Dobry den,
V poslednom case sa mi stava, ze ked chcem pouzit pismena na klavesnica tak ich funkcia je ina ako by mala byt. Uvediem priklad, mam Windwos 8.1, ked chcem napisat S tak sa mi napravo otvori okienko na vyhladavanie. Taketo spravanie nastava nahodne ale casto, riesenim je len restart pocitaca. Dalej mi nejde updatovat Malwarebyte's Antimalware.
Prikladam log z RSIT, dufam, ze mi bude niekto schopny poradit.
Vopred dakujem.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2015-06-05 23:21:25
Microsoft Windows 8.1 Pro
System drive C: has 38 GB (16%) free of 244 GB
Total RAM: 16245 MB (68% free)
HijackThis download failed
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 9c52ec7f-1ebb-43cb-bdb9-d5ba818d35d1 1
\??\C:\Windows\system32\conhost.exe 0x4
dashost.exe {cbfa983a-ba6c-4129-92c517aace4d8dba}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
igfxEM.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"dwm.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"
"C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe" /i
"C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe" /i
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp.exe" --normal
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"
"C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe"
C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4208.1.1280755118\1346130566" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4208 "\\.\pipe\gecko-crash-server-pipe.4208" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --proxy-stub-channel=Flash3000.68284398.5663 --host-broker-channel=Flash3000.68284398.7712 --host-pid=3000 --host-npapi-version=28 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_17_0_0_188.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe" --channel=4844.0090F57C.1354214380 --proxy-stub-channel=Flash3000.68284398.5663 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_17_0_0_188.dll" --host-npapi-version=28 --type=renderer
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\Martin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iko9om6z.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31 219296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2015-04-14 1729752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-23 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-23 1571696]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-12-11 7666392]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Network Manager.lnk - C:\Windows\Installer\{D6E67DA7-8988-46FB-BF12-70635254B0CD}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-05 23:21:26 ----D---- C:\Program Files\trend micro
2015-06-05 23:21:25 ----D---- C:\rsit
2015-06-05 22:42:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-05 22:42:02 ----D---- C:\Windows\LastGood
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-05 22:41:49 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvmcumd.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\nvaudcaparm.dll
2015-06-05 22:41:49 ----A---- C:\Windows\system32\drivers\nvvadarm.sys
2015-06-05 22:41:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-05 22:30:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-05 22:30:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-05 22:30:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-05 22:30:31 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-05 22:30:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wups.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wudriver.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wucltux.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wuapp.exe
2015-06-05 22:30:31 ----A---- C:\Windows\system32\wuapi.dll
2015-06-05 22:30:31 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-05 22:30:30 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-05 22:30:30 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-05 22:29:25 ----D---- C:\ProgramData\boost_interprocess
2015-06-05 22:29:23 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-05 22:29:23 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-05-23 13:57:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\UIAutomationCore.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\tquery.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-05-23 13:57:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-05-23 13:57:54 ----A---- C:\Windows\system32\puiobj.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\mssvp.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\mssrch.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\mssphtb.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\mssph.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\localspl.dll
2015-05-23 13:57:54 ----A---- C:\Windows\system32\compstui.dll
2015-05-23 13:57:53 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS
2015-05-23 13:57:53 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2015-05-23 13:57:53 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2015-05-23 13:57:53 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-05-23 13:57:53 ----A---- C:\Windows\SYSWOW64\authz.dll
2015-05-23 13:57:53 ----A---- C:\Windows\system32\rastapi.dll
2015-05-23 13:57:53 ----A---- C:\Windows\system32\msftedit.dll
2015-05-23 13:57:53 ----A---- C:\Windows\system32\authz.dll
2015-05-23 13:27:56 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-23 13:27:56 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-23 13:27:55 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-23 13:27:55 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-22 21:40:57 ----D---- C:\Program Files\Crucial
2015-05-22 21:03:22 ----D---- C:\Windows\Migration
2015-05-22 20:49:28 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 20:49:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 20:40:31 ----D---- C:\Program Files\HHD Software
2015-05-16 20:29:34 ----D---- C:\Users\Martin\AppData\Roaming\Notepad++
2015-05-16 20:29:34 ----D---- C:\Program Files (x86)\Notepad++
2015-05-16 20:05:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-16 20:05:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-16 20:05:07 ----A---- C:\Windows\system32\win32k.sys
2015-05-16 20:05:07 ----A---- C:\Windows\system32\schannel.dll
2015-05-16 20:05:07 ----A---- C:\Windows\system32\services.exe
2015-05-16 20:05:07 ----A---- C:\Windows\system32\FntCache.dll
2015-05-16 20:05:07 ----A---- C:\Windows\system32\DWrite.dll
2015-05-16 20:04:49 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-16 20:04:49 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-16 20:04:49 ----A---- C:\Windows\system32\drivers\cng.sys
2015-05-16 20:04:49 ----A---- C:\Windows\system32\certcli.dll
2015-05-16 20:04:48 ----A---- C:\Windows\system32\mshtml.dll
2015-05-16 20:04:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-16 20:04:47 ----A---- C:\Windows\system32\jscript9.dll
2015-05-16 20:04:47 ----A---- C:\Windows\system32\ieframe.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-16 20:04:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\wininet.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\webcheck.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\vbscript.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\urlmon.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\jscript.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\inseng.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\ieui.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\iertutil.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\iepeers.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-16 20:04:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-16 20:04:46 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-09 18:37:33 ----D---- C:\ProgramData\Socialclub
2015-05-09 18:31:06 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-05-09 18:31:06 ----A---- C:\Windows\system32\dwmcore.dll
2015-05-09 13:19:12 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-05-09 13:14:51 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-05-09 13:14:36 ----D---- C:\ProgramData\Malwarebytes
2015-05-09 13:14:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-09 13:14:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-05-09 13:14:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-05-09 13:14:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-05-08 07:08:00 ----A---- C:\Recovery.txt
======List of files/folders modified in the last 1 month======
2015-06-05 23:21:26 ----RD---- C:\Program Files
2015-06-05 23:15:13 ----D---- C:\Users\Martin\AppData\Roaming\ClassicShell
2015-06-05 23:13:15 ----D---- C:\Windows\Prefetch
2015-06-05 22:59:07 ----D---- C:\Program Files\KMSpico
2015-06-05 22:55:20 ----D---- C:\Program Files (x86)\MSI Afterburner
2015-06-05 22:45:29 ----D---- C:\MSI
2015-06-05 22:45:17 ----D---- C:\Windows\system32\config
2015-06-05 22:45:12 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-05 22:45:11 ----D---- C:\Windows\Temp
2015-06-05 22:45:04 ----D---- C:\Windows\SYSWOW64\directx
2015-06-05 22:45:01 ----SHD---- C:\Windows\Installer
2015-06-05 22:45:01 ----HD---- C:\Windows\msdownld.tmp
2015-06-05 22:45:01 ----D---- C:\Windows\Logs
2015-06-05 22:42:57 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-05 22:42:54 ----D---- C:\temp
2015-06-05 22:42:42 ----D---- C:\Windows\Inf
2015-06-05 22:42:42 ----D---- C:\ProgramData\NVIDIA
2015-06-05 22:42:36 ----D---- C:\Windows\SysWOW64
2015-06-05 22:42:31 ----D---- C:\Windows\system32\DriverStore
2015-06-05 22:42:16 ----RD---- C:\Windows\System32
2015-06-05 22:42:13 ----D---- C:\Windows\system32\drivers
2015-06-05 22:42:02 ----D---- C:\Windows
2015-06-05 22:40:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-05 22:34:15 ----D---- C:\Windows\WinSxS
2015-06-05 22:33:48 ----D---- C:\Windows\system32\en-US
2015-06-05 22:33:48 ----D---- C:\Windows\PolicyDefinitions
2015-06-05 22:32:48 ----HD---- C:\Program Files\WindowsApps
2015-06-05 22:30:49 ----D---- C:\Windows\AppReadiness
2015-06-05 22:30:46 ----D---- C:\Windows\CbsTemp
2015-06-05 22:30:41 ----SHD---- C:\System Volume Information
2015-06-05 22:29:25 ----HD---- C:\ProgramData
2015-05-31 15:51:20 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2015-05-30 14:22:46 ----D---- C:\Windows\Microsoft.NET
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvapi64.dll
2015-05-28 06:15:30 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-26 11:54:10 ----D---- C:\Program Files (x86)\Grand Theft Auto V
2015-05-25 10:13:44 ----D---- C:\Windows\rescache
2015-05-24 15:56:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 16:13:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-23 13:58:28 ----RD---- C:\Windows\ToastData
2015-05-23 03:47:15 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-05-23 03:47:15 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-05-23 03:47:06 ----A---- C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47:06 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-05-22 21:34:28 ----RSD---- C:\Windows\assembly
2015-05-22 21:04:18 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-22 21:04:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 21:03:56 ----D---- C:\Program Files\Internet Explorer
2015-05-22 21:03:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-22 21:03:22 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-22 21:03:22 ----SD---- C:\Windows\system32\GWX
2015-05-22 20:50:31 ----D---- C:\ProgramData\Microsoft Help
2015-05-22 20:49:27 ----D---- C:\Windows\system32\MRT
2015-05-22 20:47:56 ----A---- C:\Windows\system32\MRT.exe
2015-05-22 20:44:25 ----D---- C:\Program Files\Windows Journal
2015-05-16 20:29:34 ----RD---- C:\Program Files (x86)
2015-05-16 19:39:28 ----D---- C:\Windows\system32\catroot2
2015-05-13 08:52:35 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2015-05-12 08:27:22 ----A---- C:\Windows\SYSWOW64\SET79AF.tmp
2015-05-12 08:27:22 ----A---- C:\Windows\system32\SET76B7.tmp
2015-05-12 08:27:22 ----A---- C:\Windows\system32\SET70ED.tmp
2015-05-12 08:27:22 ----A---- C:\Windows\system32\SET4288.tmp
2015-05-09 18:37:32 ----D---- C:\ProgramData\Steam
2015-05-09 13:00:13 ----D---- C:\Program Files\RogueKiller
2015-05-09 12:58:00 ----D---- C:\AdwCleaner
2015-05-07 21:08:43 ----A---- C:\Windows\ntbtlog.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BfLwf;@oem2.inf,%BfLwf_Desc%;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bwcW8x64.sys [2014-10-16 98992]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-12-24 231376]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-03-19 4888368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 Ke2200;@oem1.inf,%BFTN.Service.DispName%;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w8x64.sys [2014-03-27 130224]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-06-05 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 64216]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2014-12-11 32344]
R3 MEIx64;@oem89.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;@oem96.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-05-28 10995528]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-23 19600]
R3 nvvad_WaveExtensible;@oem98.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 NVVADARM;@oem99.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2015-05-28 39056]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-05-27 13536]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-23 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-19 345864]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-23 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-23 23006864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-10-17 387584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-06-29 997568]
S2 Synergy;Synergy; C:\Program Files\Synergy\synergyd.exe [2015-04-21 304832]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-19 280840]
S3 HitmanPro37Crusader;HitmanPro 3.7 Crusader; C:\Program Files\HitmanPro\HitmanPro.exe [2014-10-29 11222744]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-23 148080]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mozny virus (keylogger) - nezvycajne spravanie kalvesnice
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Zdravim 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
MBAM odinstalujte a pouzijte http://www.malwarebytes.org/mbam-clean.exe . Pak zkuste MBAM nainstalovat znovu a spustte Vlastni sken vsech disku.
http://forum.viry.cz/viewtopic.php?f=29&t=137928
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
MBAM odinstalujte a pouzijte http://www.malwarebytes.org/mbam-clean.exe . Pak zkuste MBAM nainstalovat znovu a spustte Vlastni sken vsech disku.http://forum.viry.cz/viewtopic.php?f=29&t=137928
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
dakujem, tak Malwarebytes nenasiel ziadnu detekciu po dokonceni scanu tak ako ste pisali.
tu prikladam log z AdwCleaner:
# AdwCleaner v4.206 - Logfile created 06/06/2015 at 19:46:02
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Martin - WIN8PC
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v38.0.5 (x86 en-US)
*************************
AdwCleaner[R0].txt - [2233 bytes] - [27/12/2014 23:10:23]
AdwCleaner[R10].txt - [1682 bytes] - [25/04/2015 11:58:57]
AdwCleaner[R11].txt - [1803 bytes] - [09/05/2015 12:57:31]
AdwCleaner[R12].txt - [1920 bytes] - [06/06/2015 19:42:08]
AdwCleaner[R1].txt - [859 bytes] - [27/12/2014 23:17:42]
AdwCleaner[R2].txt - [975 bytes] - [30/12/2014 14:22:14]
AdwCleaner[R3].txt - [1238 bytes] - [06/01/2015 18:39:55]
AdwCleaner[R4].txt - [1215 bytes] - [21/01/2015 00:10:24]
AdwCleaner[R5].txt - [1445 bytes] - [28/01/2015 23:51:50]
AdwCleaner[R6].txt - [1393 bytes] - [29/01/2015 01:41:47]
AdwCleaner[R7].txt - [1454 bytes] - [29/01/2015 12:24:57]
AdwCleaner[R8].txt - [1516 bytes] - [30/01/2015 23:54:33]
AdwCleaner[R9].txt - [1563 bytes] - [25/04/2015 11:05:18]
AdwCleaner[S0].txt - [2329 bytes] - [27/12/2014 23:11:47]
AdwCleaner[S1].txt - [919 bytes] - [27/12/2014 23:18:58]
AdwCleaner[S2].txt - [1035 bytes] - [30/12/2014 14:22:59]
AdwCleaner[S3].txt - [1304 bytes] - [06/01/2015 18:41:26]
AdwCleaner[S4].txt - [1510 bytes] - [28/01/2015 23:52:27]
AdwCleaner[S5].txt - [1627 bytes] - [25/04/2015 11:06:05]
AdwCleaner[S6].txt - [1746 bytes] - [25/04/2015 11:59:38]
AdwCleaner[S7].txt - [1867 bytes] - [09/05/2015 12:58:00]
AdwCleaner[S8].txt - [1845 bytes] - [06/06/2015 19:46:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [1904 bytes] ##########
tu prikladam log z AdwCleaner:
# AdwCleaner v4.206 - Logfile created 06/06/2015 at 19:46:02
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Martin - WIN8PC
# Running from : C:\Users\Martin\Desktop\adwcleaner_4.206.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v38.0.5 (x86 en-US)
*************************
AdwCleaner[R0].txt - [2233 bytes] - [27/12/2014 23:10:23]
AdwCleaner[R10].txt - [1682 bytes] - [25/04/2015 11:58:57]
AdwCleaner[R11].txt - [1803 bytes] - [09/05/2015 12:57:31]
AdwCleaner[R12].txt - [1920 bytes] - [06/06/2015 19:42:08]
AdwCleaner[R1].txt - [859 bytes] - [27/12/2014 23:17:42]
AdwCleaner[R2].txt - [975 bytes] - [30/12/2014 14:22:14]
AdwCleaner[R3].txt - [1238 bytes] - [06/01/2015 18:39:55]
AdwCleaner[R4].txt - [1215 bytes] - [21/01/2015 00:10:24]
AdwCleaner[R5].txt - [1445 bytes] - [28/01/2015 23:51:50]
AdwCleaner[R6].txt - [1393 bytes] - [29/01/2015 01:41:47]
AdwCleaner[R7].txt - [1454 bytes] - [29/01/2015 12:24:57]
AdwCleaner[R8].txt - [1516 bytes] - [30/01/2015 23:54:33]
AdwCleaner[R9].txt - [1563 bytes] - [25/04/2015 11:05:18]
AdwCleaner[S0].txt - [2329 bytes] - [27/12/2014 23:11:47]
AdwCleaner[S1].txt - [919 bytes] - [27/12/2014 23:18:58]
AdwCleaner[S2].txt - [1035 bytes] - [30/12/2014 14:22:59]
AdwCleaner[S3].txt - [1304 bytes] - [06/01/2015 18:41:26]
AdwCleaner[S4].txt - [1510 bytes] - [28/01/2015 23:52:27]
AdwCleaner[S5].txt - [1627 bytes] - [25/04/2015 11:06:05]
AdwCleaner[S6].txt - [1746 bytes] - [25/04/2015 11:59:38]
AdwCleaner[S7].txt - [1867 bytes] - [09/05/2015 12:58:00]
AdwCleaner[S8].txt - [1845 bytes] - [06/06/2015 19:46:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [1904 bytes] ##########
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Jak casto se to stava? Dela to i v nouzovem rezimu? Mate moznost vyzkouset jinou klavesnici? Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
to s tou klavesnicou sa stane niekedy do 20 minut po starte Windows, niekedy aj po 2 hodinach, je to velmi nahodne. Co sa tyka nemoznosti aktualizovat Malwarebyte's tak to na 90% pripadov nejde, ale niekedy sa aktualizuje, napriklad vcera som ho podla vasich pokynov preinstaloval, aj sa sam aktualizoval ale potom uz nie, no a dneska sa mi opat sam aktualizoval.
Tu je Farbar log a prikladam aj Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Martin (administrator) on WIN8PC on 07-06-2015 14:06:15
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files\Synergy\synergyd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Synergy\synergyc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.9600.17787_none_d3bdd9e7b1d31eaa\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.9600.17787_none_d3bdd9e7b1d31eaa\SearchFilterHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-12-24]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{D6E67DA7-8988-46FB-BF12-70635254B0CD}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iko9om6z.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-1181200559-1570802832-3044720726-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 HitmanPro37Crusader; C:\Program Files\HitmanPro\HitmanPro.exe [11222744 2014-10-29] (SurfRight B.V.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-10-17] (Qualcomm Atheros) [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [306368 2015-05-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [98992 2014-10-16] (Qualcomm Atheros, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 14:06 - 2015-06-07 14:06 - 00013549 _____ C:\Users\Martin\Desktop\FRST.txt
2015-06-07 14:05 - 2015-06-07 14:06 - 00000000 ____D C:\FRST
2015-06-06 22:51 - 2015-06-06 22:51 - 00080911 _____ C:\Users\Martin\Downloads\780d6a-VehicleController_v8.2.zip
2015-06-06 19:40 - 2015-06-06 19:41 - 02231296 _____ C:\Users\Martin\Desktop\adwcleaner_4.206.exe
2015-06-06 15:32 - 2015-06-06 15:50 - 01065984 _____ C:\Users\Martin\AppData\Local\file__0.localstorage
2015-06-06 15:32 - 2015-06-06 15:49 - 00000000 ____D C:\Users\Martin\Valley
2015-06-06 15:31 - 2015-06-06 15:31 - 00002167 _____ C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2015-06-06 15:31 - 2015-06-06 15:31 - 00000000 ____D C:\Program Files (x86)\Unigine
2015-06-06 15:02 - 2015-06-06 15:02 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synergy.lnk
2015-06-06 15:02 - 2015-06-06 15:02 - 00000000 ____D C:\Program Files\Synergy
2015-06-06 13:53 - 2015-06-06 13:53 - 00000932 _____ C:\Users\Martin\Desktop\MSI Kombustor 3.lnk
2015-06-06 13:53 - 2015-06-06 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2015-06-06 13:53 - 2015-06-06 13:53 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2015-06-06 12:00 - 2015-06-06 12:00 - 02108928 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-06-06 00:27 - 2015-06-06 23:20 - 00000000 ____D C:\Users\Martin\AppData\Local\ClassicShell
2015-06-06 00:16 - 2015-06-06 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-06-06 00:16 - 2015-06-06 00:16 - 00000000 ____D C:\Program Files\Classic Shell
2015-06-05 23:21 - 2015-06-05 23:21 - 00000000 ____D C:\rsit
2015-06-05 23:21 - 2015-06-05 23:21 - 00000000 ____D C:\Program Files\trend micro
2015-06-05 23:15 - 2015-06-05 23:15 - 00000000 ____H C:\.DS_Store
2015-06-05 22:42 - 2015-06-05 22:42 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-05 22:42 - 2015-06-05 22:42 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-06-05 22:42 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-05 22:41 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-05 22:41 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-06-05 22:30 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-05 22:30 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-05 22:30 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-05 22:30 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-05 22:30 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-05 22:30 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-05 22:30 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-05 22:30 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-05 22:30 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-05 22:30 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-05 22:30 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-05 22:30 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 22:30 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-05 22:30 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-05 22:29 - 2015-06-05 22:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-05 22:29 - 2015-06-05 22:29 - 00000000 ____D C:\Users\Martin\AppData\Local\GWX
2015-06-05 22:29 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 22:29 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 13:41 - 2015-05-31 13:41 - 00106794 _____ C:\Users\Martin\Downloads\918f88-Vehicle_Spawner 1.5.rar
2015-05-30 20:14 - 2015-05-30 20:14 - 07438663 _____ C:\Users\Martin\Downloads\GTAV-Colorful Icons-1-2.zip
2015-05-26 21:13 - 2015-05-26 21:13 - 09936896 _____ C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi
2015-05-26 11:46 - 2015-05-26 11:46 - 00001289 _____ C:\Users\Martin\Desktop\OpenIV.lnk
2015-05-26 11:46 - 2015-05-26 11:46 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2015-05-26 11:46 - 2015-05-26 11:46 - 00000000 ____D C:\Users\Martin\AppData\Local\New Technology Studio
2015-05-26 11:45 - 2015-05-26 11:45 - 01582077 _____ C:\Users\Martin\Downloads\fce318-OpenIV 2.6.zip
2015-05-26 11:44 - 2015-05-26 11:44 - 00000466 _____ C:\Users\Martin\Downloads\6a7a5e-vehicleaihandlinginfo.rar
2015-05-25 20:41 - 2015-05-25 20:41 - 00055655 _____ C:\Users\Martin\Downloads\f5ab25-OpenAllInteriors.rar
2015-05-25 19:51 - 2015-05-25 19:51 - 00308696 _____ C:\Users\Martin\Downloads\ScriptHookV_1.0.350.2a.zip
2015-05-25 19:50 - 2015-05-25 19:50 - 01376736 _____ C:\Users\Martin\Downloads\24011d-Passenger_v1.4.rar
2015-05-23 13:57 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-23 13:57 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-23 13:57 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-23 13:57 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-23 13:57 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-23 13:57 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-23 13:57 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-23 13:57 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-23 13:57 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-23 13:57 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-23 13:57 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-23 13:57 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-23 13:57 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-23 13:57 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-23 13:57 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-23 13:57 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-23 13:57 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-23 13:57 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-23 13:57 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-23 13:57 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-23 13:57 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-23 13:57 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-23 13:57 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-23 13:57 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-23 13:57 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-23 13:57 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-23 13:57 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-23 13:57 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-23 13:27 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-23 13:27 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-23 13:27 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-23 13:27 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-22 21:41 - 2015-05-22 21:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storage Executive
2015-05-22 21:40 - 2015-05-22 21:40 - 00000000 ____D C:\Program Files\Crucial
2015-05-22 20:49 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 20:49 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 20:42 - 2015-05-16 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
2015-05-16 20:40 - 2015-05-31 15:59 - 00000000 __SHD C:\Users\Public\DRM
2015-05-16 20:40 - 2015-05-16 20:40 - 00000000 ____D C:\Users\Martin\AppData\Local\HHD Software
2015-05-16 20:40 - 2015-05-16 20:40 - 00000000 ____D C:\Program Files\HHD Software
2015-05-16 20:29 - 2015-05-16 20:37 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Notepad++
2015-05-16 20:29 - 2015-05-16 20:37 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-05-16 20:05 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-16 20:05 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-16 20:05 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-16 20:05 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-16 20:05 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-16 20:05 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-16 20:05 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-16 20:04 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-16 20:04 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-16 20:04 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-16 20:04 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-16 20:04 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-16 20:04 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-16 20:04 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-16 20:04 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-16 20:04 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-16 20:04 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-16 20:04 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-16 20:04 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-16 20:04 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-16 20:04 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-16 20:04 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-16 20:04 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-16 20:04 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-16 20:04 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-16 20:04 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-16 20:04 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-16 20:04 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-16 20:04 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-16 20:04 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-16 20:04 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-16 20:04 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-16 20:04 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-16 20:04 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-16 20:04 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-16 20:04 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-16 20:04 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-16 20:04 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-16 20:04 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-16 20:04 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-16 20:04 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-16 20:04 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-16 20:04 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-16 20:04 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-16 20:04 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-16 20:04 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-16 20:04 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-16 20:04 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-16 20:04 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-16 20:04 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-16 10:06 - 2015-05-16 10:06 - 00289040 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll
2015-05-16 10:05 - 2015-05-16 10:05 - 00248080 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll
2015-05-09 18:37 - 2015-05-09 18:37 - 00000000 ____D C:\ProgramData\Socialclub
2015-05-09 18:31 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-09 18:31 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-09 18:28 - 2015-05-09 18:28 - 286451987 _____ C:\Users\Martin\Downloads\files.rar
2015-05-09 17:51 - 2015-05-09 17:51 - 00000000 ____D C:\Users\Martin\Desktop\GTA V
2015-05-09 17:49 - 2015-05-09 17:53 - 63314280 _____ C:\Users\Martin\Downloads\Grand.Theft.Auto.V.Crack.Only-RELOADED.7z
2015-05-09 13:19 - 2015-05-09 13:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-05-09 13:14 - 2015-06-07 13:37 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-09 13:14 - 2015-05-09 13:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-09 13:14 - 2015-05-09 13:14 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 13:14 - 2015-05-09 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-09 13:14 - 2015-05-09 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-09 13:14 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-09 13:14 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-09 13:14 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 07:08 - 2015-05-08 07:08 - 00000000 _____ C:\Recovery.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 14:03 - 2014-12-24 12:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 13:41 - 2014-12-23 03:36 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1181200559-1570802832-3044720726-1001
2015-06-07 13:39 - 2014-12-23 03:01 - 01939959 _____ C:\Windows\WindowsUpdate.log
2015-06-07 13:35 - 2014-12-23 06:33 - 00011719 _____ C:\Windows\SysWOW64\Gms.log
2015-06-06 22:59 - 2015-04-05 14:15 - 00000000 ____D C:\Program Files\KMSpico
2015-06-06 22:54 - 2015-02-08 17:40 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-06-06 22:53 - 2015-04-30 22:23 - 00000000 ____D C:\Program Files (x86)\Grand Theft Auto V
2015-06-06 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 21:03 - 2015-01-14 20:41 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-06 20:51 - 2014-03-18 12:02 - 00871904 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 20:25 - 2015-01-04 14:09 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2015-06-06 19:49 - 2014-12-23 19:10 - 00000000 ____D C:\MSI
2015-06-06 19:46 - 2015-04-25 11:37 - 00021128 _____ C:\Windows\PFRO.log
2015-06-06 19:46 - 2015-04-17 21:47 - 00014473 _____ C:\Windows\setupact.log
2015-06-06 19:46 - 2014-12-27 23:10 - 00000000 ____D C:\AdwCleaner
2015-06-06 19:46 - 2014-12-23 19:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-06 19:46 - 2014-12-23 05:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 19:46 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 19:46 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 15:32 - 2014-12-23 03:02 - 00000000 ____D C:\Users\Martin
2015-06-06 14:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:53 - 2015-01-20 20:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\NVIDIA
2015-06-06 13:53 - 2014-12-23 05:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 00:14 - 2015-01-05 15:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ClassicShell
2015-06-06 00:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-05 22:55 - 2014-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-05 22:45 - 2014-12-24 01:22 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-05 22:45 - 2014-12-24 01:22 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-05 22:44 - 2014-12-28 14:42 - 00001102 _____ C:\Users\Martin\Desktop\MSI Afterburner.lnk
2015-06-05 22:42 - 2014-12-23 19:09 - 00000000 ____D C:\temp
2015-06-05 22:42 - 2014-12-23 18:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 22:42 - 2014-12-23 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-05 22:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-05 22:30 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-28 09:04 - 2014-12-23 19:35 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-12-23 19:35 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-12-23 19:35 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-12-23 19:35 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-23 13:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-05-23 03:47 - 2014-12-23 18:32 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-22 21:04 - 2014-12-24 01:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-22 21:04 - 2014-12-24 01:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 21:04 - 2013-08-22 16:44 - 00346424 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-22 21:03 - 2015-04-05 14:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 21:03 - 2015-04-05 14:48 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-22 20:50 - 2015-04-05 12:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-22 20:49 - 2015-04-05 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-22 20:49 - 2014-12-23 04:36 - 00000000 ____D C:\Windows\system32\MRT
2015-05-22 20:47 - 2014-12-23 03:01 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-22 20:46 - 2014-12-24 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 20:44 - 2014-03-18 11:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-17 11:43 - 2014-12-24 12:21 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2015-05-17 11:40 - 2014-12-24 12:25 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-16 19:59 - 2015-04-15 23:06 - 00000080 _____ C:\Users\Martin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-05-13 08:52 - 2015-01-22 19:34 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-09 18:37 - 2015-02-08 13:26 - 00000000 ____D C:\ProgramData\Steam
2015-05-09 13:00 - 2015-04-25 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-05-09 13:00 - 2015-04-25 11:10 - 00000000 ____D C:\Program Files\RogueKiller
2015-05-09 13:00 - 2015-01-29 12:28 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
==================== Files in the root of some directories =======
2014-12-23 04:56 - 2014-12-24 16:32 - 0000000 _____ () C:\Users\Martin\AppData\Local\Driver_LOM_8161Present.flag
2015-06-06 15:32 - 2015-06-06 15:50 - 1065984 _____ () C:\Users\Martin\AppData\Local\file__0.localstorage
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Martin\AppData\Local\Temp\mbam-setup-2.1.6.1022.exe
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Martin\AppData\Local\Temp\nvStInst.exe
C:\Users\Martin\AppData\Local\Temp\proxy_vole2740272356870720660.dll
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll
C:\Users\Martin\AppData\Local\Temp\SRLDetectionLibrary5390000507695613157.dll
C:\Users\Martin\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-06 14:16
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:238.13 GB) (Free:37.2 GB) NTFS
Available physical RAM: 14292.32 MB
Total physical RAM: 16244.95 MB
Percentage of memory in use: 12%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EA54F223)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.quarantine
AlternateDataStreams: C:\Users\Public\DRM:احتضان
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martin\Desktop" je 514 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Tu je Farbar log a prikladam aj Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Martin (administrator) on WIN8PC on 07-06-2015 14:06:15
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files\Synergy\synergyd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Synergy\synergyc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.9600.17787_none_d3bdd9e7b1d31eaa\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_windowssearchengine_31bf3856ad364e35_7.0.9600.17787_none_d3bdd9e7b1d31eaa\SearchFilterHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-12-24]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{D6E67DA7-8988-46FB-BF12-70635254B0CD}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\iko9om6z.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-1181200559-1570802832-3044720726-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 HitmanPro37Crusader; C:\Program Files\HitmanPro\HitmanPro.exe [11222744 2014-10-29] (SurfRight B.V.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-10-17] (Qualcomm Atheros) [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [306368 2015-05-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [98992 2014-10-16] (Qualcomm Atheros, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 14:06 - 2015-06-07 14:06 - 00013549 _____ C:\Users\Martin\Desktop\FRST.txt
2015-06-07 14:05 - 2015-06-07 14:06 - 00000000 ____D C:\FRST
2015-06-06 22:51 - 2015-06-06 22:51 - 00080911 _____ C:\Users\Martin\Downloads\780d6a-VehicleController_v8.2.zip
2015-06-06 19:40 - 2015-06-06 19:41 - 02231296 _____ C:\Users\Martin\Desktop\adwcleaner_4.206.exe
2015-06-06 15:32 - 2015-06-06 15:50 - 01065984 _____ C:\Users\Martin\AppData\Local\file__0.localstorage
2015-06-06 15:32 - 2015-06-06 15:49 - 00000000 ____D C:\Users\Martin\Valley
2015-06-06 15:31 - 2015-06-06 15:31 - 00002167 _____ C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2015-06-06 15:31 - 2015-06-06 15:31 - 00000000 ____D C:\Program Files (x86)\Unigine
2015-06-06 15:02 - 2015-06-06 15:02 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synergy.lnk
2015-06-06 15:02 - 2015-06-06 15:02 - 00000000 ____D C:\Program Files\Synergy
2015-06-06 13:53 - 2015-06-06 13:53 - 00000932 _____ C:\Users\Martin\Desktop\MSI Kombustor 3.lnk
2015-06-06 13:53 - 2015-06-06 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2015-06-06 13:53 - 2015-06-06 13:53 - 00000000 ____D C:\Program Files\MSI Kombustor 3
2015-06-06 12:00 - 2015-06-06 12:00 - 02108928 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-06-06 00:27 - 2015-06-06 23:20 - 00000000 ____D C:\Users\Martin\AppData\Local\ClassicShell
2015-06-06 00:16 - 2015-06-06 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-06-06 00:16 - 2015-06-06 00:16 - 00000000 ____D C:\Program Files\Classic Shell
2015-06-05 23:21 - 2015-06-05 23:21 - 00000000 ____D C:\rsit
2015-06-05 23:21 - 2015-06-05 23:21 - 00000000 ____D C:\Program Files\trend micro
2015-06-05 23:15 - 2015-06-05 23:15 - 00000000 ____H C:\.DS_Store
2015-06-05 22:42 - 2015-06-05 22:42 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-05 22:42 - 2015-06-05 22:42 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-06-05 22:42 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-05 22:41 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-05 22:41 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-06-05 22:41 - 2015-05-28 09:04 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-06-05 22:30 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-05 22:30 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-05 22:30 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-05 22:30 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-05 22:30 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-05 22:30 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-05 22:30 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-05 22:30 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-05 22:30 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-05 22:30 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-05 22:30 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-05 22:30 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-05 22:30 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-05 22:30 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-05 22:30 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-05 22:29 - 2015-06-05 22:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-05 22:29 - 2015-06-05 22:29 - 00000000 ____D C:\Users\Martin\AppData\Local\GWX
2015-06-05 22:29 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 22:29 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 13:41 - 2015-05-31 13:41 - 00106794 _____ C:\Users\Martin\Downloads\918f88-Vehicle_Spawner 1.5.rar
2015-05-30 20:14 - 2015-05-30 20:14 - 07438663 _____ C:\Users\Martin\Downloads\GTAV-Colorful Icons-1-2.zip
2015-05-26 21:13 - 2015-05-26 21:13 - 09936896 _____ C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi
2015-05-26 11:46 - 2015-05-26 11:46 - 00001289 _____ C:\Users\Martin\Desktop\OpenIV.lnk
2015-05-26 11:46 - 2015-05-26 11:46 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2015-05-26 11:46 - 2015-05-26 11:46 - 00000000 ____D C:\Users\Martin\AppData\Local\New Technology Studio
2015-05-26 11:45 - 2015-05-26 11:45 - 01582077 _____ C:\Users\Martin\Downloads\fce318-OpenIV 2.6.zip
2015-05-26 11:44 - 2015-05-26 11:44 - 00000466 _____ C:\Users\Martin\Downloads\6a7a5e-vehicleaihandlinginfo.rar
2015-05-25 20:41 - 2015-05-25 20:41 - 00055655 _____ C:\Users\Martin\Downloads\f5ab25-OpenAllInteriors.rar
2015-05-25 19:51 - 2015-05-25 19:51 - 00308696 _____ C:\Users\Martin\Downloads\ScriptHookV_1.0.350.2a.zip
2015-05-25 19:50 - 2015-05-25 19:50 - 01376736 _____ C:\Users\Martin\Downloads\24011d-Passenger_v1.4.rar
2015-05-23 13:57 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-23 13:57 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-23 13:57 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-23 13:57 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-23 13:57 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-23 13:57 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-23 13:57 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-23 13:57 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-23 13:57 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-23 13:57 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-23 13:57 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-23 13:57 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-23 13:57 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-23 13:57 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-23 13:57 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-23 13:57 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-23 13:57 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-23 13:57 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-23 13:57 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-23 13:57 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-23 13:57 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-23 13:57 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-23 13:57 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-23 13:57 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-23 13:57 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-23 13:57 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-23 13:57 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-23 13:57 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-23 13:27 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-23 13:27 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-23 13:27 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-23 13:27 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-22 21:41 - 2015-05-22 21:41 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storage Executive
2015-05-22 21:40 - 2015-05-22 21:40 - 00000000 ____D C:\Program Files\Crucial
2015-05-22 20:49 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 20:49 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 20:42 - 2015-05-16 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
2015-05-16 20:40 - 2015-05-31 15:59 - 00000000 __SHD C:\Users\Public\DRM
2015-05-16 20:40 - 2015-05-16 20:40 - 00000000 ____D C:\Users\Martin\AppData\Local\HHD Software
2015-05-16 20:40 - 2015-05-16 20:40 - 00000000 ____D C:\Program Files\HHD Software
2015-05-16 20:29 - 2015-05-16 20:37 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Notepad++
2015-05-16 20:29 - 2015-05-16 20:37 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-05-16 20:05 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-16 20:05 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-16 20:05 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-16 20:05 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-16 20:05 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-16 20:05 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-16 20:05 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-16 20:04 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-16 20:04 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-16 20:04 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-16 20:04 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-16 20:04 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-16 20:04 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-16 20:04 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-16 20:04 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-16 20:04 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-16 20:04 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-16 20:04 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-16 20:04 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-16 20:04 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-16 20:04 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-16 20:04 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-16 20:04 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-16 20:04 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-16 20:04 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-16 20:04 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-16 20:04 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-16 20:04 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-16 20:04 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-16 20:04 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-16 20:04 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-16 20:04 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-16 20:04 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-16 20:04 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-16 20:04 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-16 20:04 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-16 20:04 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-16 20:04 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-16 20:04 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-16 20:04 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-16 20:04 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-16 20:04 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-16 20:04 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-16 20:04 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-16 20:04 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-16 20:04 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-16 20:04 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-16 20:04 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-16 20:04 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-16 20:04 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-16 10:06 - 2015-05-16 10:06 - 00289040 _____ (IvoSoft) C:\Windows\system32\StartMenuHelper64.dll
2015-05-16 10:05 - 2015-05-16 10:05 - 00248080 _____ (IvoSoft) C:\Windows\SysWOW64\StartMenuHelper32.dll
2015-05-09 18:37 - 2015-05-09 18:37 - 00000000 ____D C:\ProgramData\Socialclub
2015-05-09 18:31 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-09 18:31 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-09 18:28 - 2015-05-09 18:28 - 286451987 _____ C:\Users\Martin\Downloads\files.rar
2015-05-09 17:51 - 2015-05-09 17:51 - 00000000 ____D C:\Users\Martin\Desktop\GTA V
2015-05-09 17:49 - 2015-05-09 17:53 - 63314280 _____ C:\Users\Martin\Downloads\Grand.Theft.Auto.V.Crack.Only-RELOADED.7z
2015-05-09 13:19 - 2015-05-09 13:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-05-09 13:14 - 2015-06-07 13:37 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-09 13:14 - 2015-05-09 13:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-09 13:14 - 2015-05-09 13:14 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-09 13:14 - 2015-05-09 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-09 13:14 - 2015-05-09 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-09 13:14 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-09 13:14 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-09 13:14 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 07:08 - 2015-05-08 07:08 - 00000000 _____ C:\Recovery.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 14:03 - 2014-12-24 12:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 13:41 - 2014-12-23 03:36 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1181200559-1570802832-3044720726-1001
2015-06-07 13:39 - 2014-12-23 03:01 - 01939959 _____ C:\Windows\WindowsUpdate.log
2015-06-07 13:35 - 2014-12-23 06:33 - 00011719 _____ C:\Windows\SysWOW64\Gms.log
2015-06-06 22:59 - 2015-04-05 14:15 - 00000000 ____D C:\Program Files\KMSpico
2015-06-06 22:54 - 2015-02-08 17:40 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-06-06 22:53 - 2015-04-30 22:23 - 00000000 ____D C:\Program Files (x86)\Grand Theft Auto V
2015-06-06 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 21:03 - 2015-01-14 20:41 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-06 20:51 - 2014-03-18 12:02 - 00871904 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 20:25 - 2015-01-04 14:09 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2015-06-06 19:49 - 2014-12-23 19:10 - 00000000 ____D C:\MSI
2015-06-06 19:46 - 2015-04-25 11:37 - 00021128 _____ C:\Windows\PFRO.log
2015-06-06 19:46 - 2015-04-17 21:47 - 00014473 _____ C:\Windows\setupact.log
2015-06-06 19:46 - 2014-12-27 23:10 - 00000000 ____D C:\AdwCleaner
2015-06-06 19:46 - 2014-12-23 19:35 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-06 19:46 - 2014-12-23 05:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 19:46 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 19:46 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 15:32 - 2014-12-23 03:02 - 00000000 ____D C:\Users\Martin
2015-06-06 14:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:53 - 2015-01-20 20:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\NVIDIA
2015-06-06 13:53 - 2014-12-23 05:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-06 00:14 - 2015-01-05 15:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ClassicShell
2015-06-06 00:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-05 22:55 - 2014-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-05 22:45 - 2014-12-24 01:22 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-05 22:45 - 2014-12-24 01:22 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-05 22:44 - 2014-12-28 14:42 - 00001102 _____ C:\Users\Martin\Desktop\MSI Afterburner.lnk
2015-06-05 22:42 - 2014-12-23 19:09 - 00000000 ____D C:\temp
2015-06-05 22:42 - 2014-12-23 18:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 22:42 - 2014-12-23 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-05 22:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-05 22:30 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-28 09:04 - 2014-12-23 19:35 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04 - 2014-12-23 19:35 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-12-23 19:35 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-12-23 19:35 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-12-23 19:35 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-12-23 19:35 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-23 13:58 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-05-23 03:47 - 2014-12-23 18:32 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2014-12-23 18:32 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-22 21:04 - 2014-12-24 01:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-22 21:04 - 2014-12-24 01:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-22 21:04 - 2013-08-22 16:44 - 00346424 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-22 21:03 - 2015-04-05 14:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 21:03 - 2015-04-05 14:48 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-22 20:50 - 2015-04-05 12:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-22 20:49 - 2015-04-05 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-22 20:49 - 2014-12-23 04:36 - 00000000 ____D C:\Windows\system32\MRT
2015-05-22 20:47 - 2014-12-23 03:01 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-22 20:46 - 2014-12-24 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 20:44 - 2014-03-18 11:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-17 11:43 - 2014-12-24 12:21 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2015-05-17 11:40 - 2014-12-24 12:25 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-16 19:59 - 2015-04-15 23:06 - 00000080 _____ C:\Users\Martin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-05-13 08:52 - 2015-01-22 19:34 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-09 18:37 - 2015-02-08 13:26 - 00000000 ____D C:\ProgramData\Steam
2015-05-09 13:00 - 2015-04-25 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-05-09 13:00 - 2015-04-25 11:10 - 00000000 ____D C:\Program Files\RogueKiller
2015-05-09 13:00 - 2015-01-29 12:28 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
==================== Files in the root of some directories =======
2014-12-23 04:56 - 2014-12-24 16:32 - 0000000 _____ () C:\Users\Martin\AppData\Local\Driver_LOM_8161Present.flag
2015-06-06 15:32 - 2015-06-06 15:50 - 1065984 _____ () C:\Users\Martin\AppData\Local\file__0.localstorage
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Martin\AppData\Local\Temp\mbam-setup-2.1.6.1022.exe
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Martin\AppData\Local\Temp\nvStInst.exe
C:\Users\Martin\AppData\Local\Temp\proxy_vole2740272356870720660.dll
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll
C:\Users\Martin\AppData\Local\Temp\SRLDetectionLibrary5390000507695613157.dll
C:\Users\Martin\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-06 14:16
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:238.13 GB) (Free:37.2 GB) NTFS
Available physical RAM: 14292.32 MB
Total physical RAM: 16244.95 MB
Percentage of memory in use: 12%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EA54F223)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.quarantine
AlternateDataStreams: C:\Users\Public\DRM:احتضان
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martin\Desktop" je 514 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (8.61 KiB) Staženo 67 x
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Je ten system legalni? Odinstalujte Chrome. Pokud v pc neni, zkuste najit jeho zbytky a smazat je rucne. Program hlasi, ze je v nem nejaky problem a tohle nejde odstranit skriptem. Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.quarantine
AlternateDataStreams: C:\Users\Public\DRM:احتضان
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17 268464]
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
ano system je legalny. to s tym skriptom urobim zajtra pretoze teraz nie som pri tom PC.
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Nechsapaci
Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Martin at 2015-06-08 19:47:03 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.quarantine
AlternateDataStreams: C:\Users\Public\DRM:احتضان
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17 268464]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.quarantine" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.quarantine" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.quarantine" ADS removed successfully.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.metadatakMDItemDownloadedDate" ADS not found.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.metadatakMDItemWhereFroms" ADS not found.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.quarantine" ADS not found.
C:\Users\Public\DRM => ":احتضان" ADS removed successfully.
AdobeFlashPlayerUpdateSvc => Service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 843.3 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 19:47:15 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Martin at 2015-06-08 19:47:03 Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRST64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\FRSTLauncher.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\RSITx64.exe:com.apple.quarantine
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemDownloadedDate
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.metadatakMDItemWhereFroms
AlternateDataStreams: C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi:com.apple.quarantine
AlternateDataStreams: C:\Users\Public\DRM:احتضان
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17 268464]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1181200559-1570802832-3044720726-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\FRST64.exe => ":com.apple.quarantine" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\FRSTLauncher.exe => ":com.apple.quarantine" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.metadatakMDItemDownloadedDate" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.metadatakMDItemWhereFroms" ADS removed successfully.
C:\Users\Martin\Desktop\RSITx64.exe => ":com.apple.quarantine" ADS removed successfully.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.metadatakMDItemDownloadedDate" ADS not found.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.metadatakMDItemWhereFroms" ADS not found.
"C:\Users\Martin\Desktop\synergy-v1.7.3-stable-efd0108-Windows-x64.msi" => ":com.apple.quarantine" ADS not found.
C:\Users\Public\DRM => ":احتضان" ADS removed successfully.
AdobeFlashPlayerUpdateSvc => Service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 843.3 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 19:47:15 ====
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc. Nastala nejaka zmena?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Delfix som stiahol a spustil. CCleaner takisto, vykonal to co ste kazali. Vsetko som spustal ako administrato. Disky som nedefragmentoval pretoze mam len 1 a aj to SSD.
Moje problemy vsak bohuzial pretrvavaju. Su este dalsie kroky, ktore mozeme vykonat?
Moje problemy vsak bohuzial pretrvavaju. Su este dalsie kroky, ktore mozeme vykonat?
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
Márty84 píše:
Postupujte podle navodu kolegy
vyosek píše:
- Kliknete na volbu Change parametrs
- V okne Additional Option zakliknete vsechny moznosti
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
prepacte, nudzovy rezim som neskusal este, dnes vecer vyskusam a dam vediet. s inou klavesnicou to robi takisto, to bolo hned prve co som skusil, zabudol som vsak odpovedat na vasu otazku.
Vecer urobim aj tie ostatne postupy
Vecer urobim aj tie ostatne postupy
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: mozny virus (keylogger) - nezvycajne spravanie kalvesnic
prepacte ze az teraz ale skor sa mi nedalo. Skusal som nudzovy rezim a tam sa deje to iste, myslim to, ze nejde updatovat Malwarebyte's. Ten problem s klavesnicou som zatial nemal, ani v Safe Mode ani normalne, takze neviem co sa stalo, ze preco to zrazu prestalo.
Malwarebytes Anti-Rootkit neobjavil ziadny nalez.
Prikladam TDSSKiller log
Malwarebytes Anti-Rootkit neobjavil ziadny nalez.
Prikladam TDSSKiller log
- Přílohy
-
- TDSSKiller.3.0.0.44_12.06.2015_22.46.22_log.txt.zip
- (48.04 KiB) Staženo 68 x
Přispějete na provoz fóra?