prosím o kontrolu logu

Zpráva

dankaTra · #1 Příspěvek od **dankaTra** » 18 čer 2016 15:59

Ahoj,
kamarát mi bez môjho vedomia stiahol z cénetu nejaký aktualizátor driverov, ale viem z minulosti, že ten web má problémy s malwarom. S počítačom sa zatial nič divné nedeje, ale nemám z toho dobrý pocit a prosím o kontrolu logu:
Veľmi dakujem, D

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2016-06-18 16:49:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (41%) free of 110 GB
Total RAM: 8053 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:22, on 18. 6. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Sound Blaster X-Fi MB 3] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Network Manager.lnk = ?
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9852 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\diMaster.dll" /prefetch:1
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\servicing\TrustedInstaller.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe" /c /a /s UserSession
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe" -minimize
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe" /r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\sppsvc.exe
"C:\Users\user\Desktop\RSITx64.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\x9yuzxpb.default

prefs.js - "browser.startup.homepage" - "about:home"

"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon\

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-07-07 8497368]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2013-07-03 38528]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2016-02-26 797328]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"Sound Blaster X-Fi MB 3"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2015-06-12 2112512]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-02-17 296216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Network Manager.lnk - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-17 22:41:31 ----D---- C:\Windows\IObit
2016-06-17 22:41:31 ----D---- C:\ProgramData\ProductData
2016-06-17 22:41:31 ----D---- C:\ProgramData\IObit
2016-06-17 22:41:29 ----D---- C:\Users\user\AppData\Roaming\IObit
2016-06-17 22:41:29 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-06-17 22:35:47 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-17 22:35:27 ----A---- C:\Windows\gdrv.sys
2016-06-17 22:34:37 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2016-06-17 22:34:30 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2016-06-17 22:34:30 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2016-06-17 22:33:48 ----D---- C:\ProgramData\Qualcomm
2016-06-17 22:33:33 ----D---- C:\Program Files\Qualcomm Atheros
2016-06-17 22:33:31 ----D---- C:\ProgramData\Downloaded Installations
2016-06-17 22:33:10 ----N---- C:\Windows\Updreg.EXE
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\ResDefA.exe
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\MBCfgUninstall32.ini
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\MBCfg32.ini
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\MBCfg32.exe
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\MBCfg32.dll
2016-06-17 22:33:06 ----N---- C:\Windows\SYSWOW64\ChezSC32.DLL
2016-06-17 22:33:06 ----N---- C:\Windows\system32\MBCfgUninstall64.ini
2016-06-17 22:33:06 ----N---- C:\Windows\system32\MBCfg64.ini
2016-06-17 22:33:06 ----N---- C:\Windows\system32\MBCfg64.exe
2016-06-17 22:33:06 ----N---- C:\Windows\system32\MBCfg64.dll
2016-06-17 22:33:06 ----N---- C:\Windows\system32\ChezSC64.DLL
2016-06-17 22:33:06 ----N---- C:\Windows\MBCfg_SP_APOIM.ini
2016-06-17 22:33:06 ----N---- C:\Windows\MBCfg_HP_APOIM.ini
2016-06-17 22:33:06 ----N---- C:\Windows\MBCfg_Capture_APOIM.ini
2016-06-17 22:33:06 ----N---- C:\Windows\MBCfg_APOIM.ini
2016-06-17 22:33:04 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2016-06-17 22:33:04 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2016-06-17 22:33:04 ----A---- C:\Windows\system32\CmdRtr64.DLL
2016-06-17 22:33:04 ----A---- C:\Windows\system32\APOMgr64.DLL
2016-06-17 22:33:02 ----RA---- C:\Windows\SYSWOW64\tmpEDD8.tmp
2016-06-17 22:32:59 ----N---- C:\Windows\SYSWOW64\Sens_oal.dll
2016-06-17 22:32:59 ----N---- C:\Windows\system32\Sens_oal.dll
2016-06-17 22:32:38 ----D---- C:\Program Files\Creative
2016-06-17 22:32:18 ----D---- C:\Program Files (x86)\Creative
2016-06-17 22:31:33 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-06-17 22:31:12 ----D---- C:\Windows\SYSWOW64\NV
2016-06-17 22:31:12 ----D---- C:\Windows\system32\NV
2016-06-17 22:30:27 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-06-17 22:30:27 ----D---- C:\Program Files\Realtek
2016-06-17 22:30:17 ----A---- C:\Windows\system32\drivers\MBfilt64.sys
2016-06-17 22:30:13 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-06-17 22:30:13 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-06-17 22:30:13 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-06-17 22:30:13 ----A---- C:\Windows\system32\SRSHP64.dll
2016-06-17 22:30:11 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-06-17 22:30:09 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2016-06-17 22:30:09 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-06-17 22:30:08 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-06-17 22:30:08 ----A---- C:\Windows\system32\RtkApi64.dll
2016-06-17 22:30:07 ----A---- C:\Windows\system32\RTCOM64.dll
2016-06-17 22:30:07 ----A---- C:\Windows\system32\RltkAPO64.dll
2016-06-17 22:30:05 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-06-17 22:30:04 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-06-17 22:30:04 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-06-17 22:30:04 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-06-17 22:30:04 ----A---- C:\Windows\system32\RTEED64A.dll
2016-06-17 22:29:56 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-06-17 22:29:56 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-06-17 22:29:56 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-06-17 22:29:56 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-06-17 22:29:20 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-17 22:29:18 ----A---- C:\Windows\system32\MBWrp64.dll
2016-06-17 22:29:18 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-17 22:29:17 ----A---- C:\Windows\SYSWOW64\MBAPO232.dll
2016-06-17 22:29:17 ----A---- C:\Windows\system32\MBAPO264.dll
2016-06-17 22:29:09 ----A---- C:\Windows\system32\FMAPO64.dll
2016-06-17 22:28:58 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-17 22:28:56 ----A---- C:\Windows\system32\AERTAR64.dll
2016-06-17 22:28:56 ----A---- C:\Windows\system32\AERTAC64.dll
2016-06-17 22:28:49 ----HD---- C:\Program Files (x86)\Temp
2016-06-17 22:28:47 ----R---- C:\Windows\RtlExUpd.dll
2016-06-17 22:28:41 ----D---- C:\Program Files\Intel
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igdumdim32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igdmd32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igd11dxva32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igd10iumd32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\SYSWOW64\igd10idpp32.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\IntelOpenCL64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\iglhsip64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxTray.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxLHMLibv2_0.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxLHMLib.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxHK.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxexps.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxEMLib.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxEM.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxDTCM.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxDILib.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxDI.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxDHLib.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxDH.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxCUIService.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxcmrt64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfxcmjit64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igdumdim64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igdmd64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igdde64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igd11dxva64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igd10iumd64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\igd10idpp64.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\Gfxv4_0.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\Gfxv2_0.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\GfxResources.dll
2016-06-17 22:28:37 ----A---- C:\Windows\system32\DPTopologyApp.exe
2016-06-17 22:28:37 ----A---- C:\Windows\system32\difx64.exe
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\IntelOpenCL32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\igdusc32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\igdrcl32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\igdfcl32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\igdbcl32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\igdail32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\SYSWOW64\ig75icd32.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\iglhcp64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxOSP.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxLHM.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxext.exe
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxEMLibv2_0.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxDILibv2_0.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxDHLibv2_0.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxCUIServicePS.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igfxCoIn_v4264.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igdusc64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igdrcl64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igdfcl64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igdbcl64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\igdail64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\ig75icd64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2016-06-17 22:28:36 ----A---- C:\Windows\system32\GfxUIEx.exe
2016-06-17 22:28:36 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2016-06-17 22:28:36 ----A---- C:\Windows\system32\DPTopologyAppv2_0.exe
2016-06-17 22:27:30 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2016-06-17 22:27:14 ----D---- C:\ProgramData\Intel
2016-06-10 01:39:28 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2016-06-18 21:22:29 ----D---- C:\Windows\system32\config
2016-06-18 21:02:04 ----D---- C:\Windows\Temp
2016-06-18 20:53:49 ----D---- C:\Windows\Microsoft.NET
2016-06-18 19:47:41 ----D---- C:\Windows
2016-06-18 19:47:41 ----A---- C:\Windows\Sandboxie.ini
2016-06-18 19:35:57 ----D---- C:\Windows\System32
2016-06-18 19:35:57 ----D---- C:\Windows\inf
2016-06-18 19:35:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-18 19:30:03 ----D---- C:\ProgramData\NVIDIA
2016-06-18 19:29:50 ----SHD---- C:\System Volume Information
2016-06-18 16:49:22 ----D---- C:\Program Files\trend micro
2016-06-17 22:42:47 ----RD---- C:\Program Files (x86)
2016-06-17 22:42:46 ----D---- C:\Windows\system32\Tasks
2016-06-17 22:41:31 ----HD---- C:\ProgramData
2016-06-17 22:41:29 ----D---- C:\Windows\SYSWOW64\drivers
2016-06-17 22:35:24 ----D---- C:\Program Files (x86)\Intel
2016-06-17 22:35:00 ----D---- C:\Windows\system32\drivers
2016-06-17 22:35:00 ----D---- C:\Windows\system32\catroot
2016-06-17 22:34:38 ----D---- C:\Windows\system32\catroot2
2016-06-17 22:34:37 ----D---- C:\Windows\system32\DriverStore
2016-06-17 22:34:25 ----SHD---- C:\Windows\Installer
2016-06-17 22:34:24 ----D---- C:\Windows\SysWOW64
2016-06-17 22:34:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-06-17 22:34:09 ----RSD---- C:\Windows\assembly
2016-06-17 22:33:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-06-17 22:33:33 ----RD---- C:\Program Files
2016-06-17 22:33:02 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2016-06-17 22:33:02 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2016-06-17 22:33:02 ----A---- C:\Windows\system32\wrap_oal.dll
2016-06-17 22:33:02 ----A---- C:\Windows\system32\OpenAL32.dll
2016-06-17 22:32:52 ----D---- C:\Program Files (x86)\Common Files
2016-06-17 22:31:52 ----A---- C:\Windows\GSetup.ini
2016-06-17 22:31:33 ----D---- C:\Intel
2016-06-17 22:28:55 ----D---- C:\Program Files (x86)\Realtek
2016-06-17 22:28:48 ----D---- C:\Windows\Logs
2016-06-17 22:27:05 ----D---- C:\Windows\SoftwareDistribution
2016-06-17 20:23:36 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-10 01:41:44 ----D---- C:\ProgramData\Microsoft Help
2016-05-27 01:51:42 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-27 01:51:42 ----SD---- C:\Windows\system32\GWX
2016-05-27 01:51:42 ----D---- C:\Windows\winsxs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-02-09 555032]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-06-23 1455552]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-06-23 31144]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2015-02-17 22800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\system32\drivers\NISx64\1606000.08E\SYMEFASI64.SYS [2016-02-24 1621232]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-02-13 67888]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160613.001\BHDrvx64.sys [2016-05-13 1832176]
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1606000.08E\ccSetx64.sys [2015-09-24 173808]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2016-05-04 497392]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-17 27552]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160617.001\IDSvia64.sys [2016-05-25 876248]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1606000.08E\SRTSP64.SYS [2016-02-24 928504]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1606000.08E\SRTSPX64.SYS [2015-09-24 50936]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1606000.08E\Ironx64.SYS [2016-02-24 295664]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1606000.08E\SYMNETS.SYS [2016-02-24 577768]
R3 cmudaxp;ASUS Xonar Essence STX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-05-04 156912]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2016-06-18 25640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-10 4918008]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-10 460048]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-02-17 390416]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-02-17 799504]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-07-07 178976]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160617.016\ENG64.SYS [2016-05-17 138456]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160617.016\EX64.SYS [2016-05-17 2148056]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2016-02-26 204944]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2016-01-10 111344]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2016-05-07 30528]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2012-11-02 50856]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-09-14 406016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-10 344168]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe [2016-02-26 289080]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-08-08 343040]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2016-02-26 187024]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-10 279144]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2016-06-17 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2016-06-17 79360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-07 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 18 čer 2016 21:47

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

dankaTra · #3 Příspěvek od **dankaTra** » 19 čer 2016 12:02

Zdravím,
tu sú tie logy:

# AdwCleaner v5.200 - Log vytvorený 19/06/2016 v 00:05:58
# Aktualizované 14/06/2016 by ToolsLib
# Databáza : 2016-06-17.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (X64)
# Užívateľské meno : user - USERPC
# Spustené z : C:\Users\user\Desktop\adwcleaner_5.200.exe
# Nastavenie : Skenovať
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Priečinky ] *****

***** [ Súbory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupcovia ] *****

***** [ Naplánované úlohy ] *****

***** [ Registre ] *****

***** [ Webové prehliadače ] *****

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [691 bajtov] - [19/06/2016 00:05:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [764 bajtov] ##########

a ten druhý:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19. 6. 2016
Čas skenování: 0:10
Protokol: mbabm16.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.18.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: user

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 730191
Uplynulý čas: 1 hod, 12 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#4 Příspěvek od **Márty84** » 19 čer 2016 12:30

Toto je ciste

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

dankaTra · #5 Příspěvek od **dankaTra** » 19 čer 2016 16:14

Zdravím, posielam log FRST, Launcher sa mi nepodarilo...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2016
Ran by user (administrator) on USERPC (19-06-2016 16:48:54)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user & UpdatusUser & Pavol & Darina & Sandy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\nis.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\nis.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112512 2015-06-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-02-17] (Intel Corporation)
HKU\S-1-5-21-4014338055-4150777085-4270223323-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-4014338055-4150777085-4270223323-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-02-26] (Sandboxie Holdings, LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-06-17]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Sandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Obrazovková spinka a spúšťač programu OneNote 2010.lnk [2015-10-14]
ShortcutTarget: Obrazovková spinka a spúšťač programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{2662A335-A325-4A57-B3C3-21F0ACF2621A}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{B3262322-C0BE-4068-BC47-5F48B0240D54}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4014338055-4150777085-4270223323-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\x9yuzxpb.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-04-02] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-04-02] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon [2016-03-19]
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-06-17] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-06-17] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
S2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-08-10] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe [289080 2016-02-26] (Symantec Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187024 2016-02-26] (Sandboxie Holdings, LLC)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160613.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-05-07] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-17] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-23] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160617.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160619.002\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160619.002\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-02-26] (Sandboxie Holdings, LLC)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-01-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-19 16:48 - 2016-06-19 16:48 - 00016123 _____ C:\Users\user\Desktop\FRST.txt
2016-06-19 16:48 - 2016-06-19 16:48 - 00000000 ____D C:\FRST
2016-06-19 16:41 - 2016-06-19 16:41 - 02387456 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2016-06-19 00:08 - 2016-06-19 00:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-19 00:08 - 2016-06-19 00:08 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-19 00:08 - 2016-06-19 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-19 00:08 - 2016-06-19 00:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-19 00:08 - 2016-06-19 00:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-19 00:08 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-19 00:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-19 00:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-19 00:05 - 2016-06-19 00:05 - 00000000 ____D C:\AdwCleaner
2016-06-19 00:00 - 2016-06-19 00:00 - 03703360 _____ C:\Users\user\Desktop\adwcleaner_5.200.exe
2016-06-18 22:23 - 2016-06-18 22:23 - 22851472 _____ (Malwarebytes ) C:\Users\user\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-18 16:41 - 2016-06-18 16:41 - 01222144 _____ C:\Users\user\Desktop\RSITx64.exe
2016-06-17 23:32 - 2016-06-17 23:32 - 00000000 __SHD C:\Users\Pavol\IntelGraphicsProfiles
2016-06-17 23:32 - 2016-03-04 11:50 - 00000882 _____ C:\Users\Pavol\Desktop\Sandbox webový prohlížeč.lnk
2016-06-17 22:46 - 2016-06-19 12:51 - 00000000 __SHD C:\Users\Sandy\IntelGraphicsProfiles
2016-06-17 22:43 - 2016-06-17 22:43 - 00084976 _____ (Gibson Research Corp., Laguna Niguel, California, USA.) C:\Users\user\Downloads\never10.exe
2016-06-17 22:41 - 2016-06-17 22:41 - 15853632 _____ (IObit ) C:\Users\user\Downloads\driver_booster_setup_cnet.exe
2016-06-17 22:41 - 2016-06-17 22:41 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-06-17 22:41 - 2016-06-17 22:41 - 00002868 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (user)
2016-06-17 22:41 - 2016-06-17 22:41 - 00000000 ____D C:\Windows\IObit
2016-06-17 22:41 - 2016-06-17 22:41 - 00000000 ____D C:\Users\user\AppData\Roaming\IObit
2016-06-17 22:41 - 2016-06-17 22:41 - 00000000 ____D C:\Users\user\AppData\LocalLow\IObit
2016-06-17 22:41 - 2016-06-17 22:41 - 00000000 ____D C:\ProgramData\ProductData
2016-06-17 22:41 - 2016-06-17 22:41 - 00000000 ____D C:\ProgramData\IObit
2016-06-17 22:35 - 2016-06-19 12:51 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-06-17 22:35 - 2016-06-17 22:35 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-17 22:34 - 2016-06-17 22:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-17 22:34 - 2016-06-17 22:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2016-06-17 22:34 - 2015-02-17 08:53 - 00799504 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2016-06-17 22:34 - 2015-02-17 08:53 - 00390416 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2016-06-17 22:34 - 2015-02-17 08:53 - 00022800 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2016-06-17 22:33 - 2016-06-17 22:33 - 00002783 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2016-06-17 22:33 - 2016-06-17 22:33 - 00000159 ___RH C:\Windows\ctfile.rfc
2016-06-17 22:33 - 2016-06-17 22:33 - 00000000 ____D C:\ProgramData\Qualcomm
2016-06-17 22:33 - 2016-06-17 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2016-06-17 22:33 - 2016-06-17 22:33 - 00000000 ____D C:\ProgramData\Downloaded Installations
2016-06-17 22:33 - 2016-06-17 22:33 - 00000000 ____D C:\Program Files\Qualcomm Atheros
2016-06-17 22:33 - 2015-05-29 17:57 - 00089600 _____ C:\Windows\system32\CmdRtr64.DLL
2016-06-17 22:33 - 2015-05-29 17:56 - 00366080 _____ C:\Windows\system32\APOMgr64.DLL
2016-06-17 22:33 - 2015-05-29 17:56 - 00074240 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2016-06-17 22:33 - 2015-05-29 17:54 - 00274944 _____ C:\Windows\SysWOW64\APOMngr.DLL
2016-06-17 22:33 - 2013-07-03 14:11 - 00038528 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.dll
2016-06-17 22:33 - 2013-07-03 14:11 - 00035456 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.dll
2016-06-17 22:33 - 2013-04-23 10:54 - 00332928 ____N (Creative Technology Ltd.) C:\Windows\system32\ChezSC64.DLL
2016-06-17 22:33 - 2013-04-23 10:54 - 00288896 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ChezSC32.DLL
2016-06-17 22:33 - 2013-04-23 10:54 - 00148096 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.exe
2016-06-17 22:33 - 2013-04-23 10:53 - 00138880 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.exe
2016-06-17 22:33 - 2013-04-23 10:53 - 00015488 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ResDefA.exe
2016-06-17 22:33 - 2013-03-26 10:43 - 00004914 ____N C:\Windows\MBCfg_SP_APOIM.ini
2016-06-17 22:33 - 2013-03-26 10:43 - 00004862 ____N C:\Windows\MBCfg_APOIM.ini
2016-06-17 22:33 - 2013-03-26 10:43 - 00004821 ____N C:\Windows\MBCfg_HP_APOIM.ini
2016-06-17 22:33 - 2013-03-26 10:43 - 00001165 ____N C:\Windows\MBCfg_Capture_APOIM.ini
2016-06-17 22:33 - 2013-03-26 10:42 - 00013194 ____N C:\Windows\SysWOW64\MBCfg32.ini
2016-06-17 22:33 - 2013-03-26 10:42 - 00013194 ____N C:\Windows\system32\MBCfg64.ini
2016-06-17 22:33 - 2013-01-08 10:13 - 00006968 ____N C:\Windows\system32\MBCfgUninstall64.ini
2016-06-17 22:33 - 2013-01-08 10:12 - 00006968 ____N C:\Windows\SysWOW64\MBCfgUninstall32.ini
2016-06-17 22:33 - 2009-12-24 04:49 - 00809560 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpEDD8.tmp
2016-06-17 22:33 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2016-06-17 22:32 - 2016-06-17 22:33 - 00000000 ____D C:\Program Files (x86)\Creative
2016-06-17 22:32 - 2016-06-17 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-06-17 22:32 - 2016-06-17 22:32 - 00000000 ____D C:\Program Files\Creative
2016-06-17 22:32 - 2013-03-27 11:59 - 01903104 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2016-06-17 22:32 - 2013-03-27 11:56 - 02906589 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2016-06-17 22:31 - 2016-06-19 16:45 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles
2016-06-17 22:31 - 2016-06-17 22:31 - 00018702 _____ C:\Windows\system32\results.xml
2016-06-17 22:31 - 2016-06-17 22:31 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-06-17 22:31 - 2016-06-17 22:31 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-17 22:31 - 2016-06-17 22:31 - 00000000 ____D C:\Windows\system32\NV
2016-06-17 22:30 - 2016-06-17 22:30 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-17 22:30 - 2016-06-17 22:30 - 00000000 ____D C:\Program Files\Realtek
2016-06-17 22:30 - 2015-07-07 13:13 - 04514008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-17 22:30 - 2015-07-06 10:05 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-17 22:30 - 2015-06-30 10:04 - 00184688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-17 22:30 - 2015-06-26 14:10 - 01310936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-17 22:30 - 2015-06-22 08:43 - 02702552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-17 22:30 - 2015-06-17 08:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-17 22:30 - 2015-05-15 13:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-17 22:30 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-17 22:30 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-17 22:30 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-17 22:30 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-17 22:30 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-17 22:30 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-17 22:30 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-17 22:30 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-17 22:30 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-17 22:30 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-17 22:30 - 2009-11-18 01:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2016-06-17 22:29 - 2015-07-07 09:54 - 35222128 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-17 22:29 - 2015-07-01 12:18 - 01749208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-17 22:29 - 2015-06-25 09:21 - 01949952 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2016-06-17 22:29 - 2015-06-25 09:21 - 01718528 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2016-06-17 22:29 - 2015-05-25 09:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-17 22:29 - 2014-04-10 06:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-17 22:29 - 2014-01-08 09:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2016-06-17 22:29 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-17 22:29 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-17 22:29 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-17 22:28 - 2016-06-17 22:34 - 00000000 ____D C:\Program Files\Intel
2016-06-17 22:28 - 2016-06-17 22:30 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-17 22:28 - 2016-06-17 22:28 - 00000704 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2016-06-17 22:28 - 2015-08-10 11:45 - 24849272 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 24049992 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 17807680 _____ C:\Windows\system32\igd11dxva64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 17331296 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 15981056 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 10851840 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 09551872 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 09426536 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 08637056 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 07519744 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 06725162 _____ C:\Windows\system32\igdclbif.bin
2016-06-17 22:28 - 2015-08-10 11:45 - 06189288 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 04918008 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-17 22:28 - 2015-08-10 11:45 - 04876008 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 03590656 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 03325440 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-17 22:28 - 2015-08-10 11:45 - 02039808 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01402336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01399240 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01370624 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01277736 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01064448 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 01036904 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 01033832 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 01020176 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00698880 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00641530 _____ C:\Windows\system32\FilmModeDetection.wmv
2016-06-17 22:28 - 2015-08-10 11:45 - 00624128 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00448104 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00425472 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00403671 _____ C:\Windows\system32\ImageStabilization.wmv
2016-06-17 22:28 - 2015-08-10 11:45 - 00393320 _____ C:\Windows\system32\igfxTray.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00385024 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00375173 _____ C:\Windows\system32\ColorImageEnhancement.wmv
2016-06-17 22:28 - 2015-08-10 11:45 - 00374272 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00344168 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00339048 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00338536 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00313448 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00282696 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00279144 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00263120 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00256000 _____ C:\Windows\system32\igfxCPL.cpl
2016-06-17 22:28 - 2015-08-10 11:45 - 00248424 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00231424 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00218728 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00214016 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00213192 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00192000 _____ C:\Windows\system32\igdde64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00183296 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4264.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00179200 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00178672 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00169984 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00156264 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-17 22:28 - 2015-08-10 11:45 - 00153088 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00152064 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00086528 _____ C:\Windows\system32\igfxCUIServicePS.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00073728 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00060928 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00036616 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00011264 _____ ( ) C:\Windows\system32\igfxDILib.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2016-06-17 22:28 - 2015-08-10 11:45 - 00004040 _____ C:\Windows\system32\iglhxs64.vp
2016-06-17 22:28 - 2015-08-10 11:45 - 00000935 _____ C:\Windows\system32\Gfxv4_0.exe.config
2016-06-17 22:28 - 2015-08-10 11:45 - 00000935 _____ C:\Windows\system32\DPTopologyApp.exe.config
2016-06-17 22:28 - 2015-08-10 11:45 - 00000895 _____ C:\Windows\system32\Gfxv2_0.exe.config
2016-06-17 22:28 - 2015-08-10 11:45 - 00000895 _____ C:\Windows\system32\DPTopologyAppv2_0.exe.config
2016-06-17 22:28 - 2015-06-08 10:13 - 02825944 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-06-17 22:28 - 2014-06-09 04:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-17 22:28 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-17 22:28 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-17 22:27 - 2016-06-17 22:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-17 22:27 - 2016-06-17 22:27 - 00000000 ____D C:\Users\user\Intel
2016-06-17 22:27 - 2016-06-17 22:27 - 00000000 ____D C:\ProgramData\Intel
2016-06-17 22:27 - 2015-08-10 11:45 - 00460048 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-17 21:32 - 2016-06-17 21:32 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-19 12:59 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-19 12:59 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-19 12:57 - 2009-07-14 07:13 - 00784366 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-19 12:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-19 12:51 - 2012-04-03 10:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-19 12:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 19:47 - 2012-04-06 22:04 - 00005204 _____ C:\Windows\Sandboxie.ini
2016-06-18 16:49 - 2012-11-19 00:43 - 00000000 ____D C:\Program Files\trend micro
2016-06-17 23:32 - 2012-04-03 19:58 - 00087032 _____ C:\Users\Pavol\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-17 23:32 - 2012-04-03 19:57 - 00000000 ____D C:\Users\Pavol
2016-06-17 22:58 - 2015-07-31 10:57 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-06-17 22:46 - 2012-04-06 21:46 - 00000000 ____D C:\Users\Sandy
2016-06-17 22:35 - 2012-04-03 09:46 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-17 22:34 - 2014-01-30 02:48 - 00791348 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-17 22:33 - 2012-04-03 19:07 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-06-17 22:33 - 2012-04-03 19:07 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-06-17 22:33 - 2012-04-03 19:07 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-06-17 22:33 - 2012-04-03 19:07 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-06-17 22:33 - 2012-04-03 09:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-17 22:31 - 2012-04-03 09:46 - 00000000 ____D C:\Intel
2016-06-17 22:31 - 2012-04-03 09:43 - 00000010 _____ C:\Windows\GSetup.ini
2016-06-17 22:28 - 2012-04-03 09:47 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-06-17 20:23 - 2012-04-03 10:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-10 01:38 - 2012-11-11 05:22 - 00000000 ____D C:\Users\Sandy\AppData\Roaming\foobar2000
2016-06-09 12:01 - 2014-04-04 10:46 - 00000000 ____D C:\Users\Sandy\AppData\Roaming\vlc
2016-06-02 01:21 - 2015-08-09 20:32 - 00000000 ____D C:\Users\Sandy\Documents\fotowall
2016-05-27 01:51 - 2015-04-05 02:41 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 01:51 - 2015-04-05 02:41 - 00000000 ___SD C:\Windows\system32\GWX

Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-18 21:15

==================== End of FRST.txt ============================

dakujem, D.

#6 Příspěvek od **Márty84** » 20 čer 2016 10:53

Napiste mi velikost adresare plochy (C:\Users\user\Plocha)

Najdete tento soubor C:\Windows\UpdReg.EXE a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.

dankaTra · #7 Příspěvek od **dankaTra** » 20 čer 2016 13:26

Zdravím,
veľkosť plochy je 88,5 MB.

Súbor som otestovala na jotti:
Name: Updreg.EXE
Size: 88kB (90,112 bytes)
Type: PE32 executable (GUI) Intel 80386, for MS Windows
First seen: November 5, 2011 at 2:38:42 PM GMT+1
MD5: c419df63e0121d72411285780c2fc6cc
SHA1: 1b9682064bc79c310c7b253d0cef2f4fa440a80d
Status: Scan finished. 0/19 scanners reported malware.
Scan taken on: April 15, 2016 at 12:28:55 AM GMT+2

a potom na virustotal:
File already analysed

This file was last analysed by VirusTotal on 2016-06-19 08:31:15 UTC (1 den, 3 hodiny ago) it was first analysed by VirusTotal on 2009-02-21 03:38:18 UTC.

Detection ratio: 0/55

You can take a look at the last analysis or analyse it again now.

ďakujem, D.

#8 Příspěvek od **Márty84** » 20 čer 2016 18:07

Podle data se ale netestoval ten vas soubor, tohle jsou vysledky od nekoho jineho, kdo testoval soubor se stejnym nazvem

dankaTra · #9 Příspěvek od **dankaTra** » 20 čer 2016 19:33

Ospravedlňujem sa, tieto weby som použila prvý krát, tak znova som dala skontrolovať skutočne ten môj súbor:
jotti:
Updreg.EXE
Name: Updreg.EXE
Size: 88kB (90,112 bytes)
Type: PE32 executable (GUI) Intel 80386, for MS Windows
First seen: November 5, 2011 at 2:38:42 PM GMT+1
MD5: c419df63e0121d72411285780c2fc6cc
SHA1: 1b9682064bc79c310c7b253d0cef2f4fa440a80d
Status: Scan finished. 0/20 scanners reported malware.
Scan taken on: June 20, 2016 at 8:14:19 PM GMT+2

virustotal:
SHA256: f47f854d327c589d174d3bb5b55d5c05f5aca73df52a6bef47596b9010190291
File name: Updreg.EXE
Detection ratio: 0 / 54
Analysis date: 2016-06-20 18:17:28 UTC ( 3 minuty ago )
Probably harmless! There are strong indicators suggesting that this file is safe to use.

Je to už dobre? Ďakujem. D.

#10 Příspěvek od **Márty84** » 21 čer 2016 18:59

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

dankaTra · #11 Příspěvek od **dankaTra** » 23 čer 2016 13:44

Zdravím,
vykonané, tu je ten fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by user (2016-06-23 14:26:01) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user & UpdatusUser & Pavol & Darina & Sandy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52251870 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 195371 B
Edge => 0 B
Chrome => 0 B
Firefox => 46125849 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 45681 B
systemprofile32 => 70650 B
LocalService => 66228 B
NetworkService => 69980 B
user => 4087764 B
UpdatusUser => 0 B
Pavol => 715322 B
Darina => 162201 B
Sandy => 8813398 B

RecycleBin => 2596984 B
EmptyTemp: => 109.9 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:26:07 ====

#12 Příspěvek od **Márty84** » 23 čer 2016 20:07

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

dankaTra · #13 Příspěvek od **dankaTra** » 29 čer 2016 22:56

Zdravím,
Urobila som, čo ste napísali a sledovala PC, chová sa normálne, takže vyzerá že je všetko OK.
Ďakujem veľmi pekne, prajem všetko dobré, D.

#14 Příspěvek od **Márty84** » 30 čer 2016 02:40

Nemate vubec zac!

Mejte se krasne a treba zase nekdy

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu