system.exe, zpomalení počítače a zhoršení výkonu g. karty

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 24 říj 2015 20:01

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:14, on 24.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Veronika\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Curse.lnk = C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - c:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10054 bytes



Počítač je stále nějak "zpomalený" a není tak rychlý jako dřív i po čištění. gk jsem ještě neotestovala, avšak všechno se načítá stále pomale
Nahoru
Reklama
Top
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod jerabina » 24 říj 2015 20:31

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 25 říj 2015 00:45

ComboFix 15-10-23.01 - Veronika 24.10.2015 23:48:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8111.5345 [GMT 2:00]
Spuštěný z: c:\users\Veronika\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Veronika\AppData\Roaming\Microsoft\Windows\Recent\Counter-Strike Global Offensive.url
c:\users\Veronika\AppData\Roaming\Microsoft\Windows\Recent\Terraria.url
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-24 do 2015-10-24 )))))))))))))))))))))))))))))))
.
.
2015-10-24 22:33 . 2015-10-24 22:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-24 17:38 . 2015-10-24 17:23 24064 ----a-w- c:\windows\zoek-delete.exe
2015-10-24 17:38 . 2015-10-24 22:33 -------- d-----w- c:\users\Veronika\AppData\Local\Temp
2015-10-24 17:23 . 2015-10-24 17:36 -------- d-----w- C:\zoek_backup
2015-10-23 21:09 . 2015-10-24 16:14 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-10-23 21:09 . 2015-10-23 21:47 -------- d-----w- c:\programdata\RogueKiller
2015-10-23 16:28 . 2015-10-23 16:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-10-23 16:28 . 2015-10-23 16:28 -------- d-----r- c:\program files (x86)\Skype
2015-10-23 14:59 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BADFF0D-A7CF-49F0-8437-A59268B9D1B0}\mpengine.dll
2015-10-22 19:11 . 2015-10-22 19:51 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-22 19:11 . 2015-10-22 19:11 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-10-22 19:11 . 2015-10-05 07:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-22 19:11 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-22 19:11 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-18 11:50 . 2015-10-18 11:50 -------- d-----w- c:\windows\SysWow64\NV
2015-10-18 11:50 . 2015-10-18 11:50 -------- d-----w- c:\windows\system32\NV
2015-10-18 11:31 . 2015-10-18 11:31 -------- d-----w- C:\NVIDIA
2015-10-16 09:18 . 2015-10-16 09:18 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-10-15 20:17 . 2015-10-15 20:17 -------- d-----w- c:\users\Veronika\Tracing
2015-10-15 18:04 . 2015-10-23 16:28 -------- d-----w- c:\users\Veronika\AppData\Local\Skype
2015-10-15 18:04 . 2015-10-24 17:48 -------- d-----w- c:\users\Veronika\AppData\Roaming\Skype
2015-10-15 18:03 . 2015-10-23 16:28 -------- d-----w- c:\programdata\Skype
2015-10-14 16:13 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-14 16:08 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-11 13:33 . 2015-10-03 05:06 17395512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-10-08 21:08 . 2015-10-17 11:59 -------- d-----w- c:\program files (x86)\FirestormLauncher
2015-10-08 18:32 . 2015-10-08 18:32 -------- d-----w- c:\program files\WinRAR
2015-10-07 18:51 . 2015-10-07 18:51 -------- d-----w- c:\users\Veronika\AppData\Roaming\WTablet
2015-10-07 18:37 . 2015-10-17 14:30 -------- d-----w- c:\users\Veronika\AppData\Local\Diagnostics
2015-10-03 14:55 . 2015-10-03 14:55 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-03 14:51 . 2015-10-03 14:54 -------- d-----w- c:\program files\Java
2015-10-03 13:57 . 2015-10-03 13:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-10-03 13:57 . 2015-10-03 14:56 -------- d-----w- c:\users\Veronika\.oracle_jre_usage
2015-10-03 13:56 . 2015-10-03 13:56 -------- d-----w- c:\programdata\Oracle
2015-10-03 13:56 . 2015-10-03 13:56 -------- d-----w- c:\program files (x86)\Java
2015-10-02 21:36 . 2015-10-02 21:36 -------- d-----w- c:\users\Veronika\AppData\Roaming\java
2015-10-02 21:35 . 2015-10-16 19:48 -------- d-----w- c:\users\Veronika\AppData\Roaming\.minecraft
2015-10-02 21:34 . 2015-10-02 21:35 -------- d-----w- c:\program files (x86)\Minecraft
2015-09-29 21:43 . 2015-09-14 00:29 1558832 ----a-w- c:\windows\system32\nvdispgenco6435598.dll
2015-09-29 21:43 . 2015-09-14 00:29 1898288 ----a-w- c:\windows\system32\nvdispco6435598.dll
2015-09-29 16:25 . 2015-10-22 19:49 -------- d-----w- C:\AdwCleaner
2015-09-29 16:25 . 2015-09-29 16:25 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-14 20:06 . 2015-08-15 15:51 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-12 03:05 . 2015-08-15 12:48 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-08-15 12:48 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-08-15 12:48 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-08-15 12:48 1710752 ----a-w- c:\windows\system32\nvspcap64.dll
2015-10-03 05:06 . 2015-09-02 19:40 15716648 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-10-03 05:06 . 2015-08-15 12:44 467912 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-10-03 05:06 . 2015-08-15 12:44 388024 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-10-03 05:06 . 2015-08-15 12:44 3573832 ----a-w- c:\windows\system32\nvapi64.dll
2015-10-03 05:06 . 2015-08-15 12:44 3154104 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-10-03 05:06 . 2015-08-15 12:44 177416 ----a-w- c:\windows\system32\nvinitx.dll
2015-10-03 05:06 . 2015-08-15 12:44 155976 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-10-03 05:06 . 2015-08-15 12:44 12769408 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-10-03 02:49 . 2015-08-15 12:48 6358648 ----a-w- c:\windows\system32\nvcpl.dll
2015-10-03 02:49 . 2015-08-15 12:48 2982520 ----a-w- c:\windows\system32\nvsvc64.dll
2015-10-03 02:49 . 2015-08-15 12:48 938800 ----a-w- c:\windows\system32\nvvsvc.exe
2015-10-03 02:49 . 2015-08-15 12:48 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-10-03 02:49 . 2015-08-15 12:48 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-10-03 02:49 . 2015-08-15 12:48 523384 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-10-03 02:49 . 2015-08-15 12:48 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-10-03 02:49 . 2015-08-15 12:48 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-10-01 09:33 . 2015-08-15 12:48 5284082 ----a-w- c:\windows\system32\nvcoproc.bin
2015-09-29 02:58 . 2015-10-14 16:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-14 16:14 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-14 16:14 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-12 10:18 . 2015-08-15 13:26 401 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-02 03:04 . 2015-09-09 16:36 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 16:36 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 16:36 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 16:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 16:36 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 16:36 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 16:36 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 16:36 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 16:36 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 16:36 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 16:36 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-25 18:46 . 2015-09-02 19:40 1898288 ----a-w- c:\windows\system32\nvdispco6435582.dll
2015-08-25 18:46 . 2015-09-02 19:40 1558648 ----a-w- c:\windows\system32\nvdispgenco6435582.dll
2015-08-17 08:01 . 2015-08-17 08:01 405360 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-15 16:59 . 2015-08-15 16:59 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-08-15 16:59 . 2015-08-15 16:59 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-08-15 16:59 . 2015-08-15 16:59 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-08-15 16:59 . 2015-08-15 16:59 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-08-15 16:59 . 2015-08-15 16:59 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-08-15 16:59 . 2015-08-15 16:59 81408 ----a-w- c:\windows\system32\icardie.dll
2015-08-15 16:59 . 2015-08-15 16:59 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-08-15 16:59 . 2015-08-15 16:59 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-08-15 16:59 . 2015-08-15 16:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-08-15 16:59 . 2015-08-15 16:59 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-08-15 16:59 . 2015-08-15 16:59 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-08-15 16:59 . 2015-08-15 16:59 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-08-15 16:59 . 2015-08-15 16:59 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-08-15 16:59 . 2015-08-15 16:59 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-08-15 16:59 . 2015-08-15 16:59 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-08-15 16:59 . 2015-08-15 16:59 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-08-15 16:59 . 2015-08-15 16:59 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-08-15 16:59 . 2015-08-15 16:59 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-08-15 16:59 . 2015-08-15 16:59 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-08-15 16:59 . 2015-08-15 16:59 247808 ----a-w- c:\windows\system32\msls31.dll
2015-08-15 16:59 . 2015-08-15 16:59 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-08-15 16:59 . 2015-08-15 16:59 235520 ----a-w- c:\windows\system32\url.dll
2015-08-15 16:59 . 2015-08-15 16:59 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-08-15 16:59 . 2015-08-15 16:59 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-08-15 16:59 . 2015-08-15 16:59 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-08-15 16:59 . 2015-08-15 16:59 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-08-15 16:59 . 2015-08-15 16:59 143872 ----a-w- c:\windows\system32\wextract.exe
2015-08-15 16:59 . 2015-08-15 16:59 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-08-15 16:59 . 2015-08-15 16:59 13824 ----a-w- c:\windows\system32\mshta.exe
2015-08-15 16:59 . 2015-08-15 16:59 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-08-15 16:59 . 2015-08-15 16:59 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-08-15 16:59 . 2015-08-15 16:59 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-08-15 16:59 . 2015-08-15 16:59 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-08-15 16:59 . 2015-08-15 16:59 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-08-15 16:59 . 2015-08-15 16:59 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-08-15 16:59 . 2015-08-15 16:59 101376 ----a-w- c:\windows\system32\inseng.dll
2015-08-15 16:57 . 2015-08-15 16:57 859648 ----a-w- c:\windows\system32\tdh.dll
2015-08-15 16:57 . 2015-08-15 16:57 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-08-15 16:57 . 2015-08-15 16:57 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-08-15 16:57 . 2015-08-15 16:57 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-08-15 16:56 . 2015-08-15 16:56 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-08-15 16:56 . 2015-08-15 16:56 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-08-15 16:56 . 2015-08-15 16:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-08-15 16:56 . 2015-08-15 16:56 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-08-15 16:56 . 2015-08-15 16:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-12-20 292848]
.
c:\users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2015-8-3 7149960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R);c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 iBtSiva;Intel Bluetooth Service;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ETD;ELAN Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-23 20:07 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-15 17:56]
.
2015-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-15 17:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-10-09 36352]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-08-05 7822648]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2014-11-06 405504]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-06-18 14021336]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{4549ceb8-695a-42eb-a183-4820d542a15f} - c:\programdata\Package Cache\{4549ceb8-695a-42eb-a183-4820d542a15f}\vcredist_x86.exe
AddRemove-{85b9d34f-7397-4e39-8600-07942ef6ca04} - c:\programdata\Package Cache\{85b9d34f-7397-4e39-8600-07942ef6ca04}\Setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-10-25 00:35:13
ComboFix-quarantined-files.txt 2015-10-24 22:35
.
Před spuštěním: Volných bajtů: 741 181 931 520
Po spuštění: Volných bajtů: 740 800 823 296
.
- - End Of File - - 1576D89E93BE36E7F7E7BD5E976E1E1B
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43294
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod jaro3 » 25 říj 2015 08:52

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 25 říj 2015 20:32

ComboFix 15-10-23.01 - Veronika 25.10.2015 20:17:10.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8111.6017 [GMT 1:00]
Spuštěný z: c:\users\Veronika\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Veronika\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.28.15\goopdate.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{1419901B-DBCA-47A2-A4B3-7E90D4D53945}\46.0.2490.71_45.0.2454.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{1CF50452-614C-4810-9905-2B0EF2CCE694}\45.0.2454.99_45.0.2454.93_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{26D20A61-6CBC-415B-98E5-457E6EAD542E}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{C0847092-F7C8-42F7-B41A-B56714ECA972}\45.0.2454.93_45.0.2454.85_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{C26F2995-511F-49AF-BA3D-81F767DADB98}\45.0.2454.85_44.0.2403.157_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{E963FA57-0F03-4EB7-997E-EC86D3020500}\46.0.2490.80_46.0.2490.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{EEAD7F92-2294-4AE6-8660-0CE8E4864E24}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{EF25A91F-C60B-4E2D-9456-8CBD0238B13F}\45.0.2454.101_45.0.2454.99_chrome_updater.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-25 do 2015-10-25 )))))))))))))))))))))))))))))))
.
.
2015-10-24 17:38 . 2015-10-24 17:23 24064 ----a-w- c:\windows\zoek-delete.exe
2015-10-24 17:38 . 2015-10-25 19:25 -------- d-----w- c:\users\Veronika\AppData\Local\Temp
2015-10-24 17:23 . 2015-10-24 17:36 -------- d-----w- C:\zoek_backup
2015-10-23 21:09 . 2015-10-24 16:14 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-10-23 21:09 . 2015-10-23 21:47 -------- d-----w- c:\programdata\RogueKiller
2015-10-23 16:28 . 2015-10-23 16:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-10-23 16:28 . 2015-10-25 19:22 -------- d-----r- c:\program files (x86)\Skype
2015-10-23 14:59 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BADFF0D-A7CF-49F0-8437-A59268B9D1B0}\mpengine.dll
2015-10-22 19:11 . 2015-10-22 19:51 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-22 19:11 . 2015-10-22 19:11 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-10-22 19:11 . 2015-10-05 07:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-22 19:11 . 2015-10-05 07:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-22 19:11 . 2015-10-05 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-18 11:50 . 2015-10-18 11:50 -------- d-----w- c:\windows\SysWow64\NV
2015-10-18 11:50 . 2015-10-18 11:50 -------- d-----w- c:\windows\system32\NV
2015-10-18 11:31 . 2015-10-18 11:31 -------- d-----w- C:\NVIDIA
2015-10-16 09:18 . 2015-10-16 09:18 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-10-15 20:17 . 2015-10-15 20:17 -------- d-----w- c:\users\Veronika\Tracing
2015-10-15 18:04 . 2015-10-23 16:28 -------- d-----w- c:\users\Veronika\AppData\Local\Skype
2015-10-15 18:04 . 2015-10-24 17:48 -------- d-----w- c:\users\Veronika\AppData\Roaming\Skype
2015-10-15 18:03 . 2015-10-23 16:28 -------- d-----w- c:\programdata\Skype
2015-10-14 16:13 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-14 16:08 . 2015-09-25 18:07 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-10-11 13:33 . 2015-10-03 05:06 17395512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-10-08 21:08 . 2015-10-17 11:59 -------- d-----w- c:\program files (x86)\FirestormLauncher
2015-10-08 18:32 . 2015-10-08 18:32 -------- d-----w- c:\program files\WinRAR
2015-10-07 18:51 . 2015-10-07 18:51 -------- d-----w- c:\users\Veronika\AppData\Roaming\WTablet
2015-10-07 18:37 . 2015-10-17 14:30 -------- d-----w- c:\users\Veronika\AppData\Local\Diagnostics
2015-10-03 14:55 . 2015-10-03 14:55 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-03 14:51 . 2015-10-03 14:54 -------- d-----w- c:\program files\Java
2015-10-03 13:57 . 2015-10-03 13:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-10-03 13:57 . 2015-10-03 14:56 -------- d-----w- c:\users\Veronika\.oracle_jre_usage
2015-10-03 13:56 . 2015-10-03 13:56 -------- d-----w- c:\programdata\Oracle
2015-10-03 13:56 . 2015-10-03 13:56 -------- d-----w- c:\program files (x86)\Java
2015-10-02 21:36 . 2015-10-02 21:36 -------- d-----w- c:\users\Veronika\AppData\Roaming\java
2015-10-02 21:35 . 2015-10-16 19:48 -------- d-----w- c:\users\Veronika\AppData\Roaming\.minecraft
2015-10-02 21:34 . 2015-10-02 21:35 -------- d-----w- c:\program files (x86)\Minecraft
2015-09-29 21:43 . 2015-09-14 00:29 1558832 ----a-w- c:\windows\system32\nvdispgenco6435598.dll
2015-09-29 21:43 . 2015-09-14 00:29 1898288 ----a-w- c:\windows\system32\nvdispco6435598.dll
2015-09-29 16:25 . 2015-10-22 19:49 -------- d-----w- C:\AdwCleaner
2015-09-29 16:25 . 2015-09-29 16:25 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-14 20:06 . 2015-08-15 15:51 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-10-12 03:05 . 2015-08-15 12:48 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-08-15 12:48 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-08-15 12:48 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-08-15 12:48 1710752 ----a-w- c:\windows\system32\nvspcap64.dll
2015-10-03 05:06 . 2015-09-02 19:40 15716648 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-10-03 05:06 . 2015-08-15 12:44 467912 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-10-03 05:06 . 2015-08-15 12:44 388024 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-10-03 05:06 . 2015-08-15 12:44 3573832 ----a-w- c:\windows\system32\nvapi64.dll
2015-10-03 05:06 . 2015-08-15 12:44 3154104 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-10-03 05:06 . 2015-08-15 12:44 177416 ----a-w- c:\windows\system32\nvinitx.dll
2015-10-03 05:06 . 2015-08-15 12:44 155976 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-10-03 05:06 . 2015-08-15 12:44 12769408 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-10-03 02:49 . 2015-08-15 12:48 6358648 ----a-w- c:\windows\system32\nvcpl.dll
2015-10-03 02:49 . 2015-08-15 12:48 2982520 ----a-w- c:\windows\system32\nvsvc64.dll
2015-10-03 02:49 . 2015-08-15 12:48 938800 ----a-w- c:\windows\system32\nvvsvc.exe
2015-10-03 02:49 . 2015-08-15 12:48 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-10-03 02:49 . 2015-08-15 12:48 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-10-03 02:49 . 2015-08-15 12:48 523384 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-10-03 02:49 . 2015-08-15 12:48 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-10-03 02:49 . 2015-08-15 12:48 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-10-01 09:33 . 2015-08-15 12:48 5284082 ----a-w- c:\windows\system32\nvcoproc.bin
2015-09-29 02:58 . 2015-10-14 16:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-14 16:14 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-14 16:14 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-09 16:36 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 16:36 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 16:36 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 16:36 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 16:36 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 16:36 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 16:36 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 16:36 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 16:36 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 16:36 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 16:36 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-25 18:46 . 2015-09-02 19:40 1898288 ----a-w- c:\windows\system32\nvdispco6435582.dll
2015-08-25 18:46 . 2015-09-02 19:40 1558648 ----a-w- c:\windows\system32\nvdispgenco6435582.dll
2015-08-17 08:01 . 2015-08-17 08:01 405360 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-15 16:59 . 2015-08-15 16:59 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-08-15 16:59 . 2015-08-15 16:59 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-08-15 16:59 . 2015-08-15 16:59 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-08-15 16:59 . 2015-08-15 16:59 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-08-15 16:59 . 2015-08-15 16:59 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-08-15 16:59 . 2015-08-15 16:59 81408 ----a-w- c:\windows\system32\icardie.dll
2015-08-15 16:59 . 2015-08-15 16:59 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-08-15 16:59 . 2015-08-15 16:59 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-08-15 16:59 . 2015-08-15 16:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-08-15 16:59 . 2015-08-15 16:59 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-08-15 16:59 . 2015-08-15 16:59 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-08-15 16:59 . 2015-08-15 16:59 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-08-15 16:59 . 2015-08-15 16:59 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-08-15 16:59 . 2015-08-15 16:59 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-08-15 16:59 . 2015-08-15 16:59 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-08-15 16:59 . 2015-08-15 16:59 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-08-15 16:59 . 2015-08-15 16:59 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-08-15 16:59 . 2015-08-15 16:59 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-08-15 16:59 . 2015-08-15 16:59 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-08-15 16:59 . 2015-08-15 16:59 247808 ----a-w- c:\windows\system32\msls31.dll
2015-08-15 16:59 . 2015-08-15 16:59 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-08-15 16:59 . 2015-08-15 16:59 235520 ----a-w- c:\windows\system32\url.dll
2015-08-15 16:59 . 2015-08-15 16:59 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-08-15 16:59 . 2015-08-15 16:59 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-08-15 16:59 . 2015-08-15 16:59 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-08-15 16:59 . 2015-08-15 16:59 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-08-15 16:59 . 2015-08-15 16:59 143872 ----a-w- c:\windows\system32\wextract.exe
2015-08-15 16:59 . 2015-08-15 16:59 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-08-15 16:59 . 2015-08-15 16:59 13824 ----a-w- c:\windows\system32\mshta.exe
2015-08-15 16:59 . 2015-08-15 16:59 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-08-15 16:59 . 2015-08-15 16:59 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-08-15 16:59 . 2015-08-15 16:59 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-08-15 16:59 . 2015-08-15 16:59 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-08-15 16:59 . 2015-08-15 16:59 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-08-15 16:59 . 2015-08-15 16:59 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-08-15 16:59 . 2015-08-15 16:59 101376 ----a-w- c:\windows\system32\inseng.dll
2015-08-15 16:57 . 2015-08-15 16:57 859648 ----a-w- c:\windows\system32\tdh.dll
2015-08-15 16:57 . 2015-08-15 16:57 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-08-15 16:57 . 2015-08-15 16:57 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-08-15 16:57 . 2015-08-15 16:57 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-08-15 16:56 . 2015-08-15 16:56 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-08-15 16:56 . 2015-08-15 16:56 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-08-15 16:56 . 2015-08-15 16:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-08-15 16:56 . 2015-08-15 16:56 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-08-15 16:56 . 2015-08-15 16:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-08-15 16:56 . 2015-08-15 16:56 296960 ----a-w- c:\windows\system32\d3d10core.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-12-20 292848]
.
c:\users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2015-8-3 7149960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R);c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 iBtSiva;Intel Bluetooth Service;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ETD;ELAN Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-23 20:07 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-10-09 36352]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-08-05 7822648]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2014-11-06 405504]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-06-18 14021336]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{4549ceb8-695a-42eb-a183-4820d542a15f} - c:\programdata\Package Cache\{4549ceb8-695a-42eb-a183-4820d542a15f}\vcredist_x86.exe
AddRemove-{85b9d34f-7397-4e39-8600-07942ef6ca04} - c:\programdata\Package Cache\{85b9d34f-7397-4e39-8600-07942ef6ca04}\Setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files\Tablet\Pen\WacomHost.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
**************************************************************************
.
Celkový čas: 2015-10-25 20:29:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-25 19:29
ComboFix2.txt 2015-10-24 22:35
.
Před spuštěním: Volných bajtů: 739 191 783 424
Po spuštění: Volných bajtů: 738 929 704 960
.
- - End Of File - - E85747A82E8FAB71431AFC88DC892267
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 25 říj 2015 20:37

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-10-25 20:34:08
-----------------------------
20:34:08.094 OS Version: Windows x64 6.1.7601 Service Pack 1
20:34:08.094 Number of processors: 4 586 0x3C03
20:34:08.094 ComputerName: VERONIKA-PC UserName: Veronika
20:34:10.044 Initialize success
20:34:10.059 VM: initialized successfully
20:34:10.059 VM: Intel CPU supported
20:34:26.376 VM: disk I/O iaStorA.sys
20:34:35.793 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
20:34:35.809 Disk 0 Vendor: WDC_____ 01.0 Size: 953869MB BusType: 11
20:34:36.027 Disk 0 MBR read successfully
20:34:36.027 Disk 0 MBR scan
20:34:36.043 Disk 0 Windows 7 default MBR code
20:34:36.043 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:34:36.059 Disk 0 default boot code
20:34:36.059 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 943530 MB offset 206848
20:34:36.090 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10238 MB offset 1932557696
20:34:36.277 Disk 0 scanning C:\Windows\system32\drivers
20:34:43.344 Service scanning
20:34:51.612 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
20:34:52.251 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
20:34:52.407 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
20:34:52.548 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
20:35:38.849 Modules scanning
20:35:38.849 Disk 0 trace - called modules:
20:35:38.864 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
20:35:38.880 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b5f060]
20:35:38.880 3 CLASSPNP.SYS[fffff88001c5e43f] -> nt!IofCallDriver -> [0xfffffa80076d0a90]
20:35:38.896 5 iaStorF.sys[fffff880017e0f84] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa80074989c0]
20:35:38.896 Disk 0 statistics 108198/0/0 @ 7,95 MB/s
20:35:38.896 Scan finished successfully
20:35:47.398 Disk 0 MBR has been saved successfully to "C:\Users\Veronika\Desktop\MBR.dat"
20:35:47.398 The log file has been saved successfully to "C:\Users\Veronika\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod jerabina » 25 říj 2015 21:00

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 27 říj 2015 19:00

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:58, on 27.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Users\Veronika\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Veronika\Downloads\HijackThis (1).exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Curse.lnk = C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - c:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9135 bytes


Počítač je už trošku rychlejší, ale s tou kartou to je pořád stejný.. ale jen v guildwars, alespoň nikde jinde nepozoruji problém, až na občasné zaseknutí obrazovky.. je to problém se samotným programem, nebo je něco s pc?
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43294
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod jaro3 » 28 říj 2015 09:20

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 28 říj 2015 23:25

----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2015/10/28 23:23:58

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- TSSTcorp CDDVDW SN-208FB SCSI CdRom Device
- WDC WD10JPVX-22JC3T0 SCSI Disk Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0
----------------------------------------------------------------------------
Model : WDC WD10JPVX-22JC3T0
Firmware : 01.01A01
Serial Number : WD-WX81A846Y568
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 611 hod.
Power On Count : 186 krát
Temperature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 180 178 _21 0000000007A6 Čas na roztočení ploten
04 100 100 __0 0000000000F1 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 100 100 __0 000000000263 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 0000000000BA Počet cyklů zapnutí zařízení
BF _98 _98 __0 000000000002 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000003 Počet vypnutí disku
C1 200 200 __0 000000000150 Počet cyklů načítání/vymazání
C2 103 _95 __0 00000000002C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3831 4138 3436 5935 3638
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 5658 2D32 324A 4333 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 00CC
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0062
090: 0062 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B5F6 6EE8 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B4 B2 A6 07 00 00 00 00 00 04 32 00 64 64 F1
020: 00 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 64 64 63 02 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 BA 00 00 00 00 00 00 BF 32
070: 00 62 62 02 00 00 00 00 00 00 C0 32 00 C8 C8 03
080: 00 00 00 00 00 00 C1 32 00 C8 C8 50 01 00 00 00
090: 00 00 C2 22 00 67 5F 2C 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F4 47 01 7B
170: 03 00 01 00 02 CE 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43294
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod jaro3 » 29 říj 2015 09:38

Co Memtest?

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Meja
Level 1
Level 1
Příspěvky: 80
Registrován: květen 15
Pohlaví: Žena
Stav:
Offline

Re: system.exe, zpomalení počítače a zhoršení výkonu g. karty

Příspěvekod Meja » 01 lis 2015 23:07

memtest 0chyb,

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Veronika (administrator) on VERONIKA-PC (01-11-2015 23:05:11)
Running from C:\Users\Veronika\Downloads
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Curse, Inc) C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3281160 2014-08-26] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SCM] => c:\Program Files (x86)\SCM\SCM.exe [405504 2014-11-06] (MSI)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155976 2015-10-03] (NVIDIA Corporation)
Startup: C:\Users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-08-16]
ShortcutTarget: Curse.lnk -> C:\Users\Veronika\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{AEE13948-684B-4B78-AA65-2FA96514ACC9}: [DhcpNameServer] 192.168.110.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2745169964-2290832198-2812725371-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2745169964-2290832198-2812725371-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2745169964-2290832198-2812725371-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-03] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-08-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

Chrome:
=======
CHR Profile: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24]
CHR Extension: (Dokumenty Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Disk Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-24]
CHR Extension: (AdBlock) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24]
CHR Extension: (Gmail) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1933120 2015-07-31] (AVerMedia TECHNOLOGIES, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [124520 2014-10-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2014-11-06] (Micro-Star International Co., Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3685968 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [360448 2014-08-18] (Qualcomm Atheros) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVer330USB; C:\Windows\System32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (AVerMedia TECHNOLOGIES, Inc.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [97456 2014-08-13] (Qualcomm Atheros, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30360 2014-10-09] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [225008 2014-10-21] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3442144 2014-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-01 23:05 - 2015-11-01 23:05 - 00017083 _____ C:\Users\Veronika\Downloads\FRST.txt
2015-11-01 23:04 - 2015-11-01 23:05 - 00000000 ____D C:\FRST
2015-11-01 23:04 - 2015-11-01 23:04 - 02198016 _____ (Farbar) C:\Users\Veronika\Desktop\FRST64.exe
2015-11-01 20:21 - 2015-11-01 20:57 - 3215110092 _____ C:\Users\Veronika\Desktop\20151101202149.mp4
2015-11-01 20:20 - 2015-11-01 20:21 - 32528541 _____ C:\Users\Veronika\Desktop\20151101202044.mp4
2015-10-31 10:24 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-31 10:14 - 2015-11-01 18:56 - 00000000 ____D C:\Users\Veronika\Desktop\backups
2015-10-30 16:11 - 2015-11-01 18:52 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\vlc
2015-10-30 16:11 - 2015-10-30 16:11 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-30 16:11 - 2015-10-30 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-30 16:11 - 2015-10-30 16:11 - 00000000 ____D C:\Program Files\VideoLAN
2015-10-30 16:10 - 2015-10-30 16:10 - 29833438 _____ C:\Users\Veronika\Downloads\vlc-2.2.1-win64.exe
2015-10-30 16:09 - 2015-10-30 16:10 - 28849904 _____ C:\Users\Veronika\Downloads\vlc-2.2.1-win32.exe
2015-10-30 15:30 - 2015-10-30 15:30 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVerMedia
2015-10-30 15:29 - 2015-10-30 15:29 - 00002153 _____ C:\Users\Public\Desktop\AVerMedia RECentral.lnk
2015-10-30 15:29 - 2015-10-30 15:29 - 00000000 ____D C:\Windows\Driver Cache
2015-10-30 15:29 - 2015-10-30 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2015-10-30 15:29 - 2015-04-09 07:14 - 01551616 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\Drivers\AVer330USB.sys
2015-10-30 15:29 - 2014-12-16 09:39 - 00454064 _____ C:\Windows\system32\Drivers\qpvidfwusb.bin
2015-10-30 15:29 - 2014-12-16 09:39 - 00363832 _____ C:\Windows\system32\Drivers\qpaudfwusb.bin
2015-10-30 15:29 - 2014-12-16 09:39 - 00125440 _____ (AVerMedia Technology, Inc.) C:\Windows\SysWOW64\PropPage.ax
2015-10-30 15:28 - 2015-10-30 15:36 - 00000000 ____D C:\Users\Veronika\AppData\Local\RECentral
2015-10-30 15:28 - 2015-10-30 15:29 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2015-10-30 15:28 - 2013-04-22 18:00 - 00495616 _____ C:\Windows\SysWOW64\D3DX8ab.dll
2015-10-30 15:28 - 2012-11-25 21:26 - 02365756 _____ C:\Windows\SysWOW64\libfftw3-3.dll
2015-10-30 15:28 - 2012-04-21 12:21 - 01625088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-10-30 15:27 - 2015-08-11 11:22 - 00000000 ____D C:\Users\Veronika\Downloads\REC
2015-10-30 15:24 - 2015-10-30 15:27 - 109693342 _____ C:\Users\Veronika\Downloads\GL710_application_and_driver_v1.3.0.94_20150811.exe
2015-10-30 15:21 - 2015-11-01 18:49 - 00001559 _____ C:\Windows\setupact.log
2015-10-30 15:21 - 2015-10-30 15:21 - 00000000 _____ C:\Windows\setuperr.log
2015-10-30 14:59 - 2015-10-30 15:00 - 35698096 _____ C:\Users\Veronika\Downloads\OBS-MP-0.12.0-Installer.exe
2015-10-30 14:50 - 2015-10-30 14:50 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Sony Creative Software Inc
2015-10-30 14:49 - 2015-10-30 14:49 - 07277632 _____ C:\Users\Veronika\Downloads\OBS_0_656b_Installer.exe
2015-10-30 14:39 - 2015-10-30 14:39 - 00000000 ____D C:\Users\Veronika\AppData\Local\Intel_Corporation
2015-10-30 14:35 - 2015-10-30 14:35 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Publish Providers
2015-10-30 14:32 - 2015-10-30 14:33 - 09989712 _____ (MEGA Limited) C:\Users\Veronika\Downloads\MEGAsyncSetup (1).exe
2015-10-30 14:31 - 2015-10-30 14:32 - 09989712 _____ (MEGA Limited) C:\Users\Veronika\Downloads\MEGAsyncSetup.exe
2015-10-30 14:25 - 2015-10-30 14:28 - 00000000 ____D C:\Users\Veronika\AppData\Local\Sony
2015-10-30 14:25 - 2015-10-30 14:25 - 00001038 _____ C:\Users\Public\Desktop\Vegas Pro 13.lnk
2015-10-30 14:25 - 2015-10-30 14:25 - 00000000 ____D C:\ProgramData\Sony
2015-10-30 14:25 - 2015-10-30 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-10-30 14:25 - 2015-10-30 14:25 - 00000000 ____D C:\Program Files\Sony
2015-10-30 14:25 - 2015-10-30 14:25 - 00000000 ____D C:\Program Files (x86)\Sony
2015-10-30 14:15 - 2015-10-30 14:23 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Audacity
2015-10-30 14:15 - 2015-10-30 14:15 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-30 14:15 - 2015-10-30 14:15 - 00001011 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-10-30 14:15 - 2015-10-30 14:15 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-10-30 14:11 - 2015-10-30 15:15 - 00000000 ____D C:\Users\Veronika\AppData\Local\CrashDumps
2015-10-30 14:09 - 2015-10-30 14:54 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\OBS
2015-10-30 14:08 - 2015-10-30 14:55 - 00000000 ____D C:\Program Files\OBS
2015-10-30 14:08 - 2015-10-30 14:55 - 00000000 ____D C:\Program Files (x86)\OBS
2015-10-30 14:05 - 2015-10-30 16:36 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Sony
2015-10-29 18:07 - 2015-10-29 18:07 - 00000000 ____D C:\Users\Veronika\Documents\BnS
2015-10-29 18:07 - 2015-10-29 18:07 - 00000000 ____D C:\Users\Veronika\AppData\Roaming\Awesomium
2015-10-29 18:07 - 2015-07-22 14:01 - 03685968 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2015-10-29 18:07 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2015-10-29 18:07 - 2003-07-18 22:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2015-10-29 18:06 - 2015-10-29 18:06 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2015-10-28 23:23 - 2015-10-28 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-10-28 23:23 - 2015-10-28 23:23 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-10-28 22:28 - 2015-10-28 22:28 - 03908184 _____ (Crystal Dew World ) C:\Users\Veronika\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-10-28 22:28 - 2015-10-28 22:28 - 00015201 _____ C:\Users\Veronika\Downloads\MemTest.zip
2015-10-27 18:35 - 2015-10-27 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-27 18:35 - 2015-10-27 18:35 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-27 18:35 - 2015-10-26 11:15 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-10-26 20:19 - 2015-10-26 20:19 - 00002242 _____ C:\Users\Public\Desktop\Blade & Soul CBT.lnk
2015-10-26 20:19 - 2015-10-26 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2015-10-26 20:19 - 2015-10-26 20:19 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-10-26 20:17 - 2015-10-26 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2015-10-26 20:17 - 2015-10-26 20:17 - 00000000 ____D C:\Program Files (x86)\NCWest
2015-10-26 20:16 - 2015-10-26 20:16 - 08998672 _____ (NC Interactive, LLC) C:\Users\Veronika\Downloads\BnS_CBT Lite Installer.exe
2015-10-24 22:46 - 2015-10-27 18:39 - 00000000 ____D C:\Windows\erdnt
2015-10-24 18:56 - 2015-10-24 18:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\Veronika\Downloads\HijackThis (1).exe
2015-10-24 18:38 - 2015-10-24 18:23 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-10-24 18:24 - 2015-10-24 18:41 - 00004786 _____ C:\zoek-results.log
2015-10-24 18:23 - 2015-10-24 18:36 - 00000000 ____D C:\zoek_backup
2015-10-23 22:09 - 2015-10-24 17:14 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-10-23 22:09 - 2015-10-23 22:47 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-23 17:28 - 2015-10-25 20:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-23 17:28 - 2015-10-23 17:28 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-23 17:28 - 2015-10-23 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-23 17:25 - 2015-10-23 17:25 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Veronika\Downloads\SkypeSetup (1).exe
2015-10-22 20:11 - 2015-10-22 20:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-22 20:11 - 2015-10-22 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-22 20:11 - 2015-10-22 20:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-22 20:11 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-22 20:11 - 2015-10-05 08:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-22 20:11 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-22 20:09 - 2015-10-22 20:10 - 22908888 _____ (Malwarebytes ) C:\Users\Veronika\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-22 20:09 - 2015-10-22 20:09 - 01691648 _____ C:\Users\Veronika\Downloads\AdwCleaner.exe
2015-10-22 20:09 - 2015-10-22 20:09 - 00448512 _____ (OldTimer Tools) C:\Users\Veronika\Downloads\TFC.exe
2015-10-22 18:52 - 2015-10-22 18:52 - 00049796 _____ C:\Users\Veronika\Downloads\Cybersis-Pegboard-Nerds-Try-This-Insane-2015-10-22-Osu.osr
2015-10-22 18:13 - 2015-10-24 19:00 - 00010056 _____ C:\Users\Veronika\Downloads\hijackthis.log
2015-10-21 18:16 - 2015-10-21 18:16 - 03582911 _____ C:\Users\Veronika\Downloads\o-skin.zip
2015-10-21 18:04 - 2015-10-21 18:10 - 10338445 _____ C:\Users\Veronika\Downloads\Ani-Lights-2.osk
2015-10-20 21:23 - 2015-10-20 21:24 - 36115051 _____ C:\Users\Veronika\Downloads\Osu! Cookiezi Live play - The Quick Brown Fox - The Big Black
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 113 hostů