]
R3 SL3Usb;SL3 Driver SSL;c:\windows\system32\Drivers\SL3Usb.sys;c:\windows\SYSNATIVE\Drivers\SL3Usb.sys [x]
R3 SL3UsbNoSSL;SL3 Driver No SSL;c:\windows\system32\Drivers\SL3UsbNoSSL.sys;c:\windows\SYSNATIVE\Drivers\SL3UsbNoSSL.sys [x]
R3 strmdrv;Rane SL3;c:\windows\system32\Drivers\strmdrv.sys;c:\windows\SYSNATIVE\Drivers\strmdrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe;c:\program files\Realtek\RtLED\RtLEDService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-11-09 02:01 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1933584]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-11-09 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-11-09 5908928]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-14 11697768]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 - c:\program files (x86)\Free CENZURA\unins000.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1 - c:\program files (x86)\aTube Catcher 2.0\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2015-06-22 18:59:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-22 16:59
ComboFix2.txt 2015-06-18 15:07
.
Před spuštěním: Volných bajtů: 10 158 931 968
Po spuštění: 9 696 579 584
.
- - End Of File - - 08EB67E539C88F1B65AD694D044E4796

J0HN3C · Příspěvekod **J0HN3C** » 22 čer 2015 19:11

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-06-22 19:09:11
-----------------------------
19:09:11.385 OS Version: Windows x64 6.1.7601 Service Pack 1
19:09:11.385 Number of processors: 4 586 0x2A07
19:09:11.385 ComputerName: EVA-PC UserName: Honza
19:09:11.915 Initialize success
19:09:11.962 VM: initialized successfully
19:09:11.962 VM: Intel CPU BiosDisabled
19:09:30.626 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:09:30.626 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
19:09:30.735 Disk 0 MBR read successfully
19:09:30.751 Disk 0 MBR scan
19:09:30.751 Disk 0 Windows 7 default MBR code
19:09:30.751 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
19:09:30.751 Disk 0 default boot code
19:09:30.766 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100000 MB offset 411648
19:09:30.766 Disk 0 Partition - 00 0F Extended LBA 600102 MB offset 205211664
19:09:30.797 Disk 0 Partition 3 00 02 XENIX root NTFS 15100 MB offset 1434222592
19:09:30.829 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 567405 MB offset 205211727
19:09:30.829 Disk 0 Partition - 00 05 Extended 3000 MB offset 1367258256
19:09:30.860 Disk 0 Partition 5 00 07 HPFS/NTFS 3000 MB offset 1367258319
19:09:30.875 Disk 0 Partition - 00 05 Extended 29697 MB offset 2535449665
19:09:30.891 Disk 0 Partition 6 00 07 HPFS/NTFS 29697 MB offset 1373403136
19:09:30.938 Disk 0 scanning C:\windows\system32\drivers
19:09:37.864 Service scanning
19:10:14.961 Modules scanning
19:10:14.961 Disk 0 trace - called modules:
19:10:14.977 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:10:14.977 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009754060]
19:10:14.977 3 CLASSPNP.SYS[fffff880013ba43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007920050]
19:10:14.992 Disk 0 statistics 104339/0/0 @ 7,47 MB/s
19:10:14.992 Scan finished successfully
19:10:32.449 Disk 0 MBR has been saved successfully to "C:\Users\Honza\Desktop\MBR.dat"
19:10:32.449 The log file has been saved successfully to "C:\Users\Honza\Desktop\aswMBR.txt"

Příspěvekod **jerabina** » 22 čer 2015 19:33

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT

J0HN3C · Příspěvekod **J0HN3C** » 23 čer 2015 20:35

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:22, on 23.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Honza\Downloads\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: SRS Premium Sound.lnk = C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10883 bytes

J0HN3C · Příspěvekod **J0HN3C** » 23 čer 2015 20:45

Počítač jede ok, Firefox jede pořád zoufale, zamrzá zejména když načítá obsah na youtube, facebook, twitter apod. Opera jede plynule.

Teďka mi jde asi hlavně o to, aby to zase nezapadalo balastem, tak jsem zapnul MS Security, firewall a UAC.
Windows si nechám na specifické aplikace a na běžné používání chci rozchodit Linux (ale to je do jiného topicu).
V každém případě, jestli už je HTJ log v pořádku, mockrát děkuju a zasílám příspěvek. :)

Příspěvekod **jaro3** » 24 čer 2015 11:12

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Díky za příspěvek!

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

J0HN3C · Příspěvekod **J0HN3C** » 24 čer 2015 18:47

FRST.txt - první část

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Honza (administrator) on EVA-PC on 24-06-2015 18:41:33
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLEDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtLED\RtLED.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-11-09] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-11-09] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11697768 2010-12-14] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3154265674-1837838216-887747114-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3154265674-1837838216-887747114-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2011-11-09]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (SRS Labs, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-11-09] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3154265674-1837838216-887747114-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3154265674-1837838216-887747114-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3154265674-1837838216-887747114-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-3154265674-1837838216-887747114-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3154265674-1837838216-887747114-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3154265674-1837838216-887747114-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-27] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-10-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-06-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-02-20]
FF Extension: YouTube mp3 - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default\Extensions\info@youtube-mp3.org.xpi [2015-05-24]
FF Extension: Adblock Plus - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\2qgondai.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

Opera:
=======
StartMenuInternet: (HKLM) Operabeta - C:\Program Files (x86)\Opera Next\Launcher.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-02-15] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-07-05] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 hasplms; C:\windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-09-30] (Realtek Semiconductor Corp.) [File not signed]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-08-28] (Valve Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-01] (DT Soft Ltd)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8200552 2010-12-15] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SL3; C:\Windows\System32\Drivers\Sl3.sys [57448 2009-02-16] (Cristalink Ltd)
S3 SL3Usb; C:\Windows\System32\Drivers\SL3Usb.sys [56312 2013-07-09] (Cristalink Ltd)
S3 SL3UsbNoSSL; C:\Windows\System32\Drivers\SL3UsbNoSSL.sys [56312 2013-07-09] (Cristalink Ltd)
S3 strmdrv; C:\Windows\System32\Drivers\strmdrv.sys [36424 2011-05-18] (Rane Corporation)
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 cpuz130; \??\C:\Users\Honza\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
U2 DriverService; No ImagePath
S3 gwiopm; \??\C:\Users\Honza\AppData\Local\Temp\HBCD\gwiopm.sys [X]
U2 IAStorDataMgrSvc; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 SoftwareService; No ImagePath
U2 Stereo Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

J0HN3C · Příspěvekod **J0HN3C** » 24 čer 2015 18:48

FRST.txt - druhá část

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 18:41 - 2015-06-24 18:41 - 00020553 _____ C:\Users\Honza\Desktop\FRST.txt
2015-06-24 18:41 - 2015-06-24 18:41 - 00000000 ____D C:\FRST
2015-06-24 18:40 - 2015-06-24 18:40 - 02109952 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2015-06-24 18:36 - 2015-06-24 18:39 - 00000000 ____D C:\Users\Honza\Downloads\backups
2015-06-23 18:23 - 2015-06-23 18:23 - 00000168 _____ C:\windows\setupact.log
2015-06-23 18:23 - 2015-06-23 18:23 - 00000000 _____ C:\windows\setuperr.log
2015-06-23 18:19 - 2015-06-23 18:19 - 00272238 _____ C:\Users\Honza\Documents\cc_20150623_181948.reg
2015-06-22 19:10 - 2015-06-22 19:10 - 00000512 _____ C:\Users\Honza\Desktop\MBR.dat
2015-06-18 19:19 - 2015-03-01 19:55 - 00000000 ____D C:\Users\Honza\Downloads\refind-bin-0.8.7
2015-06-18 12:30 - 2015-06-18 12:30 - 02558227 _____ C:\Users\Honza\Downloads\refind-bin-0.8.7.zip
2015-06-18 12:23 - 2015-06-18 12:02 - 00024064 _____ C:\windows\zoek-delete.exe
2015-06-18 12:05 - 2014-12-18 13:01 - 00009586 _____ C:\zoek-results2014-12-18-110146.log
2015-06-18 12:01 - 2014-12-18 12:38 - 01295360 _____ C:\Users\Honza\Desktop\zoek.exe
2015-06-18 11:49 - 2015-06-18 11:49 - 21446904 _____ C:\Users\Honza\Desktop\RogueKillerX64 (2).exe
2015-06-16 08:20 - 2015-06-16 08:20 - 00000864 _____ C:\Users\Honza\Desktop\JRT.txt
2015-06-16 08:18 - 2015-06-16 08:18 - 00000207 _____ C:\windows\tweaking.com-regbackup-EVA-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-16 08:18 - 2015-06-16 08:18 - 00000000 ____D C:\RegBackup
2015-06-16 08:17 - 2015-06-16 07:35 - 02945552 _____ (Thisisu) C:\Users\Honza\Desktop\JRT_NEW.exe
2015-06-15 21:46 - 2012-08-20 16:48 - 02966720 _____ C:\windows\system32\pwNative.exe
2015-06-15 21:46 - 2012-08-20 16:48 - 00019032 ____N C:\windows\system32\pwdrvio.sys
2015-06-15 21:46 - 2012-08-20 16:48 - 00012384 ____N C:\windows\system32\pwdspio.sys
2015-06-15 19:50 - 2015-06-15 19:50 - 04831232 _____ (Geza Kovacs) C:\Users\Honza\Downloads\unetbootin-windows-608.exe
2015-06-15 14:18 - 2015-06-15 14:18 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-15 14:18 - 2015-06-15 14:18 - 00000000 ____D C:\windows\system32\appraiser
2015-06-15 14:16 - 2015-01-09 01:44 - 00419936 _____ C:\windows\SysWOW64\locale.nls
2015-06-15 14:16 - 2015-01-09 01:43 - 00419936 _____ C:\windows\system32\locale.nls
2015-06-15 13:47 - 2015-06-15 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-15 13:34 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 13:34 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-15 13:32 - 2015-06-15 14:16 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-15 13:32 - 2015-06-15 14:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-15 13:32 - 2015-06-15 14:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-15 13:31 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-06-15 13:31 - 2015-05-28 04:03 - 02237440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-15 13:31 - 2015-05-28 04:03 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-15 13:31 - 2015-05-28 04:03 - 00601600 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-15 13:31 - 2015-05-28 04:02 - 19291136 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-15 13:31 - 2015-05-28 04:02 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-15 13:31 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-06-15 13:31 - 2015-05-28 04:02 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 02656768 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-06-15 13:31 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-06-15 13:31 - 2015-05-28 04:00 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-15 13:31 - 2015-05-28 02:45 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-15 13:31 - 2015-05-28 02:45 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-15 13:31 - 2015-05-28 02:45 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-15 13:31 - 2015-05-28 02:44 - 14383104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-15 13:31 - 2015-05-28 02:44 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-15 13:31 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-06-15 13:31 - 2015-05-28 02:44 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 13771776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 02865152 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-15 13:31 - 2015-05-28 02:43 - 00690176 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-06-15 13:31 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-06-15 13:31 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-06-15 13:31 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-06-15 13:31 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-15 13:31 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-15 13:31 - 2015-05-28 01:34 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-06-15 13:31 - 2015-05-28 01:32 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-15 13:30 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-15 13:30 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-06-15 13:30 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-15 13:30 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-06-15 13:30 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-06-15 13:30 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-15 13:30 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-15 13:30 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-06-15 13:30 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-06-15 13:30 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-15 13:30 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-06-15 13:30 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-06-15 13:30 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-06-15 13:30 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-06-15 13:30 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-06-15 13:30 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-06-15 13:30 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-06-15 13:30 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-06-15 13:30 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-06-15 13:30 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-06-15 13:30 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-06-15 13:30 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-06-15 13:30 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-15 13:30 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-06-15 13:30 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-06-15 13:30 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-15 13:30 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-15 13:30 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-15 13:30 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-15 13:30 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-15 13:30 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-06-15 13:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-06-15 13:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-06-15 13:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-06-15 13:30 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-06-15 13:30 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-06-15 13:30 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-06-15 13:30 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-06-15 13:30 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-06-15 13:30 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-06-15 13:30 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-06-15 13:30 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-06-15 13:30 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-06-15 13:30 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-06-15 13:30 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-06-15 13:30 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-06-15 13:30 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-06-15 13:30 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-06-15 13:30 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-06-15 13:30 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-06-15 13:30 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-06-15 13:30 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-06-15 13:30 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-06-15 13:30 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-06-15 13:30 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-06-15 13:30 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-06-15 13:30 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-06-15 13:30 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-06-15 13:30 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-06-15 13:29 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-15 13:29 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-06-15 13:29 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-06-15 13:29 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-06-15 13:29 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-06-15 13:29 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-06-15 13:29 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-06-15 13:29 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-06-15 13:29 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-06-15 13:29 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-06-15 13:29 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-06-15 13:29 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-06-15 13:29 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-15 13:29 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-15 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-15 13:29 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-15 13:29 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-15 13:29 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-06-15 13:29 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-06-15 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-06-15 13:29 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-06-15 13:29 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-06-15 13:29 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-06-15 13:29 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-06-15 13:29 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-06-15 13:29 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-06-15 13:29 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-06-15 13:29 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-15 13:29 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-06-15 13:29 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-06-15 13:29 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-06-15 13:29 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-06-15 13:29 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-06-15 13:29 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-06-15 13:29 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-06-15 13:29 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-06-15 13:29 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-06-15 13:29 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-06-15 13:29 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-06-15 13:29 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-06-15 13:29 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-06-15 13:29 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-06-15 13:29 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-06-15 13:29 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-06-15 13:29 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-06-15 13:29 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-06-15 13:29 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-06-15 13:29 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-06-15 13:29 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-06-15 13:29 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-06-15 13:29 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-06-15 13:29 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-06-15 13:29 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-06-15 13:29 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-06-15 13:29 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-06-15 13:29 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-06-15 13:29 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-06-15 13:29 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-06-15 13:29 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-06-15 13:29 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-15 13:29 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-06-15 13:29 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-06-15 13:29 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-06-15 13:29 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-06-15 13:29 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-06-15 13:28 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-06-15 13:28 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-06-15 13:28 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-06-15 13:24 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-06-15 13:24 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-06-04 20:29 - 2015-06-07 19:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 21:01 - 2015-06-01 21:01 - 12814752 _____ (Intel Corporation) C:\windows\system32\igdumd64.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 01067696 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00957472 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00544552 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00539312 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00231312 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00194880 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll
2015-06-01 21:01 - 2015-06-01 21:01 - 00041288 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 13037568 _____ (Intel Corporation) C:\windows\system32\ig4icd64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 10820096 _____ (Intel Corporation) C:\windows\SysWOW64\ig4icd32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 05916080 _____ (Intel Corporation) C:\windows\system32\GfxUI.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 05384176 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys
2015-06-01 21:00 - 2015-06-01 21:00 - 03520000 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 03129856 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00584192 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00551424 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00523184 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00453552 _____ (Intel Corporation) C:\windows\system32\igfxpers.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00451584 _____ (Intel Corporation) C:\windows\system32\igfxdev.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00449024 _____ (Intel Corporation) C:\windows\system32\igfxrell.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00448512 _____ (Intel Corporation) C:\windows\system32\igfxrfra.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00448512 _____ (Intel Corporation) C:\windows\system32\igfxresn.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00448000 _____ (Intel Corporation) C:\windows\system32\igfxrrus.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00448000 _____ (Intel Corporation) C:\windows\system32\igfxrrom.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrsky.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrptg.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrplk.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrnld.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrita.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrhrv.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00447488 _____ (Intel Corporation) C:\windows\system32\igfxrdeu.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446976 _____ (Intel Corporation) C:\windows\system32\igfxrhun.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446976 _____ (Intel Corporation) C:\windows\system32\igfxrfin.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446976 _____ (Intel Corporation) C:\windows\system32\igfxrcsy.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446464 _____ (Intel Corporation) C:\windows\system32\igfxrtrk.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446464 _____ (Intel Corporation) C:\windows\system32\igfxrsve.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446464 _____ (Intel Corporation) C:\windows\system32\igfxrslv.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446464 _____ (Intel Corporation) C:\windows\system32\igfxrptb.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00446464 _____ (Intel Corporation) C:\windows\system32\igfxrnor.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00445952 _____ (Intel Corporation) C:\windows\system32\igfxrtha.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00445952 _____ (Intel Corporation) C:\windows\system32\igfxrdan.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00444416 _____ (Intel Corporation) C:\windows\system32\igfxrheb.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00444416 _____ (Intel Corporation) C:\windows\system32\igfxrara.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00440832 _____ (Intel Corporation) C:\windows\system32\igfxrjpn.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00439808 _____ (Intel Corporation) C:\windows\system32\igfxrkor.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00437760 _____ (Intel Corporation) C:\windows\system32\igfxrcht.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00437248 _____ (Intel Corporation) C:\windows\system32\igfxrchs.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00418816 _____ (Intel Corporation) C:\windows\system32\igfxTMM.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00411056 _____ (Intel Corporation) C:\windows\system32\hkcmd.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00393216 _____ (Intel Corporation) C:\windows\system32\igfxpph.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00339456 _____ (Intel Corporation) C:\windows\SysWOW64\igfxdv32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00294912 _____ (Intel Corporation) C:\windows\system32\igfxrenu.lrc
2015-06-01 21:00 - 2015-06-01 21:00 - 00290224 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00266152 _____ (Intel Corporation) C:\windows\system32\igfxext.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00197040 _____ (Intel Corporation) C:\windows\system32\difx64.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00183808 _____ (Intel Corporation) C:\windows\system32\gfxSrvc.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00183216 _____ (Intel Corporation) C:\windows\system32\igfxtray.exe
2015-06-01 21:00 - 2015-06-01 21:00 - 00151040 _____ (Intel Corporation) C:\windows\system32\igfxdo.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00135680 _____ (Intel Corporation) C:\windows\system32\igfxcpl.cpl
2015-06-01 21:00 - 2015-06-01 21:00 - 00124928 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v4229.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00110080 _____ C:\windows\system32\igdde64.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00090112 _____ C:\windows\SysWOW64\igdde32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00033792 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00018432 _____ ( ) C:\windows\system32\IGFXDEVLib.dll
2015-06-01 19:46 - 2015-06-01 19:46 - 00017082 _____ C:\windows\system32\iglhxs64.vp
2015-05-31 17:05 - 2015-05-31 17:05 - 00010476 _____ C:\Users\Honza\Documents\vydaje 0405.xlsx
2015-05-30 15:36 - 2015-05-30 15:36 - 00000000 ____D C:\Users\Honza\AppData\Local\Apple
2015-05-30 11:46 - 2015-05-30 11:46 - 00000000 ____D C:\SUPERDelete
2015-05-28 18:49 - 2015-06-15 14:24 - 00000000 ____D C:\windows\SysWOW64\NV
2015-05-28 18:49 - 2015-06-15 14:24 - 00000000 ____D C:\windows\system32\NV
2015-05-28 18:48 - 2015-05-12 08:27 - 42718864 _____ C:\windows\system32\nvcompiler.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 37741712 _____ C:\windows\SysWOW64\nvcompiler.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 30478992 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 17540416 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 15048816 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 13263568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 11790144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-05-28 18:48 - 2015-05-12 08:27 - 02971776 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6435286.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6435286.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2015-05-28 18:48 - 2015-05-12 08:27 - 00031376 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2015-05-27 20:27 - 2015-05-27 20:27 - 00004316 _____ C:\Users\Honza\Documents\cc_20150527_202705.reg

J0HN3C · Příspěvekod **J0HN3C** » 24 čer 2015 18:48

FRST.txt - třetí část

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 18:35 - 2014-12-04 12:54 - 00011110 _____ C:\Users\Honza\Downloads\hijackthis.log
2015-06-24 18:18 - 2011-11-09 03:17 - 01961502 _____ C:\windows\WindowsUpdate.log
2015-06-24 18:01 - 2013-11-12 14:19 - 01726508 _____ C:\FaceProv.log
2015-06-23 20:13 - 2009-07-14 06:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-23 20:13 - 2009-07-14 06:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-23 18:29 - 2011-11-03 21:11 - 00669116 _____ C:\windows\system32\perfh005.dat
2015-06-23 18:29 - 2011-11-03 21:11 - 00141744 _____ C:\windows\system32\perfc005.dat
2015-06-23 18:29 - 2009-07-14 07:13 - 01584554 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-23 18:24 - 2011-11-09 04:03 - 00209547 _____ C:\windows\system32\fastboot.set
2015-06-23 18:23 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-23 18:21 - 2014-12-07 11:47 - 00000000 ____D C:\Users\Honza\AppData\Local\Adobe
2015-06-23 18:18 - 2014-12-12 20:31 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2015-06-23 18:14 - 2014-08-04 22:17 - 00000000 ____D C:\windows\ERDNT
2015-06-22 18:55 - 2009-07-14 04:34 - 00000243 _____ C:\windows\system.ini
2015-06-22 18:50 - 2009-07-14 04:34 - 89128960 _____ C:\windows\system32\config\SOFTWARE.bak
2015-06-22 18:50 - 2009-07-14 04:34 - 26476544 _____ C:\windows\system32\config\SYSTEM.bak
2015-06-22 18:50 - 2009-07-14 04:34 - 00524288 _____ C:\windows\system32\config\DEFAULT.bak
2015-06-22 18:50 - 2009-07-14 04:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-06-22 18:50 - 2009-07-14 04:34 - 00262144 _____ C:\windows\system32\config\SAM.bak
2015-06-22 18:49 - 2012-02-23 12:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-18 17:07 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-18 12:24 - 2014-12-18 12:43 - 00007372 _____ C:\zoek-results.log
2015-06-18 12:19 - 2014-12-18 12:40 - 00000000 ____D C:\zoek_backup
2015-06-18 11:49 - 2014-12-07 21:33 - 00037624 _____ C:\windows\system32\Drivers\TrueSight.sys
2015-06-18 11:49 - 2014-12-07 21:33 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-18 11:12 - 2014-09-07 20:18 - 00000000 ____D C:\windows\rescache
2015-06-17 11:53 - 2014-06-03 18:47 - 00003836 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1392475031
2015-06-17 11:53 - 2014-02-15 16:37 - 00000000 ____D C:\Program Files (x86)\Opera Next
2015-06-16 07:15 - 2009-07-14 05:20 - 00000000 ____D C:\windows\AppCompat
2015-06-15 21:05 - 2014-12-07 01:23 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-15 21:02 - 2014-12-07 01:17 - 00000000 ____D C:\AdwCleaner
2015-06-15 21:00 - 2014-12-07 01:17 - 00000220 _____ C:\AdwCleanerDebug.txt
2015-06-15 15:35 - 2011-02-22 13:19 - 00000000 ____D C:\windows\Panther
2015-06-15 14:31 - 2013-06-06 19:27 - 00000000 ____D C:\Users\Honza\AppData\Roaming\uTorrent
2015-06-15 14:31 - 2011-12-24 21:36 - 00000000 ____D C:\Users\Honza
2015-06-15 14:20 - 2009-07-14 06:45 - 02292240 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-15 14:19 - 2012-01-22 23:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-15 14:19 - 2012-01-22 23:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-15 14:18 - 2011-02-22 13:42 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-15 14:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2015-06-15 14:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Dism
2015-06-15 14:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-06-15 14:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-15 14:16 - 2013-11-12 14:15 - 00001912 _____ C:\windows\epplauncher.mif
2015-06-15 13:59 - 2013-09-11 09:21 - 01560204 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-06-15 13:57 - 2013-05-02 12:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 13:47 - 2012-02-23 12:56 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 13:45 - 2013-09-27 01:54 - 00000000 ____D C:\windows\system32\MRT
2015-06-15 13:33 - 2012-01-22 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-15 12:10 - 2012-06-21 12:57 - 00000000 ____D C:\Users\Honza\Documents\djhonza.cz
2015-06-15 11:53 - 2014-09-04 19:44 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-15 11:45 - 2012-04-27 03:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-01 21:01 - 2014-03-20 08:41 - 11352688 _____ (Intel Corporation) C:\windows\SysWOW64\igd10umd32.dll
2015-06-01 21:01 - 2011-04-14 05:01 - 13059896 _____ (Intel Corporation) C:\windows\system32\igd10umd64.dll
2015-06-01 21:01 - 2011-04-14 05:01 - 11223896 _____ (Intel Corporation) C:\windows\SysWOW64\igdumd32.dll
2015-06-01 21:00 - 2014-01-29 23:02 - 09016320 _____ (Intel Corporation) C:\windows\system32\igfxress.dll
2015-06-01 21:00 - 2011-04-14 05:01 - 00119296 _____ (Intel Corporation) C:\windows\system32\hccutils.dll
2015-06-01 21:00 - 2011-04-14 05:01 - 00102912 _____ C:\windows\system32\IccLibDll_x64.dll
2015-06-01 21:00 - 2011-04-14 05:01 - 00072704 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.dll
2015-06-01 16:15 - 2012-02-23 12:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2015-05-30 15:31 - 2012-10-26 18:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-05-30 15:31 - 2011-12-24 21:45 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Adobe
2015-05-30 15:30 - 2013-11-12 13:02 - 00000000 ____D C:\Program Files\CCleaner
2015-05-30 15:23 - 2012-04-01 13:48 - 00000000 ____D C:\WinSetupFromUSB
2015-05-30 15:22 - 2011-12-24 21:41 - 00000000 ____D C:\Users\Honza\AppData\Local\Google
2015-05-30 15:22 - 2011-11-09 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-30 15:22 - 2011-11-09 04:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-30 12:28 - 2013-03-13 01:07 - 00000000 ____D C:\Users\Honza\AppData\Roaming\.minecraft
2015-05-30 12:26 - 2014-09-04 19:58 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-30 11:43 - 2014-11-11 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-05-30 11:43 - 2014-11-11 22:16 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-05-30 11:42 - 2013-11-03 18:53 - 00410112 ___SH C:\Users\Honza\Documents\Thumbs.db
2015-05-30 11:27 - 2014-12-07 01:22 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-30 11:27 - 2014-12-07 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-30 11:27 - 2014-12-07 01:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-28 18:49 - 2014-12-23 23:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-28 18:49 - 2013-08-20 17:45 - 00000000 ____D C:\temp
2015-05-28 18:49 - 2011-11-09 03:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-27 20:09 - 2012-09-04 09:39 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-27 20:09 - 2011-12-29 22:29 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-27 00:04 - 2012-08-07 09:49 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-09-09 00:00 - 2014-09-09 00:00 - 0000754 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-23 22:03

==================== End of log ============================

J0HN3C · Příspěvekod **J0HN3C** » 24 čer 2015 18:49

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Honza at 2015-06-24 18:42:24
Running from C:\Users\Honza\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3154265674-1837838216-887747114-500 - Administrator - Disabled)
Guest (S-1-5-21-3154265674-1837838216-887747114-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3154265674-1837838216-887747114-1003 - Limited - Enabled)
Honza (S-1-5-21-3154265674-1837838216-887747114-1001 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Audition CS5.5 (HKLM-x32\...\{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aktualizace NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo)
Energy Management (x32 Version: 6.0.2.1 - Lenovo) Hidden
Euro Truck Simulator 2 verze 1.13.4.1s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.13.4.1s - SCS Software)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5183 - Gretech Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of Might and Magic® II (HKLM-x32\...\InstallShield_{0BAA95A7-4303-11D6-851F-00C0CA129740}) (Version: 2.01.0000 - CD Projekt)
Heroes of Might and Magic® II (x32 Version: 2.01.0000 - CD Projekt) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 8.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.4.0 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0083 - Realtek Semiconductor Corp.)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Loopmaster Samples version 1.0 (HKLM-x32\...\{EF29801F-C87A-481B-B4D1-6D1FBDEA954B}_is1) (Version: 1.0 - Serato LP INC)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Tagger v1.3.5 (HKLM-x32\...\Media Tagger_is1) (Version: 1.3.5 - Ladislav Dufek)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minutor (HKLM-x32\...\{C23318A7-DFCC-4838-9434-6150A53A5ABF}) (Version: 2.0.1 - Sean Kasun)
MixMeister Fusion Demo 7.4.4 (HKLM-x32\...\mmfsetup_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{91C0B95B-B83A-4828-A775-BBE2DD421029}) (Version: 7.02.9752 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.7 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.7 - Lenovo) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera beta 31.0.1889.16 (HKLM-x32\...\Opera 31.0.1889.16) (Version: 31.0.1889.16 - Opera Software)
Ovládací panel NVIDIA 352.86 (Version: 352.86 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
QIP 2012 4.0.7058 (HKU\S-1-5-21-3154265674-1837838216-887747114-1001\...\QIP 2012) (Version: 4.0.7058 - )
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Rane SL 3 (ver. 1.3.0f11) (HKLM\...\RaneAsioSL3_is1) (Version: - Rane Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
RtLED (HKLM\...\{ACB6F4ED-835B-44EC-9EFD-AC8C83D28597}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
Scratch Live 2.5.0 (11) (HKLM-x32\...\{EA21EB55-073F-4CF5-A964-0412E755955A}) (Version: 2.5.0 - Serato Inc LP)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.18.0 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1206 - Lenovo)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3154265674-1837838216-887747114-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Worms World Party (HKLM-x32\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version: - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

23-06-2015 18:14:20 ComboFix created restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-22 18:55 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD779C0-2B92-45C0-BDB2-137BBE281A6E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-12] (Microsoft Corporation)
Task: {17B7D1C8-34EB-4695-BBAF-25750849CF2A} - System32\Tasks\Opera scheduled Autoupdate 1392475031 => C:\Program Files (x86)\Opera Next\launcher.exe [2015-06-15] (Opera Software)
Task: {1A762EDA-1394-46F8-86FE-FCF018CCA509} - \AutoKMS No Task File <==== ATTENTION
Task: {47255201-4873-4E36-977C-CF70E1402DE4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {84BD8C7B-CCFA-4062-959C-9734A3AD36A7} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {94215505-4D0F-475E-8091-17FF19BE7B44} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {FF1D0A0C-4776-472E-9C9A-95CA3AAF3DC9} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {FF239567-6E85-48B4-8085-D485BA12E4CF} - System32\Tasks\AdobeAAMUpdater-1.0-Eva-PC-Honza => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)

==================== Loaded Modules (Whitelisted) ==============

2010-11-02 14:58 - 2010-11-02 14:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-12-23 23:05 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-09 04:01 - 2011-11-09 04:01 - 01502720 _____ () C:\windows\system32\IcnOvrly.dll
2011-11-09 04:01 - 2011-11-09 04:01 - 00622592 _____ () C:\windows\system32\SimpleExt.dll
2011-12-30 01:21 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-11-02 14:58 - 2010-11-02 14:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2008-12-20 05:20 - 2011-11-09 04:18 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2011-11-09 04:18 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-04-14 05:01 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-23 23:01 - 2015-05-12 08:27 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3154265674-1837838216-887747114-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Infium => "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Lenovo EE Boot Optimizer => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{65206013-9AAB-4060-A71F-DC4FB8243E3D}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{04BFB974-9CB6-49D8-8AFC-000E62645DBD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{80E73DC9-0376-4720-BAB6-924166114A44}] => (Allow) LPort=2869
FirewallRules: [{EC409EC4-9579-4D3D-A29B-35D599B6DC55}] => (Allow) LPort=1900
FirewallRules: [{BC75FC19-764F-40B6-A7AB-F4268781A63C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AF0E6826-1942-4207-AC1F-307AE80FCC36}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6090F41C-92D3-49F1-8E2E-79CD9B3E31F6}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{40588B05-2A5D-4E78-BFF4-C2C3693FE70A}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{2589E41B-AD70-4022-81F4-33C6CD8517F1}] => (Allow) LPort=26675
FirewallRules: [{FFC6A2EF-7622-4E9A-9A6C-47399E6CBD8B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{D62643ED-6D2B-4CED-84FA-1E99A62125B2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{9D7D3228-7BD9-45AA-BD6E-CD3ED380C719}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D1D6B139-4E84-4BB6-9AEB-A469F9957A0B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{03D1136F-F34C-4FC4-8D56-ADDE0BD38A2F}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [UDP Query User{E34D47F1-1BCE-4E84-A593-BF7DBDF03FCD}C:\program files (x86)\qip 2012\qip.exe] => (Allow) C:\program files (x86)\qip 2012\qip.exe
FirewallRules: [{B0BF63F6-C634-49DD-B13C-0BCF770B2820}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E16C0209-C629-464E-93EF-2EE35293454C}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{E43BEEBE-D3E0-4602-88C3-F1AA5BF42048}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{CEB4E33B-ADA2-496B-8A28-3EB404E1710F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C6F16DFE-9F86-428E-8FE0-9A5B46B7F799}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{00F310AE-F20E-43EB-A34C-3E2662D1FD54}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{5B4F4EDF-3EDE-43BA-B4E9-13BAB1DF9FCE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{71F8EB41-CC82-4205-89C9-6AEB7D76163C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{21713094-EA98-41B2-93BF-32019C5D37EC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3AD043AE-88E1-42E5-9A51-F50B6C7F830F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{0F5AC26A-38A4-4715-8063-190189595F06}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{756D8675-CBFF-4889-8F42-39BEEA5A9635}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{D6AEF718-73E8-4DF3-B7CD-3D443EB8BDE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D66C9C50-0563-43C8-9719-33584D822F15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{2ECBF723-4261-4D50-BB1E-3F2995962BD3}] => (Allow) C:\windows\system32\hasplms.exe
FirewallRules: [{A55B5813-4E59-47B7-858C-5CC1D25728DD}] => (Allow) C:\windows\system32\hasplms.exe
FirewallRules: [{1A6725FA-4ED8-4061-AA1A-7CD03320E604}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B871744-EF92-45F4-99BF-FA5EB74E97CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B32F5BBE-A7D5-4C3D-A655-51131828EDEE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2F37F29-6075-402D-9C4C-5A04FF835E7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{661DDE21-2DD8-4FA0-B036-CA031C50E093}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7139CAAB-638C-4970-9CF5-85A3BDFFBAFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1D6D2FA8-8F90-4599-B8D3-49131174B099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{567E9243-F724-4F6A-AFB0-54251AC296C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5D96B130-8491-45CE-91EB-84C67D52EB35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1549BEDD-63C6-4EA1-87A7-CDBC759C7865}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{768E46D9-8367-4FA5-B148-D4FB33EE31CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DFA1CA4E-97AD-4AE6-BCDA-45F9707E591A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2015 06:23:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 06:51:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 04:15:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2015 07:19:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 00:24:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:31:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:26:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 08:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 08:16:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:43:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (06/23/2015 06:11:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/22/2015 06:49:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/22/2015 06:49:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/22/2015 06:49:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (06/22/2015 06:49:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (06/22/2015 06:47:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/22/2015 06:42:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (06/22/2015 06:42:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (06/22/2015 06:25:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureCommand s touto chybou:
%%5

Error: (06/22/2015 06:25:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
%%5

Microsoft Office:
=========================
Error: (06/23/2015 06:23:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 06:51:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2015 04:15:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2015 07:19:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2015 00:24:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:31:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:26:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 08:58:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 08:16:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2015 09:43:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2015-06-22 18:49:16.364
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:49:16.333
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:49:16.286
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:49:16.255
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:42:57.970
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:42:57.939
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:42:57.892
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-22 18:42:57.861
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-18 17:05:03.189
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-18 17:05:03.158
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8106.14 MB
Available physical RAM: 6169.63 MB
Total Pagefile: 16210.49 MB
Available Pagefile: 14179.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:8.83 GB) NTFS
Drive x: (Data) (Fixed) (Total:554.11 GB) (Free:359.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 698.6 GB) (Disk ID: 7F4FA216)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=586 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.7 GB) - (Type=02)

==================== End of log ============================

Prosím kontrolu logu - dlouho bootuje a seká se WIN7 Vyřešeno

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Re: Prosím kontrolu logu - dlouho bootuje a seká se WIN7

Kdo je online