Kontrola logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 18 črc 2015 16:48

ComboFix 15-07-18.01 - Tom 18.07.2015 16:39:56.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16333.10073 [GMT 2:00]
Running from: c:\users\Tom\Downloads\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2015-06-18 to 2015-07-18 )))))))))))))))))))))))))))))))
.
.
2015-07-18 14:42 . 2015-07-18 14:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-18 14:38 . 2015-07-18 14:38 -------- d-----w- c:\users\Tom\AppData\Roaming\ProductData
2015-07-18 14:31 . 2015-07-18 14:31 -------- d-----w- c:\programdata\ProductData
2015-07-18 14:28 . 2015-07-18 14:42 -------- d-----w- c:\users\Tom\AppData\Local\Temp
2015-07-18 14:28 . 2015-07-18 14:19 24064 ----a-w- c:\windows\zoek-delete.exe
2015-07-18 14:18 . 2015-07-18 14:27 -------- d-----w- C:\zoek_backup
2015-07-18 13:47 . 2015-07-18 14:07 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-07-18 13:47 . 2015-07-18 14:06 -------- d-----w- c:\programdata\RogueKiller
2015-07-18 13:17 . 2015-07-18 13:19 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-18 13:17 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 13:17 . 2015-07-18 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-07-18 13:17 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-18 13:17 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-18 13:07 . 2015-07-18 13:43 -------- d-----w- C:\AdwCleaner
2015-07-17 12:28 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{274C7D01-F029-43C2-9D88-C7F2975D4A65}\mpengine.dll
2015-07-17 10:53 . 2015-07-17 10:53 -------- d-----w- c:\users\Tom\AppData\Roaming\NVIDIA
2015-07-16 19:48 . 2012-12-28 11:03 89600 ----a-w- c:\windows\SysWow64\RAMDriv.dll
2015-07-16 19:48 . 2012-12-28 11:03 89600 ----a-w- c:\windows\system32\RAMDriv.dll
2015-07-16 19:48 . 2012-12-28 10:54 343032 ----a-w- c:\windows\SysWow64\RAMDiskImage.exe
2015-07-16 19:48 . 2012-12-27 18:06 81912 ----a-w- c:\windows\SysWow64\drivers\RAMDriv.sys
2015-07-16 19:48 . 2012-12-27 18:06 81912 ----a-w- c:\windows\system32\drivers\RAMDriv.sys
2015-07-16 18:36 . 2015-07-03 04:28 47976 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-07-16 18:36 . 2015-07-03 04:28 65896 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-07-16 18:34 . 2015-07-18 14:29 -------- d-----w- c:\programdata\NVIDIA
2015-07-16 18:34 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-16 18:34 . 2015-06-17 06:48 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-07-16 18:34 . 2015-06-17 06:48 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-07-16 18:34 . 2015-06-17 06:48 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-07-16 18:34 . 2015-06-17 06:48 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-07-16 18:34 . 2015-06-17 06:48 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-07-16 18:34 . 2015-06-17 06:48 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-07-16 18:34 . 2015-06-02 14:11 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-07-16 18:26 . 2015-07-16 18:40 -------- d-----w- c:\users\Tom\AppData\Local\NVIDIA Corporation
2015-07-16 18:26 . 2015-07-16 18:26 -------- d-----w- c:\windows\Downloaded Installations
2015-07-16 18:26 . 2015-07-16 18:26 -------- d-----w- c:\program files (x86)\ASUS
2015-07-16 18:25 . 2015-07-17 10:43 -------- d-----w- c:\users\Tom\AppData\Local\NVIDIA
2015-07-16 18:25 . 2015-07-14 19:06 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-07-16 18:25 . 2015-07-14 19:06 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-07-16 18:25 . 2015-07-14 19:05 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-07-16 18:25 . 2015-07-14 19:05 1710056 ----a-w- c:\windows\system32\nvspcap64.dll
2015-07-16 18:25 . 2015-07-16 18:37 -------- d-----w- c:\programdata\NVIDIA Corporation
2015-07-16 18:25 . 2015-07-16 18:34 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2015-07-16 18:25 . 2015-07-03 04:28 69992 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-07-16 18:25 . 2015-07-16 18:34 -------- d-----w- c:\program files\NVIDIA Corporation
2015-07-15 14:47 . 2015-07-15 14:47 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-15 14:31 . 2015-07-09 17:58 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-14 17:00 . 2015-07-14 17:00 -------- d-----w- c:\users\Tom\AppData\Roaming\PDAppFlex
2015-07-11 08:41 . 2015-07-11 08:41 -------- d-----w- c:\programdata\Cok Free Auto Clicker
2015-07-11 08:41 . 2015-07-11 08:41 -------- d-----w- c:\program files (x86)\Cok Free Auto Clicker
2015-07-05 09:04 . 2015-07-05 09:04 4496600 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2015-07-05 09:04 . 2015-07-05 09:04 3234520 ----a-w- c:\windows\system32\RtkApi64.dll
2015-07-05 09:04 . 2015-07-05 09:04 2930904 ----a-w- c:\windows\system32\RltkAPO64.dll
2015-07-05 09:04 . 2015-07-05 09:04 2702040 ----a-w- c:\windows\system32\RTSnMg64.cpl
2015-07-05 09:04 . 2015-07-05 09:04 166616 ----a-w- c:\windows\system32\RtkCfg64.dll
2015-07-05 09:04 . 2015-07-05 09:04 1748184 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-07-05 09:04 . 2015-07-05 09:04 3195416 ----a-w- c:\windows\system32\FMAPO64.dll
2015-07-05 09:02 . 2015-07-05 09:02 172832 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-07-04 18:56 . 2015-07-04 18:56 -------- d-----w- c:\users\Tom\AppData\Roaming\java
2015-07-02 14:15 . 2015-07-02 14:15 -------- d-----w- c:\users\Tom\AppData\Local\Blizzard
2015-07-01 16:51 . 2015-07-14 18:16 -------- d-----w- c:\users\Tom\AppData\Roaming\.minecraft
2015-06-30 09:34 . 2015-07-12 09:17 -------- d-----w- c:\programdata\Tunngle
2015-06-30 09:34 . 2015-06-30 09:34 -------- d-----w- c:\program files (x86)\Tunngle
2015-06-28 20:45 . 2015-02-28 03:26 127760 ----a-w- c:\windows\system32\drivers\scdemu.sys
2015-06-28 20:33 . 2015-07-18 13:43 -------- d-----w- c:\program files\PowerISO
2015-06-25 18:01 . 2015-06-25 18:01 3065536 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2015-06-25 05:13 . 2015-06-25 05:13 26846912 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-06-25 05:13 . 2015-06-25 05:13 112326848 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-06-25 05:09 . 2015-06-25 05:09 654520 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2015-06-25 05:09 . 2015-06-25 05:09 37422272 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-06-25 05:09 . 2015-06-25 05:09 112326848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-06-24 16:56 . 2015-06-24 16:56 1 ----a-w- c:\windows\SysWow64\SI.bin
2015-06-24 16:56 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-06-24 16:56 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2015-06-24 16:56 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-06-24 16:56 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-06-23 13:46 . 2015-06-23 13:55 -------- d-----w- c:\users\Tom\AppData\Local\Ubisoft Game Launcher
2015-06-23 13:46 . 2015-06-23 13:55 -------- d-----w- c:\users\Tom\AppData\Roaming\Might & Magic Heroes VI
2015-06-23 13:43 . 2015-06-23 13:43 -------- d-----w- c:\program files (x86)\Ubisoft
2015-06-20 14:54 . 2015-06-20 14:56 -------- d-----w- c:\users\Tom\AppData\Local\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\programdata\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\program files (x86)\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\program files\Sony
2015-06-20 14:54 . 2015-06-21 08:45 -------- d-----w- c:\users\Tom\AppData\Roaming\Sony
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 14:46 . 2015-05-11 18:09 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-15 14:16 . 2015-06-13 18:45 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 14:16 . 2015-06-13 18:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 09:06 . 2015-05-02 20:07 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-07-05 09:03 . 2015-05-02 20:07 670208 ----a-w- c:\windows\system32\igfxDH.dll
2015-07-05 09:03 . 2015-05-02 20:07 247400 ----a-w- c:\windows\system32\igfxHK.exe
2015-07-05 09:03 . 2015-05-02 20:06 4587608 ----a-w- c:\windows\system32\igdusc64.dll
2015-07-05 09:03 . 2015-05-02 20:06 3628160 ----a-w- c:\windows\SysWow64\igdusc32.dll
2015-07-05 09:03 . 2015-05-02 20:06 319080 ----a-w- c:\windows\system32\igfxCUIService.exe
2015-07-05 09:03 . 2015-05-02 20:06 252416 ----a-w- c:\windows\system32\igfxLHM.dll
2015-07-05 09:03 . 2015-05-02 20:06 10474552 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2015-07-05 09:03 . 2015-06-11 14:01 11793480 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2015-07-05 09:03 . 2015-05-02 20:06 12218376 ----a-w- c:\windows\system32\igd10iumd64.dll
2015-07-03 06:43 . 2015-05-02 20:57 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-01 20:49 . 2015-07-15 14:31 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-15 14:31 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-16 14:31 . 2015-06-16 14:31 1691816 ----a-w- c:\windows\system32\FM20.DLL
2015-06-13 18:47 . 2015-06-13 18:47 2918104 ----a-w- c:\windows\system32\RtPgEx64.dll
2015-06-13 18:47 . 2015-06-13 18:47 1316056 ----a-w- c:\windows\system32\RTCOM64.dll
2015-06-13 18:47 . 2015-06-13 18:47 1948928 ----a-w- c:\windows\system32\MBAPO264.dll
2015-06-13 18:47 . 2015-06-13 18:47 1716480 ----a-w- c:\windows\SysWow64\MBAPO232.dll
2015-06-13 18:46 . 2015-06-13 18:46 30960 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2015-06-13 18:46 . 2015-06-13 18:46 1399536 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2015-06-13 18:42 . 2015-06-13 18:42 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-06-12 08:21 . 2015-05-03 09:40 1216471 ----a-w- c:\windows\unins000.exe
2015-05-25 18:24 . 2015-06-11 05:58 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-11 05:58 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-11 05:58 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-11 05:58 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-11 05:58 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-11 05:58 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-11 05:58 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-11 05:58 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-11 05:58 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-11 05:58 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-11 05:58 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-11 05:58 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-11 05:58 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-11 05:58 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-11 05:58 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-11 05:58 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-11 05:58 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-11 05:58 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-11 05:58 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-11 05:58 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-11 05:58 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-11 05:58 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-11 05:58 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-11 05:58 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-11 05:58 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-11 05:58 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-11 05:58 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-11 05:58 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-11 05:58 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-11 05:58 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-11 05:58 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-11 05:58 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-11 05:58 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-11 05:58 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-11 05:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-11 05:58 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-11 05:58 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-11 05:58 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-11 05:58 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-11 05:58 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-11 05:58 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-11 05:58 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-11 05:58 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-11 05:58 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2015-05-25 17:55 . 2015-06-11 05:58 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"="c:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-04-08 2429728]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-07-07 813896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"="c:\program files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" [2014-02-24 1440768]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-03-23 296216]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2014-04-08 1047536]
"Command Center"="c:\program files (x86)\MSI\Command Center\StartCommandCenter.exe" [2015-03-27 797648]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"VirtualCloneDrive"="c:\program files (x86)\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2015-06-11 3454632]
"Gila"="c:\program files (x86)\Genius\Gila\mousehid.exe" [2013-10-10 2055680]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\Tom\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2015-4-28 7142280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2015-5-2 72008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\Command Center\MSIControlService.exe;c:\program files (x86)\MSI\Command Center\MSIControlService.exe [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\Command Center\MSICommService.exe;c:\program files (x86)\MSI\Command Center\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_ECOSERVICE;MSI_ECOSERVICE;c:\program files (x86)\MSI\ECO Center\ECO_Service.exe;c:\program files (x86)\MSI\ECO Center\ECO_Service.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 RAMDriv;MSI RAMDrive;c:\windows\system32\DRIVERS\ramdriv.sys;c:\windows\SYSNATIVE\DRIVERS\ramdriv.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 SuperRAIDSvc;SuperRAIDSvc;c:\msi\Smart Utilities\SuperRAIDSvc.exe;c:\msi\Smart Utilities\SuperRAIDSvc.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KbFilter_Kb_FlexDef3x;HID Keyboard(FlexDef3x) Driver Service;c:\windows\system32\DRIVERS\KbFilter_FlexDef3x.sys;c:\windows\SYSNATIVE\DRIVERS\KbFilter_FlexDef3x.sys [x]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_ECO;NTIOLib_ECO;c:\program files (x86)\MSI\ECO Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\ECO Center\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID;c:\msi\Smart Utilities\NTIOLib_X64.sys;c:\msi\Smart Utilities\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - GENERICDRV
*NewlyCreated* - NTIOLIB_1_0_3
*NewlyCreated* - NTIOLIB_FASTBOOT
*NewlyCreated* - NTIOLIB_MSI_RAID
*NewlyCreated* - NVSTREAMKMS
*Deregistered* - GENERICDRV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-15 14:17 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-13 14:16]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0883ea74bc10c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f06914604d7.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd7e7d65078.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0883ea767384e.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f06915e6f33.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
2015-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd7e7f26462.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02 20:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2014-02-21 41088]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-07-05 8484056]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-14 2631824]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-14 1710056]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{53d408db-eb91-43fb-9d8f-167681c19763} - c:\programdata\Package Cache\{53d408db-eb91-43fb-9d8f-167681c19763}\VS2013.4.exe
AddRemove-{56351c83-306c-4135-a570-2784d3025548} - c:\programdata\Package Cache\{56351c83-306c-4135-a570-2784d3025548}\xtu-setup-exe.exe
AddRemove-{7dbba119-718a-4f68-b33e-454dc8aa5faf} - c:\programdata\Package Cache\{7dbba119-718a-4f68-b33e-454dc8aa5faf}\VS12-KB2932965.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{98f335cd-0a32-4b3f-b74c-ef9480e834f0} - c:\programdata\Package Cache\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}\SetupChipset.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{fec93b6d-17f6-4952-96e1-2af5a525cf5d} - c:\programdata\Package Cache\{fec93b6d-17f6-4952-96e1-2af5a525cf5d}\vs_premium.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2297476255-290351391-472809066-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-07-18 16:43:37
ComboFix-quarantined-files.txt 2015-07-18 14:43
.
Pre-Run: Volných bajtu: 29 222 817 792
Post-Run: Volných bajtu: 28 345 339 904
.
- - End Of File - - 6139FCEC8442B23049577436735050FF
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Reklama
Top
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 18 črc 2015 17:01

Obrázek

Ještě se mi teď pár dní stává, že se mi takhle sekne načítání internetu(asi na 5 minut). Stává se to zhruba od doby, kdy jsem nainstaloval ovladač na grafickou kartu...
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod jerabina » 18 črc 2015 21:25

Odinstaluj Advanced System Care 8 !

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::

Folder::
c:\programdata\RogueKiller
c:\program files (x86)\IObit
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

DirLook::
c:\programdata\ProductData
c:\users\Tom\AppData\Roaming\ProductData

File::
c:\windows\SysWow64\SI.bin
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0883ea74bc10c.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f06914604d7.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd7e7d65078.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0883ea767384e.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f06915e6f33.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd7e7f26462.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"=-
"Steam"=-
"GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-
"Live Update"=-
"SunJavaUpdateSched"=-

Driver::
LiveUpdateSvc
SkypeUpdate
AdvancedSystemCareService8

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm

RegLock::
[HKEY_USERS\S-1-5-21-2297476255-290351391-472809066-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
Obrázek
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 18 črc 2015 21:51

Hele, jaktože mi zmizely všechny ikony, co byly v pravo dole, když se rozbalí ta šipka?
Byl tam eset a další věci, co používám...
Po restartu už tam jsou.
Proč byl takový důraz na smazání Advanced System Care 8?
Naposledy upravil(a) Toom3R dne 18 črc 2015 21:59, celkem upraveno 1 x.
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 18 črc 2015 21:55

ComboFix 15-07-18.01 - Tom 18.07.2015 21:41:06.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16333.9072 [GMT 2:00]
Running from: c:\users\Tom\Desktop\ComboFix.exe
Command switches used :: c:\users\Tom\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
FILE ::
"c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat"
"c:\windows\SysWow64\SI.bin"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0883ea74bc10c.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f06914604d7.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd7e7d65078.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0883ea767384e.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f06915e6f33.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd7e7f26462.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.28.1\goopdate.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.28.1\psmachine.dll
c:\program files (x86)\Google\Update\1.3.28.1\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.28.1\psuser.dll
c:\program files (x86)\Google\Update\1.3.28.1\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.23.9648.8824\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.132\chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{19C8B2EB-751D-4649-83B5-6AEA63544834}\chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{1C0812FE-7DBD-4BAF-AF62-DB35E0F21E7D}\chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{1E0A9DCB-2685-498A-B7DF-CD9104479CE8}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{3F72A61B-D3A1-4034-A834-9E35075EEAA1}\chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{58F89D4B-4C12-408C-AD33-BC0D2F668038}\gsync.msi
c:\program files (x86)\Google\Update\Install\{58F89D4B-4C12-408C-AD33-BC0D2F668038}\gsync.msi.log
c:\program files (x86)\Google\Update\Install\{71FBE1F3-73B4-4717-91C9-447A1C185B32}\gsync.msi
c:\program files (x86)\Google\Update\Install\{71FBE1F3-73B4-4717-91C9-447A1C185B32}\gsync.msi.log
c:\program files (x86)\Google\Update\Install\{860663E6-C755-425C-ABB4-EB811B8416FF}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{98B75833-7148-43D9-BABE-71FE61B616F9}\gsync.msi
c:\program files (x86)\Google\Update\Install\{98B75833-7148-43D9-BABE-71FE61B616F9}\gsync.msi.log
c:\program files (x86)\Google\Update\Install\{B45B557E-548B-4131-B8B4-AF18F0C77531}\gsync.msi
c:\program files (x86)\Google\Update\Install\{B45B557E-548B-4131-B8B4-AF18F0C77531}\gsync.msi.log
c:\program files (x86)\Google\Update\Install\{BF4DDAB4-79C2-4280-8B26-A0C4EC9C7DA4}\GoogleUpdateSetup.exe
c:\program files (x86)\IObit
c:\program files (x86)\IObit\IObit Uninstaller\UninstallDisplay_1.exe
c:\program files (x86)\IObit\LiveUpdate\Language\Arabic.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Czech.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Danish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dinka.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dutch.lng
c:\program files (x86)\IObit\LiveUpdate\Language\English.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Finnish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Flemish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\French.lng
c:\program files (x86)\IObit\LiveUpdate\Language\German.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Greek.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Hebrew.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Italian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Japanese.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Korean.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Latvian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Polish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Romanian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Russian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovak.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Spanish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Swedish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Turkish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Ukrainian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.log
c:\program files (x86)\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files (x86)\IObit\LiveUpdate\ProductStatistics.dll
c:\program files (x86)\IObit\LiveUpdate\ProductStatistics.log
c:\program files (x86)\IObit\LiveUpdate\ProductUpt.log
c:\program files (x86)\IObit\LiveUpdate\system.ini
c:\program files (x86)\IObit\LiveUpdate\update\Surfing Protection\Database\ASCSpecialUrl.db.dat
c:\program files (x86)\IObit\LiveUpdate\update\timer.db
c:\program files (x86)\IObit\LiveUpdate\update\update.spt
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\manifest.json
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\background.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\background.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Ex.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\asc.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\risk_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\safe_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\tip_details.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\window_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\window_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\Img\wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\popup.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\popup.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\SPNativeMessage.exe
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\tips.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.bak
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\warning.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome.manifest
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\icon.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\install.rdf
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\V8_manifest.json
c:\program files (x86)\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_0317
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_0531
c:\program files (x86)\IObit\Surfing Protection\Database\base_upt_add
c:\program files (x86)\IObit\Surfing Protection\Database\spupdate.utp
c:\program files (x86)\IObit\Surfing Protection\DownErrorConfig.txt
c:\program files (x86)\IObit\Surfing Protection\Extensions.plist
c:\program files (x86)\IObit\Surfing Protection\Language\Arabic.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Czech.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Dutch.lng
c:\program files (x86)\IObit\Surfing Protection\Language\English.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Finnish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Japanese.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Korean.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Polish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Romanian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Russian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Spanish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Swedish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Turkish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files (x86)\IObit\Surfing Protection\NativeMsg.json
c:\program files (x86)\IObit\Surfing Protection\PluginInstall.exe
c:\program files (x86)\IObit\Surfing Protection\SPUpdate.exe
c:\program files (x86)\IObit\Surfing Protection\sqlite3.dll
c:\program files (x86)\IObit\Surfing Protection\unins000.dat
c:\program files (x86)\IObit\Surfing Protection\unins000.exe
c:\program files (x86)\IObit\Surfing Protection\unins000.msg
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\RogueKiller
c:\programdata\RogueKiller\config.ini
c:\programdata\RogueKiller\Debug\physicaldrive0_LL2_vbr
c:\programdata\RogueKiller\Logs\RKreport_DEL_07182015_161402.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_07182015_155506.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_07182015_161246.json
c:\programdata\RogueKiller\vt.cache
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
c:\windows\SysWow64\SI.bin
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0883ea74bc10c.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d08f06914604d7.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd7e7d65078.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0883ea767384e.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d08f06915e6f33.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0bfd7e7f26462.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_LiveUpdateSvc
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2015-06-18 to 2015-07-18 )))))))))))))))))))))))))))))))
.
.
2015-07-18 19:44 . 2015-07-18 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-18 18:20 . 2015-07-18 18:20 -------- d-----w- c:\users\Tom\AppData\Roaming\HD Tune Pro
2015-07-18 18:20 . 2015-07-18 18:20 -------- d-----w- c:\program files (x86)\HD Tune Pro
2015-07-18 14:54 . 2015-07-18 14:54 -------- d-----w- c:\users\Tom\AppData\Local\CrashDumps
2015-07-18 14:38 . 2015-07-18 14:46 -------- d-----w- c:\users\Tom\AppData\Roaming\ProductData
2015-07-18 14:31 . 2015-07-18 19:34 -------- d-----w- c:\programdata\ProductData
2015-07-18 14:28 . 2015-07-18 19:46 -------- d-----w- c:\users\Tom\AppData\Local\Temp
2015-07-18 14:28 . 2015-07-18 14:19 24064 ----a-w- c:\windows\zoek-delete.exe
2015-07-18 14:18 . 2015-07-18 14:27 -------- d-----w- C:\zoek_backup
2015-07-18 13:47 . 2015-07-18 14:07 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-07-18 13:17 . 2015-07-18 13:19 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-18 13:17 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-18 13:17 . 2015-07-18 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-07-18 13:17 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-18 13:17 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-18 13:07 . 2015-07-18 13:43 -------- d-----w- C:\AdwCleaner
2015-07-17 12:28 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{274C7D01-F029-43C2-9D88-C7F2975D4A65}\mpengine.dll
2015-07-17 10:53 . 2015-07-17 10:53 -------- d-----w- c:\users\Tom\AppData\Roaming\NVIDIA
2015-07-16 19:48 . 2012-12-28 11:03 89600 ----a-w- c:\windows\SysWow64\RAMDriv.dll
2015-07-16 19:48 . 2012-12-28 11:03 89600 ----a-w- c:\windows\system32\RAMDriv.dll
2015-07-16 19:48 . 2012-12-28 10:54 343032 ----a-w- c:\windows\SysWow64\RAMDiskImage.exe
2015-07-16 19:48 . 2012-12-27 18:06 81912 ----a-w- c:\windows\SysWow64\drivers\RAMDriv.sys
2015-07-16 19:48 . 2012-12-27 18:06 81912 ----a-w- c:\windows\system32\drivers\RAMDriv.sys
2015-07-16 18:36 . 2015-07-03 04:28 47976 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-07-16 18:36 . 2015-07-03 04:28 65896 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-07-16 18:34 . 2015-07-18 19:44 -------- d-----w- c:\programdata\NVIDIA
2015-07-16 18:34 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-16 18:34 . 2015-06-17 06:48 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-07-16 18:34 . 2015-06-17 06:48 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-07-16 18:34 . 2015-06-17 06:48 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-07-16 18:34 . 2015-06-17 06:48 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-07-16 18:34 . 2015-06-17 06:48 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-07-16 18:34 . 2015-06-17 06:48 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-07-16 18:34 . 2015-06-02 14:11 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-07-16 18:26 . 2015-07-16 18:40 -------- d-----w- c:\users\Tom\AppData\Local\NVIDIA Corporation
2015-07-16 18:26 . 2015-07-16 18:26 -------- d-----w- c:\windows\Downloaded Installations
2015-07-16 18:26 . 2015-07-16 18:26 -------- d-----w- c:\program files (x86)\ASUS
2015-07-16 18:25 . 2015-07-17 10:43 -------- d-----w- c:\users\Tom\AppData\Local\NVIDIA
2015-07-16 18:25 . 2015-07-14 19:06 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-07-16 18:25 . 2015-07-14 19:06 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-07-16 18:25 . 2015-07-14 19:05 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-07-16 18:25 . 2015-07-14 19:05 1710056 ----a-w- c:\windows\system32\nvspcap64.dll
2015-07-16 18:25 . 2015-07-16 18:37 -------- d-----w- c:\programdata\NVIDIA Corporation
2015-07-16 18:25 . 2015-07-16 18:34 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2015-07-16 18:25 . 2015-07-03 04:28 69992 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-07-16 18:25 . 2015-07-16 18:34 -------- d-----w- c:\program files\NVIDIA Corporation
2015-07-15 14:47 . 2015-07-15 14:47 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-15 14:31 . 2015-07-09 17:58 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-14 17:00 . 2015-07-14 17:00 -------- d-----w- c:\users\Tom\AppData\Roaming\PDAppFlex
2015-07-11 08:41 . 2015-07-11 08:41 -------- d-----w- c:\programdata\Cok Free Auto Clicker
2015-07-11 08:41 . 2015-07-11 08:41 -------- d-----w- c:\program files (x86)\Cok Free Auto Clicker
2015-07-05 09:04 . 2015-07-05 09:04 4496600 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2015-07-05 09:04 . 2015-07-05 09:04 3234520 ----a-w- c:\windows\system32\RtkApi64.dll
2015-07-05 09:04 . 2015-07-05 09:04 2930904 ----a-w- c:\windows\system32\RltkAPO64.dll
2015-07-05 09:04 . 2015-07-05 09:04 2702040 ----a-w- c:\windows\system32\RTSnMg64.cpl
2015-07-05 09:04 . 2015-07-05 09:04 166616 ----a-w- c:\windows\system32\RtkCfg64.dll
2015-07-05 09:04 . 2015-07-05 09:04 1748184 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-07-05 09:04 . 2015-07-05 09:04 3195416 ----a-w- c:\windows\system32\FMAPO64.dll
2015-07-05 09:02 . 2015-07-05 09:02 172832 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-07-04 18:56 . 2015-07-04 18:56 -------- d-----w- c:\users\Tom\AppData\Roaming\java
2015-07-02 14:15 . 2015-07-02 14:15 -------- d-----w- c:\users\Tom\AppData\Local\Blizzard
2015-07-01 16:51 . 2015-07-14 18:16 -------- d-----w- c:\users\Tom\AppData\Roaming\.minecraft
2015-06-30 09:34 . 2015-07-12 09:17 -------- d-----w- c:\programdata\Tunngle
2015-06-30 09:34 . 2015-06-30 09:34 -------- d-----w- c:\program files (x86)\Tunngle
2015-06-28 20:45 . 2015-02-28 03:26 127760 ----a-w- c:\windows\system32\drivers\scdemu.sys
2015-06-28 20:33 . 2015-07-18 13:43 -------- d-----w- c:\program files\PowerISO
2015-06-25 18:01 . 2015-06-25 18:01 3065536 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2015-06-25 05:13 . 2015-06-25 05:13 26846912 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-06-25 05:13 . 2015-06-25 05:13 112326848 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-06-25 05:09 . 2015-06-25 05:09 654520 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2015-06-25 05:09 . 2015-06-25 05:09 37422272 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-06-25 05:09 . 2015-06-25 05:09 112326848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-06-24 16:56 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-06-24 16:56 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2015-06-24 16:56 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-06-24 16:56 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-06-23 13:46 . 2015-06-23 13:55 -------- d-----w- c:\users\Tom\AppData\Local\Ubisoft Game Launcher
2015-06-23 13:46 . 2015-06-23 13:55 -------- d-----w- c:\users\Tom\AppData\Roaming\Might & Magic Heroes VI
2015-06-23 13:43 . 2015-06-23 13:43 -------- d-----w- c:\program files (x86)\Ubisoft
2015-06-20 14:54 . 2015-06-20 14:56 -------- d-----w- c:\users\Tom\AppData\Local\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\programdata\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\program files (x86)\Sony
2015-06-20 14:54 . 2015-06-20 14:54 -------- d-----w- c:\program files\Sony
2015-06-20 14:54 . 2015-06-21 08:45 -------- d-----w- c:\users\Tom\AppData\Roaming\Sony
.
.
.
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 18 črc 2015 21:55

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 14:46 . 2015-05-11 18:09 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-15 14:16 . 2015-06-13 18:45 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 14:16 . 2015-06-13 18:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 09:03 . 2015-05-02 20:07 670208 ----a-w- c:\windows\system32\igfxDH.dll
2015-07-05 09:03 . 2015-05-02 20:07 247400 ----a-w- c:\windows\system32\igfxHK.exe
2015-07-05 09:03 . 2015-05-02 20:06 4587608 ----a-w- c:\windows\system32\igdusc64.dll
2015-07-05 09:03 . 2015-05-02 20:06 3628160 ----a-w- c:\windows\SysWow64\igdusc32.dll
2015-07-05 09:03 . 2015-05-02 20:06 319080 ----a-w- c:\windows\system32\igfxCUIService.exe
2015-07-05 09:03 . 2015-05-02 20:06 252416 ----a-w- c:\windows\system32\igfxLHM.dll
2015-07-05 09:03 . 2015-05-02 20:06 10474552 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2015-07-05 09:03 . 2015-06-11 14:01 11793480 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2015-07-05 09:03 . 2015-05-02 20:06 12218376 ----a-w- c:\windows\system32\igd10iumd64.dll
2015-07-03 06:43 . 2015-05-02 20:57 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-01 20:49 . 2015-07-15 14:31 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-15 14:31 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-16 14:31 . 2015-06-16 14:31 1691816 ----a-w- c:\windows\system32\FM20.DLL
2015-06-13 18:47 . 2015-06-13 18:47 2918104 ----a-w- c:\windows\system32\RtPgEx64.dll
2015-06-13 18:47 . 2015-06-13 18:47 1316056 ----a-w- c:\windows\system32\RTCOM64.dll
2015-06-13 18:47 . 2015-06-13 18:47 1948928 ----a-w- c:\windows\system32\MBAPO264.dll
2015-06-13 18:47 . 2015-06-13 18:47 1716480 ----a-w- c:\windows\SysWow64\MBAPO232.dll
2015-06-13 18:46 . 2015-06-13 18:46 30960 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2015-06-13 18:46 . 2015-06-13 18:46 1399536 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2015-06-13 18:42 . 2015-06-13 18:42 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-06-12 08:21 . 2015-05-03 09:40 1216471 ----a-w- c:\windows\unins000.exe
2015-05-25 18:24 . 2015-06-11 05:58 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-11 05:58 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-11 05:58 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-11 05:58 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-11 05:58 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-11 05:58 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-11 05:58 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-11 05:58 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-11 05:58 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-11 05:58 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-11 05:58 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-11 05:58 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-11 05:58 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-11 05:58 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-11 05:58 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-11 05:58 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-11 05:58 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-11 05:58 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-11 05:58 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-11 05:58 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-11 05:58 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-11 05:58 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-11 05:58 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-11 05:58 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-11 05:58 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-11 05:58 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 05:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-11 05:58 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-11 05:58 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-11 05:58 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-11 05:58 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-11 05:58 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-11 05:58 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-11 05:58 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-11 05:58 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-11 05:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-11 05:58 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-11 05:58 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-11 05:58 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-11 05:58 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-11 05:58 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-11 05:58 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-11 05:58 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-11 05:58 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-11 05:58 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2015-05-25 17:55 . 2015-06-11 05:58 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 05:58 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 05:58 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\ProductData ----
.
2015-07-18 19:34 . 2015-07-18 19:34 215 ----a-w- c:\programdata\ProductData\StatCache.db
.
---- Directory of c:\users\Tom\AppData\Roaming\ProductData ----
.
2015-07-18 14:46 . 2015-07-18 18:51 15136 ----a-w- c:\users\Tom\AppData\Roaming\ProductData\update.spt
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"="c:\program files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" [2014-02-24 1440768]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-03-23 296216]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2014-04-08 1047536]
"Command Center"="c:\program files (x86)\MSI\Command Center\StartCommandCenter.exe" [2015-03-27 797648]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"VirtualCloneDrive"="c:\program files (x86)\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Gila"="c:\program files (x86)\Genius\Gila\mousehid.exe" [2013-10-10 2055680]
.
c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\Tom\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2015-4-28 7142280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - c:\windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2015-5-2 72008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\Command Center\MSICommService.exe;c:\program files (x86)\MSI\Command Center\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe;c:\program files (x86)\MSI\Command Center\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 MSI_ECOSERVICE;MSI_ECOSERVICE;c:\program files (x86)\MSI\ECO Center\ECO_Service.exe;c:\program files (x86)\MSI\ECO Center\ECO_Service.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\Command Center\MSIControlService.exe;c:\program files (x86)\MSI\Command Center\MSIControlService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 RAMDriv;MSI RAMDrive;c:\windows\system32\DRIVERS\ramdriv.sys;c:\windows\SYSNATIVE\DRIVERS\ramdriv.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 SuperRAIDSvc;SuperRAIDSvc;c:\msi\Smart Utilities\SuperRAIDSvc.exe;c:\msi\Smart Utilities\SuperRAIDSvc.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KbFilter_Kb_FlexDef3x;HID Keyboard(FlexDef3x) Driver Service;c:\windows\system32\DRIVERS\KbFilter_FlexDef3x.sys;c:\windows\SYSNATIVE\DRIVERS\KbFilter_FlexDef3x.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_ECO;NTIOLib_ECO;c:\program files (x86)\MSI\ECO Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\ECO Center\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID;c:\msi\Smart Utilities\NTIOLib_X64.sys;c:\msi\Smart Utilities\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - GENERICDRV
*NewlyCreated* - NTIOLIB_ECO
*Deregistered* - GENERICDRV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-15 14:17 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-04-16 15:42 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-06-20 11:48 774984 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2014-02-21 41088]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-07-05 8484056]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-14 2631824]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-14 1710056]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-IObit Surfing Protection_is1 - c:\program files (x86)\IObit\Surfing Protection\unins000.exe
AddRemove-MondialMt2 Delivrance V2011.0.1_is1 - d:\hry\Metiny\mondialmt2_delivrance_v2011_0_1\unins000.exe
AddRemove-Mount&Blade Warband - d:\hry\Mount&Blade Warband\uninstall.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{53d408db-eb91-43fb-9d8f-167681c19763} - c:\programdata\Package Cache\{53d408db-eb91-43fb-9d8f-167681c19763}\VS2013.4.exe
AddRemove-{56351c83-306c-4135-a570-2784d3025548} - c:\programdata\Package Cache\{56351c83-306c-4135-a570-2784d3025548}\xtu-setup-exe.exe
AddRemove-{7dbba119-718a-4f68-b33e-454dc8aa5faf} - c:\programdata\Package Cache\{7dbba119-718a-4f68-b33e-454dc8aa5faf}\VS12-KB2932965.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{98f335cd-0a32-4b3f-b74c-ef9480e834f0} - c:\programdata\Package Cache\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}\SetupChipset.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{fec93b6d-17f6-4952-96e1-2af5a525cf5d} - c:\programdata\Package Cache\{fec93b6d-17f6-4952-96e1-2af5a525cf5d}\vs_premium.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2297476255-290351391-472809066-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\users\Tom\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\program files (x86)\MSI\Fast Boot\FastBoot.exe
c:\program files (x86)\Genius\Gila\trayicon.exe
.
**************************************************************************
.
Completion time: 2015-07-18 21:47:30 - machine was rebooted
ComboFix-quarantined-files.txt 2015-07-18 19:47
.
Pre-Run: Volných bajtu: 29 804 097 536
Post-Run: Volných bajtu: 29 153 615 872
.
- - End Of File - - CCB7421C221A429F11EEAB2643079906
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod jaro3 » 19 črc 2015 09:06

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 19 črc 2015 18:02

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-07-19 17:59:27
-----------------------------
17:59:27.913 OS Version: Windows x64 6.1.7601 Service Pack 1
17:59:27.913 Number of processors: 4 586 0x3C03
17:59:27.913 ComputerName: TOM-PC UserName: Tom
17:59:28.069 Initialize success
17:59:28.084 VM: initialized successfully
17:59:28.084 VM: Intel CPU supported
18:00:49.327 VM: not used
18:01:09.533 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007f
18:01:09.549 Disk 0 Vendor: ADATA___ 5.0. Size: 122104MB BusType: 11
18:01:09.549 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000080
18:01:09.549 Disk 1 Vendor: WDC_____ 05.0 Size: 610480MB BusType: 11
18:01:09.564 Disk 0 MBR read successfully
18:01:09.564 Disk 0 MBR scan
18:01:09.564 Disk 0 Windows 7 default MBR code
18:01:09.564 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:01:09.580 Disk 0 Boot: NTFS code=2
18:01:09.580 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
18:01:09.580 Disk 0 scanning C:\Windows\system32\drivers
18:01:10.235 Service scanning
18:01:11.374 Service MSICDSetup E:\CDriver64.sys **LOCKED** 21
18:01:11.514 Service NTIOLib_1_0_C E:\NTIOLib_X64.sys **LOCKED** 21
18:01:12.559 Modules scanning
18:01:12.559 Disk 0 trace - called modules:
18:01:12.575 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
18:01:12.591 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800f444060]
18:01:12.591 3 CLASSPNP.SYS[fffff88001ce343f] -> nt!IofCallDriver -> [0xfffffa800f33d940]
18:01:12.606 5 iaStorF.sys[fffff88001877f84] -> nt!IofCallDriver -> \Device\0000007f[0xfffffa800cad69c0]
18:01:12.606 Disk 0 statistics 102162/0/0 @ 167,96 MB/s
18:01:12.606 Scan finished successfully
18:01:21.093 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
18:01:21.093 The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 19 črc 2015 18:05

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:04:54, on 19.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)


Boot mode: Normal

Running processes:
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Genius\Gila\mousehid.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Genius\Gila\trayicon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Gila] C:\Program Files (x86)\Genius\Gila\mousehid.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F6A43803F41C0EE8AA9068339E55A010] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Curse.lnk = C:\Users\Tom\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Global Startup: Killer Network Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_ECOSERVICE - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 12010 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod jaro3 » 19 črc 2015 18:42

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 19 črc 2015 20:42

S klávesnicí a steamem pořád, tudíž vada klávesnice. Problém s myší jsem ještě nezpozoroval, uvidí se časem, kdyžtak ji dám na reklamaci. A neodpovídající ikony na ploše, zaseklá načítací se ikona internetu zatím bez problému, taky se ještě uvidí.

Děkuji mockrát, pokud se objeví problémy, reinstaluji Windows/dám myš na reklamaci.
Nahoru
Toom3R
nováček
Příspěvky: 32
Registrován: červenec 15
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Toom3R » 19 črc 2015 20:54

Takže s myší půjdu na reklamaci, pořád blbne.
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 37 hostů