Logfile of random's system information tool 1.10 (written by random/random)
Run by Erutan at 2015-02-06 22:07:45
Microsoft Windows 7 Professional
System drive C: has 54 GB (48%) free of 114 GB
Total RAM: 8140 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:49, on 6.2.2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\ProgramData\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
C:\Fraps\fraps.exe
C:\Users\Erutan\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\trend micro\Erutan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 8_961F122D
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 8_961F122D
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 8_961F122D
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 8_961F122D
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 4-Fraps.lnk = C:\Fraps\fraps.exe
O4 - Startup: Download.lnk = C:\ProgramData\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7943 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\TampaGeneration\TampaGeneration.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\TampaGeneration\TampaGeneration.dll",serv
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe" /TUStart /pid:1476
"C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe" --startup=1
"C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 416
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
taskeng.exe {90C47C50-7F7A-4A5C-BB0C-F41C9440D5B8}
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\StikyNot.exe"
"C:\Fraps\fraps.exe"
"C:\Fraps\fraps64.dat"
"C:\Users\Erutan\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\Erutan\AppData\Local\Temp\[CzT]Temne_nebe_Dark_Skies_2013_CZ_EN_1080pHD_.torrent"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Erutan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\extensions\
DTToolbar@toolbarnet.com
fftoolbar2014@etech.com
qL@nrj7S.com
Vov@P.org
C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\searchplugins\
mystartsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30 1678792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"=C:\Program Files\VIA XHCI UASP Utility\usb3Monitor []
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-05-12 7575256]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2014-02-21 41088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"=C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [2014-02-24 1440768]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-01-30 55568]
C:\Users\Erutan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4-Fraps.lnk - C:\Fraps\fraps.exe
Download.lnk - C:\ProgramData\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-06 22:07:45 ----D---- C:\rsit
2015-02-06 22:07:45 ----D---- C:\Program Files\trend micro
2015-02-04 19:25:38 ----D---- C:\Hry
2015-02-04 16:01:34 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2015-02-01 15:46:28 ----D---- C:\ProgramData\Qualcomm
2015-02-01 15:46:16 ----D---- C:\Program Files\Qualcomm Atheros
2015-02-01 15:26:17 ----D---- C:\ProgramData\ATI
2015-02-01 15:25:55 ----D---- C:\Users\Erutan\AppData\Roaming\Raptr
2015-02-01 15:25:55 ----D---- C:\Program Files (x86)\Raptr
2015-02-01 15:25:52 ----D---- C:\Program Files (x86)\AMD AVT
2015-02-01 14:34:22 ----D---- C:\Users\Erutan\AppData\Roaming\EZDownloader
2015-02-01 14:32:23 ----D---- C:\Program Files (x86)\TampaGeneration
2015-02-01 14:31:45 ----D---- C:\ProgramData\8466323655188490573
2015-02-01 14:31:45 ----D---- C:\Program Files (x86)\unisAles
2015-02-01 14:31:24 ----D---- C:\ProgramData\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}
2015-02-01 13:10:51 ----D---- C:\Program Files (x86)\GreenTree Applications
2015-01-31 23:39:55 ----D---- C:\ProgramData\ALI213
2015-01-28 00:00:36 ----D---- C:\ProgramData\Package Cache
2015-01-25 00:16:04 ----D---- C:\Program Files (x86)\Ubisoft
2015-01-24 23:43:57 ----D---- C:\ProgramData\Ubisoft
2015-01-23 21:28:37 ----D---- C:\Program Files (x86)\OpenAL
2015-01-23 21:28:37 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2015-01-23 21:28:37 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2015-01-23 21:28:37 ----A---- C:\Windows\system32\wrap_oal.dll
2015-01-23 21:28:37 ----A---- C:\Windows\system32\OpenAL32.dll
2015-01-23 10:28:28 ----D---- C:\Users\Erutan\AppData\Roaming\PowerUp Software
2015-01-23 10:28:13 ----D---- C:\ProgramData\PowerUp Software
2015-01-23 10:28:12 ----RS---- C:\Windows\SYSWOW64\msstkprp.dll
2015-01-23 10:28:12 ----N---- C:\Windows\SYSWOW64\ADsSecurity.dll
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\zlib.dll
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\SSubTmr6.dll
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\dx8vb.dll
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\dsofile.dll
2015-01-23 10:28:12 ----A---- C:\Windows\SYSWOW64\capicom.dll
2015-01-21 19:22:54 ----N---- C:\Windows\Updreg.EXE
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\ResDefA.exe
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\MBCfgUninstall32.ini
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\MBCfg32.ini
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\MBCfg32.exe
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\MBCfg32.dll
2015-01-21 19:22:50 ----N---- C:\Windows\SYSWOW64\ChezSC32.DLL
2015-01-21 19:22:50 ----N---- C:\Windows\system32\MBCfgUninstall64.ini
2015-01-21 19:22:50 ----N---- C:\Windows\system32\MBCfg64.ini
2015-01-21 19:22:50 ----N---- C:\Windows\system32\MBCfg64.exe
2015-01-21 19:22:50 ----N---- C:\Windows\system32\MBCfg64.dll
2015-01-21 19:22:50 ----N---- C:\Windows\system32\ChezSC64.DLL
2015-01-21 19:22:50 ----N---- C:\Windows\MBCfg_SP_APOIM.ini
2015-01-21 19:22:50 ----N---- C:\Windows\MBCfg_HP_APOIM.ini
2015-01-21 19:22:50 ----N---- C:\Windows\MBCfg_APOIM.ini
2015-01-21 19:22:44 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2015-01-21 19:22:44 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2015-01-21 19:22:44 ----A---- C:\Windows\system32\CmdRtr64.DLL
2015-01-21 19:22:44 ----A---- C:\Windows\system32\APOMgr64.DLL
2015-01-21 19:18:40 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-01-21 19:18:40 ----D---- C:\Program Files\Realtek
2015-01-21 19:18:30 ----A---- C:\Windows\system32\drivers\MBfilt64.sys
2015-01-21 19:18:29 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-01-21 19:18:29 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-01-21 19:18:29 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-01-21 19:18:29 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-01-21 19:18:29 ----A---- C:\Windows\system32\SRSHP64.dll
2015-01-21 19:18:28 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-01-21 19:18:28 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-01-21 19:18:28 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-01-21 19:18:28 ----A---- C:\Windows\system32\RtkApi64.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RtDataProc64.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RTCOM64.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\RltkAPO64.dll
2015-01-21 19:18:27 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2015-01-21 19:18:26 ----A---- C:\Windows\system32\RTEED64A.dll
2015-01-21 19:18:26 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-01-21 19:18:26 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-01-21 19:18:26 ----A---- C:\Windows\system32\RCoInstII64.dll
2015-01-21 19:18:26 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-01-21 19:18:07 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-01-21 19:18:07 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-01-21 19:18:06 ----A---- C:\Windows\system32\MBWrp64.dll
2015-01-21 19:18:06 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-21 19:18:05 ----A---- C:\Windows\SYSWOW64\MBAPO232.dll
2015-01-21 19:18:05 ----A---- C:\Windows\system32\MBAPO264.dll
2015-01-21 19:18:02 ----A---- C:\Windows\system32\FMAPO64.dll
2015-01-21 19:17:59 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-21 19:17:58 ----D---- C:\Program Files (x86)\Realtek
2015-01-21 19:17:58 ----A---- C:\Windows\system32\AERTAR64.dll
2015-01-21 19:17:58 ----A---- C:\Windows\system32\AERTAC64.dll
2015-01-21 19:17:55 ----R---- C:\Windows\RtlExUpd.dll
2015-01-18 17:01:26 ----D---- C:\Users\Erutan\AppData\Roaming\library_dir
2015-01-18 07:46:46 ----D---- C:\Users\Erutan\AppData\Roaming\dvdcss
2015-01-17 16:20:34 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-17 15:15:48 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 15:11:19 ----D---- C:\Windows\Migration
2015-01-12 17:59:39 ----D---- C:\Windows\SYSWOW64\xlive
2015-01-12 17:59:38 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-11 16:45:02 ----D---- C:\ProgramData\Media Center Programs
2015-01-11 14:37:54 ----SHD---- C:\ProgramData\SecuROM
2015-01-09 10:39:14 ----D---- C:\debug
2015-01-09 10:23:00 ----D---- C:\Users\Erutan\AppData\Roaming\ParetoLogic
2015-01-09 10:23:00 ----D---- C:\Users\Erutan\AppData\Roaming\DriverCure
2015-01-09 10:22:51 ----D---- C:\ProgramData\ParetoLogic
2015-01-09 09:21:29 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-02-06 22:07:49 ----D---- C:\Windows\Prefetch
2015-02-06 22:07:46 ----D---- C:\Windows\Temp
2015-02-06 22:07:45 ----RD---- C:\Program Files
2015-02-06 22:07:42 ----D---- C:\Users\Erutan\AppData\Roaming\uTorrent
2015-02-06 22:01:15 ----D---- C:\Windows
2015-02-06 21:24:36 ----D---- C:\MSI
2015-02-06 21:18:01 ----D---- C:\ProgramData\Origin
2015-02-06 20:35:51 ----D---- C:\Program Files (x86)\Origin
2015-02-06 20:25:25 ----D---- C:\Users\Erutan\AppData\Roaming\vlc
2015-02-06 14:48:03 ----D---- C:\Windows\System32
2015-02-06 14:48:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-06 14:48:02 ----D---- C:\Windows\inf
2015-02-05 20:38:39 ----D---- C:\Windows\SYSWOW64\directx
2015-02-05 20:15:18 ----D---- C:\Windows\SysWOW64
2015-02-05 20:15:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 16:20:21 ----SHD---- C:\System Volume Information
2015-02-04 19:44:09 ----RSD---- C:\Windows\assembly
2015-02-04 17:08:58 ----RD---- C:\Program Files (x86)
2015-02-04 16:39:25 ----SHD---- C:\Windows\Installer
2015-02-04 16:39:25 ----SHD---- C:\Config.Msi
2015-02-04 16:10:59 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-03 19:38:46 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-02-02 08:23:13 ----D---- C:\Windows\system32\config
2015-02-01 16:39:35 ----D---- C:\Windows\Microsoft.NET
2015-02-01 15:46:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-01 15:46:28 ----HD---- C:\ProgramData
2015-02-01 15:46:23 ----D---- C:\Windows\system32\drivers
2015-02-01 15:46:22 ----D---- C:\Windows\system32\DriverStore
2015-02-01 15:46:22 ----D---- C:\Windows\system32\catroot
2015-02-01 15:41:48 ----D---- C:\Windows\system32\catroot2
2015-02-01 15:29:04 ----D---- C:\Program Files (x86)\MSI
2015-02-01 15:28:25 ----D---- C:\Windows\system32\Tasks
2015-02-01 15:26:16 ----D---- C:\Windows\winsxs
2015-02-01 15:25:53 ----D---- C:\ProgramData\AMD
2015-02-01 15:25:51 ----SD---- C:\Users\Erutan\AppData\Roaming\Microsoft
2015-02-01 15:25:51 ----D---- C:\Program Files\AMD
2015-02-01 15:25:51 ----D---- C:\Program Files (x86)\AMD
2015-02-01 15:25:29 ----D---- C:\Program Files\ATI Technologies
2015-02-01 15:21:48 ----D---- C:\Program Files (x86)\Common Files
2015-02-01 15:18:02 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-28 13:10:40 ----D---- C:\Windows\system32\wdi
2015-01-27 12:14:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-23 18:14:35 ----D---- C:\Program Files (x86)\The KMPlayer
2015-01-21 19:22:50 ----D---- C:\ProgramData\Creative
2015-01-21 19:22:21 ----D---- C:\Program Files (x86)\Creative
2015-01-21 19:18:53 ----HD---- C:\Program Files (x86)\Temp
2015-01-20 16:36:21 ----D---- C:\Users\Erutan\AppData\Roaming\Skype
2015-01-18 16:58:46 ----D---- C:\AMD
2015-01-17 15:11:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-01-17 15:11:19 ----SD---- C:\ProgramData\Microsoft
2015-01-13 19:50:34 ----D---- C:\Users\Erutan\AppData\Roaming\Opera Software
2015-01-13 19:50:26 ----D---- C:\Program Files (x86)\Winamp
2015-01-12 17:59:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-01-09 10:31:54 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-12-20 834544]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-11-08 80080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2014-10-06 34136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-13 3962840]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-25 11856]
R3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2014-01-20 225792]
R3 xhcdrv;VIA USB eXtensible Host Controller Service; C:\Windows\system32\DRIVERS\xhcdrv.sys [2014-01-20 297472]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-21 79976]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amf8fen9;amf8fen9; C:\Windows\system32\drivers\amf8fen9.sys []
S3 MSICDSetup;MSICDSetup; \??\H:\CDriver64.sys []
S3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\H:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 d65a1a66;TampaGeneration; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-02-03 76152]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-01-22 344576]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2011-11-15 1403200]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-01-27 1910128]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2014-12-20 607040]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu z RSIT :)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu logu z RSIT :)
Zdravím, smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: Prosim o kontrolu logu z RSIT :)
Ccleaner pouzivam pravidelne 
zde je log: (jeste bych se chtel zeptat jak vymazat mystartsearch, nebo jestli ho uz vymazal adwcleaner )
# AdwCleaner v4.110 - Logfile created 07/02/2015 at 00:05:31
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Professional (x64)
# Username : Erutan - ERUTAN-PC
# Running from : C:\Users\Erutan\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : d65a1a66
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\ParetoLogic
[!] Folder Deleted : C:\ProgramData\8466323655188490573
[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[!] Folder Deleted : C:\Program Files (x86)\TampaGeneration
[!] Folder Deleted : C:\Program Files (x86)\unisAles
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\DriverCure
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\EZDownloader
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\OpenCandy
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\ParetoLogic
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\RHEng
[!] Folder Deleted : C:\Users\Erutan\Documents\Optimizer Pro
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\DTToolbar@toolbarnet.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\fftoolbar2014@etech.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\qL@nrj7S.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\Vov@P.org
File Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\searchplugins\mystartsearch.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\P5e7d43e2_6431_463b_a8d8_99dd41add15f_.P5e7d43e2_6431_463b_a8d8_99dd41add15f_
Key Deleted : HKLM\SOFTWARE\Classes\P5e7d43e2_6431_463b_a8d8_99dd41add15f_.P5e7d43e2_6431_463b_a8d8_99dd41add15f_.9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.7600.16385
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0.1 (x86 cs)
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
*************************
AdwCleaner[R0].txt - [8165 bytes] - [07/02/2015 00:02:40]
AdwCleaner[S0].txt - [6826 bytes] - [07/02/2015 00:05:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6885 bytes] ##########
zde je log: (jeste bych se chtel zeptat jak vymazat mystartsearch, nebo jestli ho uz vymazal adwcleaner
)# AdwCleaner v4.110 - Logfile created 07/02/2015 at 00:05:31
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Professional (x64)
# Username : Erutan - ERUTAN-PC
# Running from : C:\Users\Erutan\Desktop\adwcleaner_4.110.exe
# Option : Cleaning
***** [ Services ] *****
Service Deleted : d65a1a66
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\ParetoLogic
[!] Folder Deleted : C:\ProgramData\8466323655188490573
[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[!] Folder Deleted : C:\Program Files (x86)\TampaGeneration
[!] Folder Deleted : C:\Program Files (x86)\unisAles
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\DriverCure
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\EZDownloader
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\OpenCandy
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\ParetoLogic
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\RHEng
[!] Folder Deleted : C:\Users\Erutan\Documents\Optimizer Pro
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\DTToolbar@toolbarnet.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\fftoolbar2014@etech.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\qL@nrj7S.com
[!] Folder Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\Extensions\Vov@P.org
File Deleted : C:\Users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\searchplugins\mystartsearch.xml
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\P5e7d43e2_6431_463b_a8d8_99dd41add15f_.P5e7d43e2_6431_463b_a8d8_99dd41add15f_
Key Deleted : HKLM\SOFTWARE\Classes\P5e7d43e2_6431_463b_a8d8_99dd41add15f_.P5e7d43e2_6431_463b_a8d8_99dd41add15f_.9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5e7d43e2-6431-463b-a8d8-99dd41add15f}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.7600.16385
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v35.0.1 (x86 cs)
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}");
[tggp1b3o.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
*************************
AdwCleaner[R0].txt - [8165 bytes] - [07/02/2015 00:02:40]
AdwCleaner[S0].txt - [6826 bytes] - [07/02/2015 00:05:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6885 bytes] ##########
Re: Prosim o kontrolu logu z RSIT :)
Měl by být již smazán.Erutan píše:(jeste bych se chtel zeptat jak vymazat mystartsearch, nebo jestli ho uz vymazal adwcleaner
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosim o kontrolu logu z RSIT :)
ComboFix 15-02-02.01 - Erutan 07.02.2015 22:31:16.1.6 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.8140.5953 [GMT 1:00]
Spuštěný z: c:\users\Erutan\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\TheAdBlock
c:\programdata\TheAdBlock\TheAdBlock.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-07 do 2015-02-07 )))))))))))))))))))))))))))))))
.
.
2015-02-07 21:34 . 2015-02-07 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-07 20:17 . 2015-02-07 20:17 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2015-02-07 20:15 . 2015-02-07 20:15 -------- d-----w- c:\users\Erutan\AppData\Local\2K Games
2015-02-06 23:02 . 2015-02-06 23:05 -------- d-----w- C:\AdwCleaner
2015-02-06 21:07 . 2015-02-06 21:07 -------- d-----w- C:\rsit
2015-02-06 21:07 . 2015-02-06 21:07 -------- d-----w- c:\program files\trend micro
2015-02-05 19:39 . 2015-02-05 19:39 -------- d-----w- c:\users\Erutan\AppData\Local\The Witcher 2
2015-02-04 18:25 . 2015-02-04 18:25 -------- d-----w- C:\Hry
2015-02-04 15:01 . 2015-02-04 15:01 -------- d-----w- c:\users\Erutan\AppData\Local\ESN
2015-02-04 15:01 . 2015-02-07 13:34 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2015-02-01 15:19 . 2015-02-01 15:19 -------- d-----w- c:\users\Erutan\AppData\Local\THQ
2015-02-01 14:46 . 2015-02-01 14:46 -------- d-----w- c:\programdata\Qualcomm
2015-02-01 14:46 . 2015-02-01 14:46 -------- d-----w- c:\program files\Qualcomm Atheros
2015-02-01 14:26 . 2015-02-01 14:26 -------- d-----w- c:\programdata\ATI
2015-02-01 14:25 . 2015-02-06 21:00 -------- d-----w- c:\users\Erutan\AppData\Roaming\Raptr
2015-02-01 14:25 . 2015-02-01 14:26 -------- d-----w- c:\program files (x86)\Raptr
2015-02-01 14:25 . 2015-02-01 14:25 -------- d-----w- c:\program files (x86)\AMD AVT
2015-02-01 14:21 . 2015-02-01 14:21 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-02-01 13:31 . 2015-02-01 13:51 -------- d-----w- c:\programdata\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}
2015-01-31 22:39 . 2015-01-31 22:39 -------- d-----w- c:\programdata\ALI213
2015-01-27 23:00 . 2015-02-04 15:39 -------- d-----w- c:\programdata\Package Cache
2015-01-24 23:16 . 2015-01-24 23:16 -------- d-----w- c:\program files (x86)\Ubisoft
2015-01-24 22:47 . 2015-01-24 22:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2015-01-24 22:43 . 2015-01-24 22:43 -------- d-----w- c:\programdata\Ubisoft
2015-01-24 14:07 . 2015-02-07 20:17 -------- d-----w- c:\users\Erutan\AppData\Local\SKIDROW
2015-01-24 14:07 . 2015-01-24 14:35 -------- d-----w- c:\users\Erutan\AppData\Local\Darksiders2
2015-01-23 20:28 . 2015-01-24 22:47 -------- d-----w- c:\program files (x86)\OpenAL
2015-01-23 20:28 . 2015-01-23 20:28 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2015-01-23 20:28 . 2015-01-23 20:28 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-01-23 20:28 . 2015-01-23 20:28 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2015-01-23 20:28 . 2015-01-23 20:28 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-01-22 23:43 . 2015-01-22 23:43 -------- d-----w- c:\users\Erutan\AppData\Local\CAPCOM
2015-01-21 18:22 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2015-01-21 18:22 . 2014-02-21 09:57 38016 ------w- c:\windows\SysWow64\MBCfg32.dll
2015-01-21 18:22 . 2014-02-21 09:57 41088 ------w- c:\windows\system32\MBCfg64.dll
2015-01-21 18:22 . 2013-12-24 12:43 375424 ------w- c:\windows\system32\ChezSC64.DLL
2015-01-21 18:22 . 2013-12-24 12:42 327296 ------w- c:\windows\SysWow64\ChezSC32.DLL
2015-01-21 18:22 . 2013-04-23 09:54 148096 ------w- c:\windows\system32\MBCfg64.exe
2015-01-21 18:22 . 2013-04-23 09:53 138880 ------w- c:\windows\SysWow64\MBCfg32.exe
2015-01-21 18:22 . 2013-04-23 09:53 15488 ------w- c:\windows\SysWow64\ResDefA.exe
2015-01-21 18:22 . 2014-02-21 10:21 89600 ----a-w- c:\windows\system32\CmdRtr64.DLL
2015-01-21 18:22 . 2014-02-21 10:20 74240 ----a-w- c:\windows\SysWow64\CmdRtr.DLL
2015-01-21 18:22 . 2014-02-21 10:19 366080 ----a-w- c:\windows\system32\APOMgr64.DLL
2015-01-21 18:22 . 2014-02-21 10:17 274944 ----a-w- c:\windows\SysWow64\APOMngr.DLL
2015-01-21 18:17 . 2013-10-11 04:47 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-21 18:17 . 2015-01-21 18:17 -------- d-----w- c:\program files (x86)\Realtek
2015-01-21 18:17 . 2013-10-15 19:43 209096 ----a-w- c:\windows\system32\AERTAC64.dll
2015-01-21 18:17 . 2012-03-08 03:47 108640 ----a-w- c:\windows\system32\AERTAR64.dll
2015-01-21 18:17 . 2014-02-26 07:16 2080472 ------r- c:\windows\RtlExUpd.dll
2015-01-21 18:17 . 2006-02-07 14:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2015-01-18 16:01 . 2015-01-18 16:01 -------- d-----w- c:\users\Erutan\AppData\Roaming\library_dir
2015-01-18 06:46 . 2015-02-06 21:13 -------- d-----w- c:\users\Erutan\AppData\Roaming\dvdcss
2015-01-17 14:11 . 2015-01-17 14:11 -------- d-----w- c:\windows\Migration
2015-01-16 22:41 . 2015-01-16 22:41 -------- d-----w- c:\users\Erutan\AppData\Local\bizarre creations
2015-01-13 19:01 . 2015-01-13 19:01 -------- d-----w- c:\users\Erutan\AppData\Local\Apps
2015-01-12 16:59 . 2015-01-12 16:59 -------- d-----w- c:\windows\SysWow64\xlive
2015-01-12 16:59 . 2015-01-12 16:59 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2015-01-11 15:45 . 2015-01-11 15:45 -------- d-----w- c:\programdata\Media Center Programs
2015-01-11 13:37 . 2015-01-11 13:37 -------- d-----w- c:\users\Erutan\AppData\Local\Rockstar Games
2015-01-11 13:37 . 2015-01-11 13:37 -------- d-sh--w- c:\programdata\SecuROM
2015-01-09 09:39 . 2015-01-09 09:39 -------- d-----w- C:\debug
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-07 14:49 . 2014-12-30 16:07 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-02-07 14:24 . 2014-12-30 16:07 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-02-07 13:30 . 2014-12-30 16:07 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-02-05 19:15 . 2014-12-20 20:55 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 19:15 . 2014-12-20 20:55 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-30 17:19 . 2014-12-30 16:07 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-15 03:13 . 2014-12-20 20:01 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE7E9A56-7E4C-4AB6-AE2E-A04E01C8CCDF}\mpengine.dll
2014-11-24 13:04 . 2014-12-20 20:01 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 02:44 . 2014-11-21 02:44 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2012-05-04 18:36 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2013-12-06 22:03 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2012-05-04 18:35 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2012-05-04 19:40 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2012-05-04 19:42 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2012-05-04 19:16 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2014-11-21 02:44 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2012-05-04 18:54 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2012-05-04 18:58 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2013-12-06 21:57 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2013-12-06 21:56 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-21 02:12 . 2014-11-21 02:12 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-21 02:12 . 2014-11-21 02:12 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-21 02:12 . 2014-11-21 02:12 774656 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 244736 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-21 02:10 . 2014-11-21 02:10 843776 ----a-w- c:\windows\system32\coinst_14.50.dll
2014-11-21 02:09 . 2014-11-21 02:09 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-21 02:09 . 2014-11-21 02:09 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-21 02:09 . 2014-11-21 02:09 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-21 02:09 . 2014-11-21 02:09 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-21 02:09 . 2014-11-21 02:09 1214976 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-21 02:09 . 2013-12-06 20:22 903168 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-21 02:09 . 2014-11-21 02:09 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-21 02:08 . 2014-11-21 02:08 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 589312 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-21 02:08 . 2014-11-21 02:08 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-20 20:36 . 2014-11-20 20:36 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-20 20:35 . 2014-11-20 20:35 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"="c:\program files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" [2014-02-24 1440768]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2015-01-30 55568]
.
c:\users\Erutan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
4-Fraps.lnk - c:\fraps\fraps.exe [2012-8-30 2550968]
Download.lnk - c:\programdata\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe --startup=1 [2015-2-1 1062912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 MSICDSetup;MSICDSetup;h:\cdriver64.sys;h:\CDriver64.sys [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;h:\ntiolib_x64.sys;h:\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AIDA64DRIVER
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-12 7575256]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2014-02-21 41088]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - ExtSQL: 2014-12-20 21:10; DTToolbar@toolbarnet.com; c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\extensions\DTToolbar@toolbarnet.com
FF - ExtSQL: 2014-12-20 21:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-Steam - e:\steam\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-02-07 22:35:35
ComboFix-quarantined-files.txt 2015-02-07 21:35
.
Před spuštěním: Volných bajtů: 55 592 030 208
Po spuštění: Volných bajtů: 55 344 570 368
.
- - End Of File - - 5AE8F4D5B421A7494D9FCE7CE93D60D3
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.8140.5953 [GMT 1:00]
Spuštěný z: c:\users\Erutan\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\TheAdBlock
c:\programdata\TheAdBlock\TheAdBlock.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-07 do 2015-02-07 )))))))))))))))))))))))))))))))
.
.
2015-02-07 21:34 . 2015-02-07 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-07 20:17 . 2015-02-07 20:17 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2015-02-07 20:15 . 2015-02-07 20:15 -------- d-----w- c:\users\Erutan\AppData\Local\2K Games
2015-02-06 23:02 . 2015-02-06 23:05 -------- d-----w- C:\AdwCleaner
2015-02-06 21:07 . 2015-02-06 21:07 -------- d-----w- C:\rsit
2015-02-06 21:07 . 2015-02-06 21:07 -------- d-----w- c:\program files\trend micro
2015-02-05 19:39 . 2015-02-05 19:39 -------- d-----w- c:\users\Erutan\AppData\Local\The Witcher 2
2015-02-04 18:25 . 2015-02-04 18:25 -------- d-----w- C:\Hry
2015-02-04 15:01 . 2015-02-04 15:01 -------- d-----w- c:\users\Erutan\AppData\Local\ESN
2015-02-04 15:01 . 2015-02-07 13:34 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2015-02-01 15:19 . 2015-02-01 15:19 -------- d-----w- c:\users\Erutan\AppData\Local\THQ
2015-02-01 14:46 . 2015-02-01 14:46 -------- d-----w- c:\programdata\Qualcomm
2015-02-01 14:46 . 2015-02-01 14:46 -------- d-----w- c:\program files\Qualcomm Atheros
2015-02-01 14:26 . 2015-02-01 14:26 -------- d-----w- c:\programdata\ATI
2015-02-01 14:25 . 2015-02-06 21:00 -------- d-----w- c:\users\Erutan\AppData\Roaming\Raptr
2015-02-01 14:25 . 2015-02-01 14:26 -------- d-----w- c:\program files (x86)\Raptr
2015-02-01 14:25 . 2015-02-01 14:25 -------- d-----w- c:\program files (x86)\AMD AVT
2015-02-01 14:21 . 2015-02-01 14:21 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2015-02-01 13:31 . 2015-02-01 13:51 -------- d-----w- c:\programdata\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}
2015-01-31 22:39 . 2015-01-31 22:39 -------- d-----w- c:\programdata\ALI213
2015-01-27 23:00 . 2015-02-04 15:39 -------- d-----w- c:\programdata\Package Cache
2015-01-24 23:16 . 2015-01-24 23:16 -------- d-----w- c:\program files (x86)\Ubisoft
2015-01-24 22:47 . 2015-01-24 22:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2015-01-24 22:43 . 2015-01-24 22:43 -------- d-----w- c:\programdata\Ubisoft
2015-01-24 14:07 . 2015-02-07 20:17 -------- d-----w- c:\users\Erutan\AppData\Local\SKIDROW
2015-01-24 14:07 . 2015-01-24 14:35 -------- d-----w- c:\users\Erutan\AppData\Local\Darksiders2
2015-01-23 20:28 . 2015-01-24 22:47 -------- d-----w- c:\program files (x86)\OpenAL
2015-01-23 20:28 . 2015-01-23 20:28 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2015-01-23 20:28 . 2015-01-23 20:28 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-01-23 20:28 . 2015-01-23 20:28 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2015-01-23 20:28 . 2015-01-23 20:28 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-01-22 23:43 . 2015-01-22 23:43 -------- d-----w- c:\users\Erutan\AppData\Local\CAPCOM
2015-01-21 18:22 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2015-01-21 18:22 . 2014-02-21 09:57 38016 ------w- c:\windows\SysWow64\MBCfg32.dll
2015-01-21 18:22 . 2014-02-21 09:57 41088 ------w- c:\windows\system32\MBCfg64.dll
2015-01-21 18:22 . 2013-12-24 12:43 375424 ------w- c:\windows\system32\ChezSC64.DLL
2015-01-21 18:22 . 2013-12-24 12:42 327296 ------w- c:\windows\SysWow64\ChezSC32.DLL
2015-01-21 18:22 . 2013-04-23 09:54 148096 ------w- c:\windows\system32\MBCfg64.exe
2015-01-21 18:22 . 2013-04-23 09:53 138880 ------w- c:\windows\SysWow64\MBCfg32.exe
2015-01-21 18:22 . 2013-04-23 09:53 15488 ------w- c:\windows\SysWow64\ResDefA.exe
2015-01-21 18:22 . 2014-02-21 10:21 89600 ----a-w- c:\windows\system32\CmdRtr64.DLL
2015-01-21 18:22 . 2014-02-21 10:20 74240 ----a-w- c:\windows\SysWow64\CmdRtr.DLL
2015-01-21 18:22 . 2014-02-21 10:19 366080 ----a-w- c:\windows\system32\APOMgr64.DLL
2015-01-21 18:22 . 2014-02-21 10:17 274944 ----a-w- c:\windows\SysWow64\APOMngr.DLL
2015-01-21 18:17 . 2013-10-11 04:47 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-21 18:17 . 2015-01-21 18:17 -------- d-----w- c:\program files (x86)\Realtek
2015-01-21 18:17 . 2013-10-15 19:43 209096 ----a-w- c:\windows\system32\AERTAC64.dll
2015-01-21 18:17 . 2012-03-08 03:47 108640 ----a-w- c:\windows\system32\AERTAR64.dll
2015-01-21 18:17 . 2014-02-26 07:16 2080472 ------r- c:\windows\RtlExUpd.dll
2015-01-21 18:17 . 2006-02-07 14:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2015-01-18 16:01 . 2015-01-18 16:01 -------- d-----w- c:\users\Erutan\AppData\Roaming\library_dir
2015-01-18 06:46 . 2015-02-06 21:13 -------- d-----w- c:\users\Erutan\AppData\Roaming\dvdcss
2015-01-17 14:11 . 2015-01-17 14:11 -------- d-----w- c:\windows\Migration
2015-01-16 22:41 . 2015-01-16 22:41 -------- d-----w- c:\users\Erutan\AppData\Local\bizarre creations
2015-01-13 19:01 . 2015-01-13 19:01 -------- d-----w- c:\users\Erutan\AppData\Local\Apps
2015-01-12 16:59 . 2015-01-12 16:59 -------- d-----w- c:\windows\SysWow64\xlive
2015-01-12 16:59 . 2015-01-12 16:59 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2015-01-11 15:45 . 2015-01-11 15:45 -------- d-----w- c:\programdata\Media Center Programs
2015-01-11 13:37 . 2015-01-11 13:37 -------- d-----w- c:\users\Erutan\AppData\Local\Rockstar Games
2015-01-11 13:37 . 2015-01-11 13:37 -------- d-sh--w- c:\programdata\SecuROM
2015-01-09 09:39 . 2015-01-09 09:39 -------- d-----w- C:\debug
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-07 14:49 . 2014-12-30 16:07 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-02-07 14:24 . 2014-12-30 16:07 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-02-07 13:30 . 2014-12-30 16:07 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-02-05 19:15 . 2014-12-20 20:55 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 19:15 . 2014-12-20 20:55 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-30 17:19 . 2014-12-30 16:07 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-15 03:13 . 2014-12-20 20:01 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE7E9A56-7E4C-4AB6-AE2E-A04E01C8CCDF}\mpengine.dll
2014-11-24 13:04 . 2014-12-20 20:01 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 02:44 . 2014-11-21 02:44 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2012-05-04 18:36 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2013-12-06 22:03 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2012-05-04 18:35 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2012-05-04 19:40 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2012-05-04 19:42 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2012-05-04 19:16 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2014-11-21 02:44 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2012-05-04 18:54 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2012-05-04 18:58 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2013-12-06 21:57 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2013-12-06 21:56 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-21 02:12 . 2014-11-21 02:12 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-21 02:12 . 2014-11-21 02:12 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-21 02:12 . 2014-11-21 02:12 774656 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 244736 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-21 02:10 . 2014-11-21 02:10 843776 ----a-w- c:\windows\system32\coinst_14.50.dll
2014-11-21 02:09 . 2014-11-21 02:09 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-21 02:09 . 2014-11-21 02:09 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-21 02:09 . 2014-11-21 02:09 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-21 02:09 . 2014-11-21 02:09 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-21 02:09 . 2014-11-21 02:09 1214976 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-21 02:09 . 2013-12-06 20:22 903168 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-21 02:09 . 2014-11-21 02:09 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-21 02:08 . 2014-11-21 02:08 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 589312 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-21 02:08 . 2014-11-21 02:08 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-20 20:36 . 2014-11-20 20:36 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-20 20:35 . 2014-11-20 20:35 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"="c:\program files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" [2014-02-24 1440768]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2015-01-30 55568]
.
c:\users\Erutan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
4-Fraps.lnk - c:\fraps\fraps.exe [2012-8-30 2550968]
Download.lnk - c:\programdata\{8ef2cf4b-55d8-3294-8ef2-2cf4b55d3d2d}\Download.exe --startup=1 [2015-2-1 1062912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 MSICDSetup;MSICDSetup;h:\cdriver64.sys;h:\CDriver64.sys [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;h:\ntiolib_x64.sys;h:\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AIDA64DRIVER
.
Obsah adresáře 'Naplánované úlohy'
.
2015-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-12 7575256]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2014-02-21 41088]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - ExtSQL: 2014-12-20 21:10; DTToolbar@toolbarnet.com; c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\extensions\DTToolbar@toolbarnet.com
FF - ExtSQL: 2014-12-20 21:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Erutan\AppData\Roaming\Mozilla\Firefox\Profiles\tggp1b3o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-Steam - e:\steam\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-02-07 22:35:35
ComboFix-quarantined-files.txt 2015-02-07 21:35
.
Před spuštěním: Volných bajtů: 55 592 030 208
Po spuštění: Volných bajtů: 55 344 570 368
.
- - End Of File - - 5AE8F4D5B421A7494D9FCE7CE93D60D3
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosim o kontrolu logu z RSIT :)
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
Re: Prosim o kontrolu logu z RSIT :)
Hotovo
jeste se chci zeptat na dve veci
V programu tuneUP se mi zobrazuje tohle.....
Mam nejaktualnejsi ovladavce na grafiku.
A Druha vec : ve 2 z 4 disku semi vytvorila slozka boot (v ni jsou dalsi slozky s jazyky -cz,de,uk,it,ja- a exe soubor memtest) slozka se vytvorila po pouziti combofixu ale po oninstalovani nezmizela
jeste se chci zeptat na dve veci
V programu tuneUP se mi zobrazuje tohle.....
- Bez názvu.png (145.1 KiB) Zobrazeno 1771 x
A Druha vec : ve 2 z 4 disku semi vytvorila slozka boot (v ni jsou dalsi slozky s jazyky -cz,de,uk,it,ja- a exe soubor memtest) slozka se vytvorila po pouziti combofixu ale po oninstalovani nezmizela
Re: Prosim o kontrolu logu z RSIT :)
Jedná se o ovladač grafiky, odinstaloval bych ten co tam máš, protáhl PC CCleanerem a nainstaloval aktuální.Erutan píše:Hotovo
jeste se chci zeptat na dve veci
Mam nejaktualnejsi ovladavce na grafiku.
Ještě jedna věc, softík tohoto typu není ideální pomocník, nikdy nevíš co kde jak a pak se člověk nestačí divit.
Zjednodušeně řečeno, ComboFix udělal zálohu před mazáním.Erutan píše:A Druha vec : ve 2 z 4 disku semi vytvorila slozka boot (v ni jsou dalsi slozky s jazyky -cz,de,uk,it,ja- a exe soubor memtest) slozka se vytvorila po pouziti combofixu ale po oninstalovani nezmizela
Re: Prosim o kontrolu logu z RSIT :)
mel jsem ovladace na ati grafiku verzi 14.12 tak jsem je odinstaloval projel pc cclenerem resnul pc a nainstaloval aktualni coz jsou 14.12 (a chybku to hlasi stale) nemam to resit a tuneup odinstalovat je to jen trial verze...a ty slozky co vytvoril combo na zalohu jdou neak odstranit nebo je mam nechat tak?
Re: Prosim o kontrolu logu z RSIT :)
Ne neřeš a TuneUp s klidným svědomím odinstaluj.Erutan píše:nemam to resit a tuneup odinstalovat je to jen trial verze...
Pokud je to na systémovém disku nech je být jinak smazat.Erutan píše:a ty slozky co vytvoril combo na zalohu jdou neak odstranit nebo je mam nechat tak?
Re: Prosim o kontrolu logu z RSIT :)
TuneUp je pryc a jedna slozka z combofixu je na systemovem a druha na disku pro hry tak to nebudu resit
a jedna slozka z combofixu je na systemovem a druha na disku pro hry tak to nebudu resit Re: Prosim o kontrolu logu z RSIT :)
Bez problemu!
Přispějete na provoz fóra?