poprosim kontrolu logu

thunderbird · Příspěvekod **thunderbird** » 14 lis 2016 14:52

RogueKiller V12.8.0.0 (x64) [Nov 7 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Lososound [Administrator]
Started from : C:\Users\Lososound\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 11/14/2016 14:35:42 (Duration : 00:14:24)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 16 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell.com -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell.com -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell.com -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell.com -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Replaced (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 217.23.254.124 217.23.254.125 ([Slovak Republic][Slovak Republic]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 217.23.254.124 217.23.254.125 ([Slovak Republic][Slovak Republic]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B7A36124-21FA-47E0-9335-CE4BCB0B0FCE} | DhcpNameServer : 217.23.254.124 217.23.254.125 ([Slovak Republic][Slovak Republic]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B7A36124-21FA-47E0-9335-CE4BCB0B0FCE} | DhcpNameServer : 217.23.254.124 217.23.254.125 ([Slovak Republic][Slovak Republic]) -> Replaced ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2847674369-4062024540-2413531951-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 750 EVO 250G +++++
--- User ---
[MBR] b2c4abf21ab0ba855b8c764a5e9fa577
[BSP] 73bb68868ca069b7e9cfdd9e67417ce9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] Zariadenie nie je pripravené. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?iadavka nie je podporovaná. )

Reklama

thunderbird · Příspěvekod **thunderbird** » 14 lis 2016 16:24

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Lososound on po 14. 11. 2016 at 16:12:07,29.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Lososound\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-11-14-140851.log 3193 bytes
C:\zoek-results2016-11-14-150113.log 2638 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\LOSOSO~1\AppData\Roaming\Mozilla\Firefox\Profiles\dnzye238.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\LOSOSO~1\AppData\Roaming\Mozilla\Firefox\Profiles\dnzye238.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\LOSOSO~1\AppData\Roaming\Mozilla\Firefox\Profiles\dnzye238.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [01. 11. 2016 22:09]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [01. 11. 2016 22:09]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Avast SafePrice - Lososound\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Lososound\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - Lososound\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lososound\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Lososound\AppData\Local\Mozilla\Firefox\Profiles\dnzye238.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Lososound\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=194 folders=49 2130704021 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lososound\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LOSOSO~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 14. 11. 2016 at 16:22:56,12 ======================

Příspěvekod **Orcus** » 14 lis 2016 17:59

jaro3 píše:Vlož nový log z HJT + informuj o problémech

thunderbird · Příspěvekod **thunderbird** » 14 lis 2016 18:56

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:54:15, on 14. 11. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 49.0.2 (x86 sk)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\Orion Studio Launcher\launcher.exe
C:\Users\Public\.AntelopeAudio\orionstudio\panels\1.3.29\orionstudio.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lososound\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [UATrayIcon] C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
O4 - HKLM\..\Run: [UAPerfMon] C:\Program Files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe -b
O4 - HKLM\..\Run: [Memeo Backup Premium] C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe --silent --no_ui
O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2847674369-4062024540-2413531951-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2847674369-4062024540-2413531951-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Antelope Manager Service (Antelope-Manager-Service) - Unknown owner - C:\Users\Public\.AntelopeAudio\managerserver\servers\1.2.8\antelope_service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11991 bytes

thunderbird · Příspěvekod **thunderbird** » 14 lis 2016 20:58

Pár hodín išiel bez problémov, keď som ho teraz zapol, nenaštartoval sa, po reštarte nabehol, ale po chvíli zamrzol.

Příspěvekod **jaro3** » 14 lis 2016 21:26

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2847674369-4062024540-2413531951-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

thunderbird · Příspěvekod **thunderbird** » 15 lis 2016 01:30

ComboFix 16-11-13.01 - Lososound . 11. 2016 1:07.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.16278.12867 [GMT 1:00]
Running from: c:\users\Lososound\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6855\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
c:\programdata\PCDr\6855\AddOnDownloaded\06054fba-5619-4a86-a861-ffb0464bef5d.dll
c:\programdata\PCDr\6855\AddOnDownloaded\0bc194f9-b102-4833-85bd-603e216a9274.dll
c:\programdata\PCDr\6855\AddOnDownloaded\1770287d-f115-443b-9fb7-268be5a136fc.dll
c:\programdata\PCDr\6855\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3087e0df-b321-44c3-b144-fb94c30c8383.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6855\AddOnDownloaded\35b44250-4f9f-4c83-a518-a7c76d04314b.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6855\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6855\AddOnDownloaded\48b34bb5-ff90-4d9e-b894-efe9b9fb83df.dll
c:\programdata\PCDr\6855\AddOnDownloaded\49f89ca5-aa70-4aab-9314-4a62fc1f0e87.dll
c:\programdata\PCDr\6855\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6855\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6855\AddOnDownloaded\5bbfdaf0-4ed3-451e-8ae5-d6568a621a17.dll
c:\programdata\PCDr\6855\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6bdfa889-cc66-47b8-8124-f44af6185c4a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6855\AddOnDownloaded\72db11e1-d2b2-4f9f-828a-5a68b9e7709f.dll
c:\programdata\PCDr\6855\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
c:\programdata\PCDr\6855\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\84044d39-7df5-40d8-9c83-1be344e0305e.dll
c:\programdata\PCDr\6855\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6855\AddOnDownloaded\8c64e2ef-3080-4951-8358-e991c1695e4a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9ad177b0-ddcd-4cf6-ac35-969dc98b22db.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9cc8e4b9-2989-4941-94e1-8c5358218ffb.dll
c:\programdata\PCDr\6855\AddOnDownloaded\a360a789-e8b0-4637-9792-e0ff95e234e4.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
c:\programdata\PCDr\6855\AddOnDownloaded\bcd55a0b-5c73-4efb-87eb-fa42f0002bb9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\c238c886-2790-4da6-895b-00c9110314ec.dll
c:\programdata\PCDr\6855\AddOnDownloaded\dd1bac2a-784b-4124-895b-8444b4b4697b.dll
c:\programdata\PCDr\6855\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6855\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
c:\programdata\PCDr\6855\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
c:\programdata\Roaming
c:\windows\SysWow64\msvcsv60.dll
E:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2016-10-15 to 2016-11-15 )))))))))))))))))))))))))))))))
.
.
2016-11-15 00:18 . 2016-11-15 00:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-14 23:52 . 2016-11-14 23:52 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2016-11-14 23:52 . 2016-11-14 23:52 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2016-11-14 23:52 . 2016-11-14 23:52 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2016-11-14 16:00 . 2016-11-14 16:00 -------- d-----w- c:\programdata\Audio Damage
2016-11-14 15:22 . 2016-11-14 15:12 24064 ----a-w- c:\windows\zoek-delete.exe
2016-11-14 14:47 . 2016-11-14 14:47 -------- d-----w- c:\programdata\Validity
2016-11-14 13:54 . 2016-11-14 15:21 -------- d-----w- C:\zoek_backup
2016-11-14 09:49 . 2016-11-14 09:49 -------- d-----w- c:\programdata\Sophos
2016-11-14 09:48 . 2016-11-14 09:48 -------- d-----w- c:\program files (x86)\Sophos
2016-11-14 07:16 . 2016-11-14 13:35 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-11-14 07:15 . 2016-11-14 07:36 -------- d-----w- c:\programdata\RogueKiller
2016-11-13 22:12 . 2016-11-13 22:13 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-11-13 22:05 . 2016-11-14 09:40 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-13 22:04 . 2016-11-13 22:04 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-13 22:04 . 2016-11-13 22:04 -------- d-----w- c:\programdata\Malwarebytes
2016-11-13 22:04 . 2016-03-10 13:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-13 22:04 . 2016-03-10 13:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-13 22:04 . 2016-03-10 13:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-13 18:09 . 2016-11-14 07:02 -------- d-----w- C:\AdwCleaner
2016-11-11 11:21 . 2016-11-11 11:21 -------- d-----w- c:\program files (x86)\MeldaProduction
2016-11-11 11:17 . 2016-11-11 11:17 -------- d-----w- c:\program files (x86)\PSP_AUDIOWARE
2016-11-11 11:17 . 2005-09-04 16:46 4059136 ----a-w- c:\windows\SysWow64\PSP MasterComp.dll
2016-11-11 11:10 . 2016-11-11 11:10 -------- d-----w- c:\program files (x86)\Sonnox
2016-11-11 10:19 . 2016-11-11 10:19 -------- d-----w- c:\program files (x86)\Mercury
2016-11-11 09:54 . 2016-11-11 09:54 -------- d-----w- c:\program files (x86)\Digidesign
2016-11-11 09:54 . 2016-11-11 09:54 -------- d-----w- c:\program files (x86)\Arturia
2016-11-11 09:54 . 2004-03-17 18:54 163840 ----a-w- c:\windows\SysWow64\ArtFfct.dll
2016-11-10 18:17 . 2016-05-26 16:07 875472 ----a-w- c:\windows\SysWow64\msvcr110.dll
2016-11-10 18:17 . 2016-05-26 16:07 535008 ----a-w- c:\windows\SysWow64\msvcp110.dll
2016-11-10 17:30 . 2016-11-10 17:30 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-11-10 14:14 . 2009-12-03 21:40 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2016-11-10 14:12 . 2016-11-10 17:03 -------- d-----w- c:\program files (x86)\Waves
2016-11-10 13:41 . 2016-11-10 14:15 -------- d-----w- c:\program files (x86)\WinPcap
2016-11-04 13:30 . 2016-11-04 13:30 -------- d-----w- c:\programdata\boost_interprocess
2016-11-04 13:23 . 2016-11-04 13:23 -------- d-----w- c:\program files (x86)\Lexicon
2016-11-04 10:54 . 2016-11-04 10:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-11-04 10:54 . 2016-11-04 10:54 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-11-04 10:54 . 2016-11-04 10:55 -------- d-----w- c:\programdata\Oracle
2016-11-04 10:54 . 2016-11-04 10:54 -------- d-----w- c:\program files (x86)\Java
2016-11-04 10:49 . 2016-11-04 10:49 -------- d-----w- c:\program files (x86)\OpenOffice 4
2016-11-04 02:00 . 2016-11-04 02:00 -------- d-----w- c:\windows\SysWow64\Wat
2016-11-04 02:00 . 2016-11-04 02:00 -------- d-----w- c:\windows\system32\Wat
2016-11-03 21:29 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-11-03 21:29 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-03 21:25 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-11-03 21:10 . 2016-11-03 21:10 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-03 20:42 . 2016-11-03 20:42 -------- d-----w- c:\windows\Migration
2016-11-03 20:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2016-11-03 20:06 . 2016-11-03 20:11 -------- d-----w- c:\windows\system32\MRT
2016-11-03 19:24 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2016-11-03 19:24 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2016-11-03 19:24 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2016-11-03 19:24 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2016-11-03 19:24 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2016-11-03 19:24 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2016-11-03 19:24 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2016-11-03 19:13 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2016-11-03 19:13 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2016-11-03 19:13 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2016-11-03 19:05 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2016-11-03 19:05 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2016-11-03 19:05 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2016-11-03 19:05 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2016-11-03 19:05 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2016-11-03 19:05 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2016-11-03 19:05 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2016-11-03 19:05 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2016-11-03 19:03 . 2014-03-04 09:44 39936 ----a-w- c:\windows\system32\wincredprovider.dll
2016-11-03 19:02 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2016-11-03 19:01 . 2016-08-12 16:26 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-11-03 18:59 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2016-11-03 18:59 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2016-11-03 18:51 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2016-11-03 18:51 . 2015-01-17 02:30 828928 ----a-w- c:\windows\SysWow64\msctf.dll
2016-11-03 18:51 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2016-11-03 18:51 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2016-11-03 18:49 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2016-11-03 18:44 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2016-11-03 18:44 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2016-11-03 18:44 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2016-11-03 18:30 . 2016-11-10 14:03 -------- d-----w- C:\34a811f090b5ee77d03aa68af2
2016-11-03 18:06 . 2016-11-03 18:06 -------- d-----w- C:\9eb80ef61f58d60a8ba3f4e079db60
2016-11-03 17:44 . 2016-11-03 17:44 -------- d-----w- C:\8540957912998cbe244206342e1e
2016-11-03 17:34 . 2016-11-03 18:04 -------- d-----w- c:\programdata\SupportAssistAgent
2016-11-03 17:28 . 2016-11-13 18:08 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-11-02 18:18 . 2016-11-02 18:20 -------- d-----w- c:\program files (x86)\Addictive Drums
2016-11-02 18:01 . 2016-11-02 18:01 -------- d-----w- c:\program files (x86)\XLN Audio
2016-11-02 17:45 . 2016-11-02 17:45 6475776 ----a-w- c:\windows\SysWow64\PSP VintageWarmer2.dll
2016-11-02 17:22 . 2016-11-02 17:22 -------- d-----w- c:\program files\HeadCrusherFree
2016-11-02 16:19 . 2016-11-11 11:15 -------- d-----w- c:\program files (x86)\PSPaudioware
2016-11-02 16:18 . 2016-11-02 16:18 4647936 ----a-w- c:\windows\SysWow64\PSP MixTreble2.dll
2016-11-02 16:18 . 2016-11-02 16:18 1108480 ----a-w- c:\windows\SysWow64\PSP MixSync2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4225536 ----a-w- c:\windows\SysWow64\PSP MixSaturator2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4440576 ----a-w- c:\windows\SysWow64\PSP MixBass2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4056576 ----a-w- c:\windows\SysWow64\PSP MixPressor2.dll
2016-11-02 16:18 . 2016-11-02 16:18 3472384 ----a-w- c:\windows\SysWow64\PSP MixGate2.dll
2016-11-02 14:49 . 2016-11-02 14:49 -------- d-----w- c:\program files (x86)\iZotope
2016-11-02 13:39 . 2016-11-02 13:40 -------- d-----w- c:\program files (x86)\Nomad Factory
2016-11-02 13:39 . 2003-03-18 18:04 765952 ----a-w- c:\windows\SysWow64\msvcp71d.dll
2016-11-02 13:39 . 2003-03-18 18:03 544768 ----a-w- c:\windows\SysWow64\msvcr71d.dll
2016-11-02 13:33 . 2016-11-02 13:33 -------- d-----w- c:\program files (x86)\FabFilter
2016-11-02 13:29 . 2016-11-02 14:33 -------- d-----w- c:\program files (x86)\Kjaerhus Audio
2016-11-02 13:29 . 2016-11-02 13:29 -------- d-----w- C:\Vstplugins
2016-11-02 13:29 . 2003-07-06 08:10 17408 ------w- c:\windows\SysWow64\minimp3.exe
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\program files (x86)\Common Files\SoundToys
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\programdata\VST3 Presets
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\program files (x86)\SoundToys
2016-11-02 13:20 . 2016-11-02 15:04 -------- d-----w- c:\programdata\ArtsAcoustic
2016-11-02 13:11 . 2016-11-02 13:11 -------- d-----w- C:\audio
2016-11-02 11:17 . 2016-11-08 13:41 -------- d-----w- c:\programdata\MemeoCommon
2016-11-02 11:14 . 2016-11-02 11:14 -------- d-----w- c:\windows\[SystemFolder]
2016-11-02 11:14 . 2016-11-02 11:14 -------- d-----w- c:\program files\Memeo
2016-11-02 11:13 . 2016-11-02 11:13 -------- d-----w- c:\program files (x86)\Common Files\Memeo
2016-11-02 11:13 . 2016-11-02 11:14 -------- d-----w- c:\program files (x86)\Memeo
2016-11-02 11:13 . 2016-11-02 11:13 -------- d-----w- c:\program files (x86)\Seagate
2016-11-02 10:08 . 2016-11-04 07:53 -------- d-s---w- c:\programdata\Waves Audio
2016-11-02 10:06 . 2014-11-11 17:58 1431552 ----a-w- c:\windows\SysWow64\ReWire.dll
2016-11-02 10:06 . 2014-11-11 17:57 2181120 ----a-w- c:\windows\system32\ReWire.dll
2016-11-02 10:06 . 2016-11-10 18:17 -------- d-----w- c:\program files (x86)\Waves Central
2016-11-02 09:53 . 2016-11-10 14:09 -------- d-s---w- c:\users\Public\Waves Audio
2016-11-02 08:51 . 2016-11-02 08:51 -------- d-----w- c:\program files\Antelope Audio
2016-11-02 07:59 . 2016-11-02 07:59 -------- d-----w- c:\program files\Sugar Bytes
2016-11-02 07:52 . 2016-11-02 07:54 -------- d-----w- c:\program files (x86)\Softube
2016-11-02 04:40 . 2016-11-01 19:43 -------- d-----w- c:\windows\Panther
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-03 21:17 . 2016-11-03 21:17 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-11-03 21:17 . 2016-11-03 21:17 243200 ----a-w- c:\windows\system32\webcheck.dll
2016-09-12 21:08 . 2016-11-03 19:04 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-11-03 19:04 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-11-03 19:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-09 9044392]
"UATrayIcon"="c:\program files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe" [2015-12-22 1484800]
"UAPerfMon"="c:\program files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe" [2015-12-22 3821568]
"Memeo Backup Premium"="c:\program files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2011-05-13 136416]
"Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-13 144608]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
c:\users\Lososound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Antelope-Manager-Service;Antelope Manager Service;c:\users\Public\.AntelopeAudio\managerserver\servers\1.2.8\antelope_service.exe;c:\users\Public\.AntelopeAudio\managerserver\servers\1.2.8\antelope_service.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 OrionStudio;OrionStudio;c:\windows\system32\DRIVERS\OrionStudio_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OrionStudio_x64.sys [x]
R3 OrionStudioks;OrionStudioks;c:\windows\system32\DRIVERS\OrionStudioks_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OrionStudioks_x64.sys [x]
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0;PCDSRVC{3B54B31B-D06B6431-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell\supportassist\pcdsrvc_x64.pkms;c:\program files\dell\supportassist\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UAD2Fw;Universal Audio UAD-2 Firewire DSP Accelerator;c:\windows\system32\DRIVERS\UAD2Fw.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2Fw.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys;c:\windows\SYSNATIVE\DRIVERS\synusb64.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 UAD2System;UAD-2 Global System Service;c:\windows\system32\DRIVERS\UAD2System.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2System.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ZAM
*NewlyCreated* - ZAM_GUARD
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-01 21:35 1363560 ----a-w- c:\program files (x86)\Google\Chrome\Application\54.0.2840.87\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-11-01 21:10]
.
2016-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-11-01 21:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-01 21:09 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-10-01 727664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-18 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-18 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-18 417304]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2016-11-09 13900016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 217.23.254.124 217.23.254.125
FF - ProfilePath - c:\users\Lososound\AppData\Roaming\Mozilla\Firefox\Profiles\dnzye238.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PCM Native Reverb VST Plug-in - c:\programdata\{BE48917A-8173-4C25-A322-B40C9D2FDD69}\PCM Native VST Installer.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{2E55EEFD-2162-4A7D-9158-EDB0305603A6} - c:\programdata\{A328A61B-C332-4C8C-A740-42F7F71DC398}\DDV.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{6e8f74e0-43bd-4dce-8477-6ff6828acc07} - c:\programdata\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe
AddRemove-{74d0e5db-b326-4dae-a6b2-445b9de1836e} - c:\programdata\Package Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe
AddRemove-{B4691C58-2A6A-4AFA-960E-AEB767639E44} - c:\programdata\{BE48917A-8173-4C25-A322-B40C9D2FDD69}\PCM Native VST Installer.exe
AddRemove-{ee469b5b-bff8-4d05-9922-308e24d0617c} - c:\programdata\Package Cache\{ee469b5b-bff8-4d05-9922-308e24d0617c}\Setup.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3B54B31B-D06B6431-06020200}_0]
"ImagePath"="\??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-11-15 01:29:15
ComboFix-quarantined-files.txt 2016-11-15 00:29
.
Pre-Run: 79 949 262 848 bytes free
Post-Run: 79 800 647 680 bytes free
.
- - End Of File - - A0033B314B5D97B2BD3FBEDABE2E26CA

Příspěvekod **jaro3** » 15 lis 2016 09:34

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

thunderbird · Příspěvekod **thunderbird** » 15 lis 2016 10:14

ComboFix 16-11-13.01 - Lososound . 11. 2016 9:55.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.16278.13761 [GMT 1:00]
Running from: c:\users\Lososound\Desktop\ComboFix.exe
Command switches used :: c:\users\Lososound\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.31.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\54.0.2840.99\54.0.2840.99_54.0.2840.87_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\54.0.2840.87\54.0.2840.87_chrome_installer.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{B04A91CF-9594-4FBA-8955-E3FA61FE1A4F}\54.0.2840.99_54.0.2840.87_chrome_updater.exe
c:\programdata\PCDr\6855\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
c:\programdata\PCDr\6855\AddOnDownloaded\06054fba-5619-4a86-a861-ffb0464bef5d.dll
c:\programdata\PCDr\6855\AddOnDownloaded\0bc194f9-b102-4833-85bd-603e216a9274.dll
c:\programdata\PCDr\6855\AddOnDownloaded\1770287d-f115-443b-9fb7-268be5a136fc.dll
c:\programdata\PCDr\6855\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3087e0df-b321-44c3-b144-fb94c30c8383.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6855\AddOnDownloaded\35b44250-4f9f-4c83-a518-a7c76d04314b.dll
c:\programdata\PCDr\6855\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6855\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6855\AddOnDownloaded\48b34bb5-ff90-4d9e-b894-efe9b9fb83df.dll
c:\programdata\PCDr\6855\AddOnDownloaded\49f89ca5-aa70-4aab-9314-4a62fc1f0e87.dll
c:\programdata\PCDr\6855\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6855\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6855\AddOnDownloaded\5bbfdaf0-4ed3-451e-8ae5-d6568a621a17.dll
c:\programdata\PCDr\6855\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6bdfa889-cc66-47b8-8124-f44af6185c4a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6855\AddOnDownloaded\72db11e1-d2b2-4f9f-828a-5a68b9e7709f.dll
c:\programdata\PCDr\6855\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
c:\programdata\PCDr\6855\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\84044d39-7df5-40d8-9c83-1be344e0305e.dll
c:\programdata\PCDr\6855\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6855\AddOnDownloaded\8c64e2ef-3080-4951-8358-e991c1695e4a.dll
c:\programdata\PCDr\6855\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9ad177b0-ddcd-4cf6-ac35-969dc98b22db.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6855\AddOnDownloaded\9cc8e4b9-2989-4941-94e1-8c5358218ffb.dll
c:\programdata\PCDr\6855\AddOnDownloaded\a360a789-e8b0-4637-9792-e0ff95e234e4.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
c:\programdata\PCDr\6855\AddOnDownloaded\bcd55a0b-5c73-4efb-87eb-fa42f0002bb9.dll
c:\programdata\PCDr\6855\AddOnDownloaded\c238c886-2790-4da6-895b-00c9110314ec.dll
c:\programdata\PCDr\6855\AddOnDownloaded\dd1bac2a-784b-4124-895b-8444b4b4697b.dll
c:\programdata\PCDr\6855\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6855\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
c:\programdata\PCDr\6855\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
c:\programdata\PCDr\6855\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2016-10-15 to 2016-11-15 )))))))))))))))))))))))))))))))
.
.
2016-11-15 09:03 . 2016-11-15 09:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-14 23:52 . 2016-11-14 23:52 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2016-11-14 23:52 . 2016-11-14 23:52 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2016-11-14 23:52 . 2016-11-14 23:52 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2016-11-14 16:00 . 2016-11-14 16:00 -------- d-----w- c:\programdata\Audio Damage
2016-11-14 15:22 . 2016-11-14 15:12 24064 ----a-w- c:\windows\zoek-delete.exe
2016-11-14 14:47 . 2016-11-14 14:47 -------- d-----w- c:\programdata\Validity
2016-11-14 13:54 . 2016-11-14 15:21 -------- d-----w- C:\zoek_backup
2016-11-14 09:49 . 2016-11-14 09:49 -------- d-----w- c:\programdata\Sophos
2016-11-14 09:48 . 2016-11-14 09:48 -------- d-----w- c:\program files (x86)\Sophos
2016-11-14 07:16 . 2016-11-14 13:35 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-11-14 07:15 . 2016-11-14 07:36 -------- d-----w- c:\programdata\RogueKiller
2016-11-13 22:12 . 2016-11-13 22:13 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-11-13 22:05 . 2016-11-14 09:40 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-13 22:04 . 2016-11-13 22:04 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-13 22:04 . 2016-11-13 22:04 -------- d-----w- c:\programdata\Malwarebytes
2016-11-13 22:04 . 2016-03-10 13:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-13 22:04 . 2016-03-10 13:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-13 22:04 . 2016-03-10 13:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-13 18:09 . 2016-11-14 07:02 -------- d-----w- C:\AdwCleaner
2016-11-11 11:21 . 2016-11-11 11:21 -------- d-----w- c:\program files (x86)\MeldaProduction
2016-11-11 11:17 . 2016-11-11 11:17 -------- d-----w- c:\program files (x86)\PSP_AUDIOWARE
2016-11-11 11:17 . 2005-09-04 16:46 4059136 ----a-w- c:\windows\SysWow64\PSP MasterComp.dll
2016-11-11 11:10 . 2016-11-11 11:10 -------- d-----w- c:\program files (x86)\Sonnox
2016-11-11 10:19 . 2016-11-11 10:19 -------- d-----w- c:\program files (x86)\Mercury
2016-11-11 09:54 . 2016-11-11 09:54 -------- d-----w- c:\program files (x86)\Digidesign
2016-11-11 09:54 . 2016-11-11 09:54 -------- d-----w- c:\program files (x86)\Arturia
2016-11-11 09:54 . 2004-03-17 18:54 163840 ----a-w- c:\windows\SysWow64\ArtFfct.dll
2016-11-10 18:17 . 2016-05-26 16:07 875472 ----a-w- c:\windows\SysWow64\msvcr110.dll
2016-11-10 18:17 . 2016-05-26 16:07 535008 ----a-w- c:\windows\SysWow64\msvcp110.dll
2016-11-10 17:30 . 2016-11-10 17:30 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-11-10 14:14 . 2009-12-03 21:40 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2016-11-10 14:12 . 2016-11-10 17:03 -------- d-----w- c:\program files (x86)\Waves
2016-11-10 13:41 . 2016-11-10 14:15 -------- d-----w- c:\program files (x86)\WinPcap
2016-11-04 13:30 . 2016-11-04 13:30 -------- d-----w- c:\programdata\boost_interprocess
2016-11-04 13:23 . 2016-11-04 13:23 -------- d-----w- c:\program files (x86)\Lexicon
2016-11-04 10:54 . 2016-11-04 10:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-11-04 10:54 . 2016-11-04 10:54 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-11-04 10:54 . 2016-11-04 10:55 -------- d-----w- c:\programdata\Oracle
2016-11-04 10:54 . 2016-11-04 10:54 -------- d-----w- c:\program files (x86)\Java
2016-11-04 10:49 . 2016-11-04 10:49 -------- d-----w- c:\program files (x86)\OpenOffice 4
2016-11-04 02:00 . 2016-11-04 02:00 -------- d-----w- c:\windows\SysWow64\Wat
2016-11-04 02:00 . 2016-11-04 02:00 -------- d-----w- c:\windows\system32\Wat
2016-11-03 21:29 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-11-03 21:29 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-03 21:25 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-11-03 21:10 . 2016-11-03 21:10 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-03 20:42 . 2016-11-03 20:42 -------- d-----w- c:\windows\Migration
2016-11-03 20:21 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2016-11-03 20:06 . 2016-11-03 20:11 -------- d-----w- c:\windows\system32\MRT
2016-11-03 19:24 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2016-11-03 19:24 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2016-11-03 19:24 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2016-11-03 19:24 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2016-11-03 19:24 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2016-11-03 19:24 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2016-11-03 19:24 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2016-11-03 19:13 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2016-11-03 19:13 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2016-11-03 19:13 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2016-11-03 19:05 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2016-11-03 19:05 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2016-11-03 19:05 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2016-11-03 19:05 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2016-11-03 19:05 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2016-11-03 19:05 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2016-11-03 19:05 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2016-11-03 19:05 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2016-11-03 19:03 . 2014-03-04 09:44 39936 ----a-w- c:\windows\system32\wincredprovider.dll
2016-11-03 19:02 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2016-11-03 19:01 . 2016-08-12 16:26 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-11-03 18:59 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2016-11-03 18:59 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2016-11-03 18:51 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2016-11-03 18:51 . 2015-01-17 02:30 828928 ----a-w- c:\windows\SysWow64\msctf.dll
2016-11-03 18:51 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2016-11-03 18:51 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2016-11-03 18:49 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2016-11-03 18:44 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2016-11-03 18:44 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2016-11-03 18:44 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2016-11-03 18:30 . 2016-11-10 14:03 -------- d-----w- C:\34a811f090b5ee77d03aa68af2
2016-11-03 18:06 . 2016-11-03 18:06 -------- d-----w- C:\9eb80ef61f58d60a8ba3f4e079db60
2016-11-03 17:44 . 2016-11-03 17:44 -------- d-----w- C:\8540957912998cbe244206342e1e
2016-11-03 17:34 . 2016-11-03 18:04 -------- d-----w- c:\programdata\SupportAssistAgent
2016-11-03 17:28 . 2016-11-13 18:08 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-11-02 18:18 . 2016-11-02 18:20 -------- d-----w- c:\program files (x86)\Addictive Drums
2016-11-02 18:01 . 2016-11-02 18:01 -------- d-----w- c:\program files (x86)\XLN Audio
2016-11-02 17:45 . 2016-11-02 17:45 6475776 ----a-w- c:\windows\SysWow64\PSP VintageWarmer2.dll
2016-11-02 17:22 . 2016-11-02 17:22 -------- d-----w- c:\program files\HeadCrusherFree
2016-11-02 16:19 . 2016-11-11 11:15 -------- d-----w- c:\program files (x86)\PSPaudioware
2016-11-02 16:18 . 2016-11-02 16:18 4647936 ----a-w- c:\windows\SysWow64\PSP MixTreble2.dll
2016-11-02 16:18 . 2016-11-02 16:18 1108480 ----a-w- c:\windows\SysWow64\PSP MixSync2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4225536 ----a-w- c:\windows\SysWow64\PSP MixSaturator2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4440576 ----a-w- c:\windows\SysWow64\PSP MixBass2.dll
2016-11-02 16:18 . 2016-11-02 16:18 4056576 ----a-w- c:\windows\SysWow64\PSP MixPressor2.dll
2016-11-02 16:18 . 2016-11-02 16:18 3472384 ----a-w- c:\windows\SysWow64\PSP MixGate2.dll
2016-11-02 14:49 . 2016-11-02 14:49 -------- d-----w- c:\program files (x86)\iZotope
2016-11-02 13:39 . 2016-11-02 13:40 -------- d-----w- c:\program files (x86)\Nomad Factory
2016-11-02 13:39 . 2003-03-18 18:04 765952 ----a-w- c:\windows\SysWow64\msvcp71d.dll
2016-11-02 13:39 . 2003-03-18 18:03 544768 ----a-w- c:\windows\SysWow64\msvcr71d.dll
2016-11-02 13:33 . 2016-11-02 13:33 -------- d-----w- c:\program files (x86)\FabFilter
2016-11-02 13:29 . 2016-11-02 14:33 -------- d-----w- c:\program files (x86)\Kjaerhus Audio
2016-11-02 13:29 . 2016-11-02 13:29 -------- d-----w- C:\Vstplugins
2016-11-02 13:29 . 2003-07-06 08:10 17408 ------w- c:\windows\SysWow64\minimp3.exe
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\program files (x86)\Common Files\SoundToys
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\programdata\VST3 Presets
2016-11-02 13:24 . 2016-11-02 13:24 -------- d-----w- c:\program files (x86)\SoundToys
2016-11-02 13:20 . 2016-11-02 15:04 -------- d-----w- c:\programdata\ArtsAcoustic
2016-11-02 13:11 . 2016-11-02 13:11 -------- d-----w- C:\audio
2016-11-02 11:17 . 2016-11-08 13:41 -------- d-----w- c:\programdata\MemeoCommon
2016-11-02 11:14 . 2016-11-02 11:14 -------- d-----w- c:\windows\[SystemFolder]
2016-11-02 11:14 . 2016-11-02 11:14 -------- d-----w- c:\program files\Memeo
2016-11-02 11:13 . 2016-11-02 11:13 -------- d-----w- c:\program files (x86)\Common Files\Memeo
2016-11-02 11:13 . 2016-11-02 11:14 -------- d-----w- c:\program files (x86)\Memeo
2016-11-02 11:13 . 2016-11-02 11:13 -------- d-----w- c:\program files (x86)\Seagate
2016-11-02 10:08 . 2016-11-04 07:53 -------- d-s---w- c:\programdata\Waves Audio
2016-11-02 10:06 . 2014-11-11 17:58 1431552 ----a-w- c:\windows\SysWow64\ReWire.dll
2016-11-02 10:06 . 2014-11-11 17:57 2181120 ----a-w- c:\windows\system32\ReWire.dll
2016-11-02 10:06 . 2016-11-10 18:17 -------- d-----w- c:\program files (x86)\Waves Central
2016-11-02 09:53 . 2016-11-10 14:09 -------- d-s---w- c:\users\Public\Waves Audio
2016-11-02 08:51 . 2016-11-02 08:51 -------- d-----w- c:\program files\Antelope Audio
2016-11-02 07:59 . 2016-11-02 07:59 -------- d-----w- c:\program files\Sugar Bytes
2016-11-02 07:52 . 2016-11-02 07:54 -------- d-----w- c:\program files (x86)\Softube
2016-11-02 04:40 . 2016-11-01 19:43 -------- d-----w- c:\windows\Panther
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-03 21:17 . 2016-11-03 21:17 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-11-03 21:17 . 2016-11-03 21:17 243200 ----a-w- c:\windows\system32\webcheck.dll
2016-09-12 21:08 . 2016-11-03 19:04 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-11-03 19:04 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-11-03 19:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-09 9044392]
"UATrayIcon"="c:\program files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe" [2015-12-22 1484800]
"UAPerfMon"="c:\program files (x86)\Universal Audio\Powered Plugins\UADPerfMon.exe" [2015-12-22 3821568]
"Memeo Backup Premium"="c:\program files (x86)\Memeo\AutoBackupPro\MemeoLauncher2.exe" [2011-05-13 136416]
"Memeo AutoSync"="c:\program files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" [2011-05-13 144608]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
c:\users\Lososound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Antelope-Manager-Service;Antelope Manager Service;c:\users\Public\.AntelopeAudio\managerserver\servers\1.2.8\antelope_service.exe;c:\users\Public\.AntelopeAudio\managerserver\servers\1.2.8\antelope_service.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 OrionStudio;OrionStudio;c:\windows\system32\DRIVERS\OrionStudio_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OrionStudio_x64.sys [x]
R3 OrionStudioks;OrionStudioks;c:\windows\system32\DRIVERS\OrionStudioks_x64.sys;c:\windows\SYSNATIVE\DRIVERS\OrionStudioks_x64.sys [x]
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0;PCDSRVC{3B54B31B-D06B6431-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell\supportassist\pcdsrvc_x64.pkms;c:\program files\dell\supportassist\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 UAD2Fw;Universal Audio UAD-2 Firewire DSP Accelerator;c:\windows\system32\DRIVERS\UAD2Fw.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2Fw.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys;c:\windows\SYSNATIVE\DRIVERS\synusb64.sys [x]
S3 UAD2System;UAD-2 Global System Service;c:\windows\system32\DRIVERS\UAD2System.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2System.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-15 08:19 1364072 ----a-w- c:\program files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-01 21:09 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-10-01 727664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-18 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-18 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-18 417304]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2016-11-09 13900016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 217.23.254.124 217.23.254.125
FF - ProfilePath - c:\users\Lososound\AppData\Roaming\Mozilla\Firefox\Profiles\dnzye238.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PCM Native Reverb VST Plug-in - c:\programdata\{BE48917A-8173-4C25-A322-B40C9D2FDD69}\PCM Native VST Installer.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{6e8f74e0-43bd-4dce-8477-6ff6828acc07} - c:\programdata\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe
AddRemove-{74d0e5db-b326-4dae-a6b2-445b9de1836e} - c:\programdata\Package Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe
AddRemove-{B4691C58-2A6A-4AFA-960E-AEB767639E44} - c:\programdata\{BE48917A-8173-4C25-A322-B40C9D2FDD69}\PCM Native VST Installer.exe
AddRemove-{ee469b5b-bff8-4d05-9922-308e24d0617c} - c:\programdata\Package Cache\{ee469b5b-bff8-4d05-9922-308e24d0617c}\Setup.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3B54B31B-D06B6431-06020200}_0]
"ImagePath"="\??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2016-11-15 10:13:28 - machine was rebooted
ComboFix-quarantined-files.txt 2016-11-15 09:13
ComboFix2.txt 2016-11-15 00:29
.
Pre-Run: 79 377 575 936 bytes free
Post-Run: 79 272 177 664 bytes free
.
- - End Of File - - C430826BC195E3BEC54DDD60DBFFC4A4

thunderbird · Příspěvekod **thunderbird** » 15 lis 2016 12:05

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-11-15 12:00:49
-----------------------------
12:00:49.628 OS Version: Windows x64 6.1.7601 Service Pack 1
12:00:49.628 Number of processors: 8 586 0x2A07
12:00:49.628 ComputerName: LOSOSOUND-PC UserName: Lososound
12:00:49.831 Initialize success
12:00:49.831 VM: initialized successfully
12:00:49.831 VM: Intel CPU supported virtualized
12:00:58.676 VM: supported disk I/O iaStor.sys
12:01:06.850 AVAST engine defs: 16111401
12:01:27.645 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:01:27.661 Disk 0 Vendor: Samsung_ MAT0 Size: 238475MB BusType: 3
12:01:27.661 VM: Disk 0 MBR read successfully
12:01:27.661 Disk 0 MBR scan
12:01:27.676 Disk 0 Windows 7 default MBR code
12:01:27.676 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:01:27.676 Disk 0 default boot code
12:01:27.676 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
12:01:27.692 Disk 0 scanning C:\Windows\system32\drivers
12:01:29.813 Service scanning
12:01:34.431 Modules scanning
12:01:34.431 Disk 0 trace - called modules:
12:01:34.431 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
12:01:34.431 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800f746790]
12:01:34.447 3 CLASSPNP.SYS[fffff88001b2f43f] -> nt!IofCallDriver -> [0xfffffa800f65abf0]
12:01:34.447 5 stdcfltn.sys[fffff880017efc52] -> nt!IofCallDriver -> [0xfffffa800dc9edb0]
12:01:34.447 7 ACPI.sys[fffff88000f8f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800dca4050]
12:01:34.634 AVAST engine scan C:\Windows
12:01:34.993 AVAST engine scan C:\Windows\system32
12:02:13.119 AVAST engine scan C:\Windows\system32\drivers
12:02:15.834 AVAST engine scan C:\Users\Lososound
12:02:29.842 File: C:\Users\Lososound\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
12:02:43.258 File: C:\Users\Lososound\Downloads\zoek.exe **INFECTED** Win32:Malware-gen
12:02:47.767 AVAST engine scan C:\ProgramData
12:02:54.818 Disk 0 statistics 4247329/0/18 @ 68,92 MB/s
12:02:54.834 Scan finished successfully
12:03:27.640 Disk 0 MBR has been saved successfully to "C:\Users\Lososound\Downloads\MBR.dat"
12:03:27.656 The log file has been saved successfully to "C:\Users\Lososound\Downloads\aswMBR.txt"

Příspěvekod **jaro3** » 15 lis 2016 18:52

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Vlož nový log z HJT + informuj o problémech.

thunderbird · Příspěvekod **thunderbird** » 15 lis 2016 21:36

# DelFix v1.013 - Logfile created 15/11/2016 at 21:35:45
# Updated 17/04/2016 by Xplode
# Username : Lososound - LOSOSOUND-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2016-11-14-140851.log
Deleted : C:\zoek-results2016-11-14-150113.log
Deleted : C:\Users\Lososound\Desktop\JRT.exe
Deleted : C:\Users\Lososound\Desktop\JRT.txt
Deleted : C:\Users\Lososound\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Lososound\Desktop\zoek.exe
Deleted : C:\Users\Lososound\Desktop\zoek.txt
Deleted : C:\Users\Lososound\Downloads\AdwCleaner.exe
Deleted : C:\Users\Lososound\Downloads\HijackThis.exe
Deleted : C:\Users\Lososound\Downloads\hijackthis.log
Deleted : C:\Users\Lososound\Downloads\MBR.dat
Deleted : C:\Users\Lososound\Downloads\TFC.exe
Deleted : C:\Users\Lososound\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #83 [ComboFix created restore point | 11/15/2016 20:14:48]

New restore point created !

########## - EOF - ##########

poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Re: poprosim kontrolu logu

Kdo je online