Logfile of random's system information tool 1.10 (written by random/random)
Run by sef at 2014-12-11 09:39:31
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 15 GB (13%) free of 122 GB
Total RAM: 8139 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:39:48, on 11.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
E:\Program Files (x86)\TPUCapture\TPUCapture.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sef.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daum.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 - {11111111-1111-1111-1111-110611341129} - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
O2 - BHO: 2142d562cda342799c74bac15bb026030068153 - {11111111-1111-1111-1111-110611811153} - C:\Program Files (x86)\Sense\Sense-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "E:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCEnhancer] C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe /AUTO
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1463186153-2632091326-3034755131-500\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background (User 'Administrator')
O4 - HKUS\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-82-1036420768-1044797643-1061213386-2937092688-4282445334\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - Startup: TPUCapture.lnk = E:\Program Files (x86)\TPUCapture\TPUCapture.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: NameServer = 208.67.222.222,208.67.220.220
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - e:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PST Service - Unknown owner - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 9131 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"e:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\System32\svchost.exe -k LPDService
"C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"taskhost.exe"
taskeng.exe {FF0E207E-8386-492E-91A4-B02B0317E842}
taskeng.exe {57726FB3-EA96-4378-8D46-05A805D6DC22}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe" 001504 971F64B27F234AC0B6AAF2A9542B8569IE 63429 1417149375 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 SavePass 1.1
"C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe" /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='167904785' /bic=971F64B27F234AC0B6AAF2A9542B8569IE /verifier=6d03157a566d4768035584e8f611bb25 /installerversion=1_35_09_29 /installationtime=1417149375 /statsdomain=http://stats.newonlinedatastack.com /errorsdomain=http://errors.newonlinedatastack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newonlinedatastack.com /runfrom='task' /externallog=''
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"E:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe"
"E:\Program Files (x86)\TPUCapture\TPUCapture.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --newver
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
C:\Windows\explorer.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2416.0.49538135\2078440858" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.301.1013.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.1.529698009\639649112" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.3.1832840561\1526696552" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.4.2086127896\389876990" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.5.303117273\1189827045" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.6.179550522\1669668342" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.7.1881437686\2134994189" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.8.1243923220\1781124732" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.9.1349236475\2120228737" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.12.959790832\1733812321" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2416.14.439990625\957516847" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.16.1952414849\1426370979" /prefetch:673131151
"E:\Download\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/Prerender15minTTL/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2416.23.632390786\1773540195" /prefetch:673131151
======Scheduled tasks folder======
C:\Windows\tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe /rawdata=W7Y/C2U2mi1QcsgJG/5KPy4hbRuwHzyu5LRys9TEiBSuH6WgLTbvkA+krwa11jNe4EllbxPidd5P3CWj+VQZjOZTosLkGQFcz6pg8+Jit7Tuqist3I7TnxlTRhbgSQ3GxIu0uqwhE2FobSmKB3dXmwVsOshR+R05TVhnAfA2rLuwMLsUKZ4HDWS+XcFpxzN5tdb0ZSYmoRs9SBHCx9iK89j/pUfKyXxfrj97b1Rj5gzqzRp4d1W/k1/b2VxdlzV0cP+GpUjNYqj1GxxnaR31WyDchbD119I+DIO5nII8Z2fhUY87xwVLGEnjH9wImNjWoclb1AO3tobkQ4Q0Jw6eNYqcWz0VC2nFhwcfA0sqQiLaKl1KlPlO+32mZ1gAGR00atDBjY/ytr6JOIY2/fV0p6j3jxs6/k3yEbVHEKb1DB+UdRPXQ4QaDKqq5uxzNwryA4LtNoafCn9qWFxlyVKbbg5wYfA4qXuMsClV0T7J3R0wQRhOYgr8WFgqxBLOuImVUWO6wxrkQ21ZX7Z7h/b5E+uBpJbAZ60qA4Qwwmj8lyDx8BQallMb46uF490HJjDIt/ePwils45GCKYhIP5SEcSAl4/KS7U5UqrEFEJcvnYxm7BhV2YGkZzhrVjjIN43FR4ZW83o2iYoiAenu0ODDrQHt1uZvUmCbtI9lEiz7tQtrqKcDhs/E1pQOlUEOgImOolndDfCSt7PQRmAjinUYz7xhE/xQdtyyf84l5cpXxp8dCZ4bQ14YZ+ojfRO8PctvSjeyGX8T0ikr9BpY1WeDM5GyzzfS8+ciGpRNDMvRQC1sO2auLw8fwV74vKbKZk0mS/XtNxfj1TtqW0Hj5KVBzzDdGn85f1MuoNZoBz9KtAEWTzwyp29++sRz88N9ONzyujWUF/KVjN/vqfP2CfRSSbkOIi/EplbUj7zZ6D9k3Y8SoRk6JheY6QYigBM+/sjU+bUplO2K8UV+YHGiyU+BefDgGsQf0/DffPCHJbGtvuKOlDKZbrJg4gpnNbepYhDMXdG6PIHiyopNJgnqA7IsActbPUnBxYsqkdSlAopm2sL+IeEzZc76FyJOnVfEBscIwTV82iX8CowS7Hzs30iIJiZSA9eUOKAnFIoIpLtJ5TS81KJu1Jz2hFeeD0038HSGCTDNQRFgmpzdl6SS6vKbhcl3Ck+SfXnuSzxSJ77Uh0GM2uSx72Upc6YPgc/yqXavWJB8+NHhTUB3NwlnTAulPBFuey9N6ncX30dT41xsyJICf1f2RLen1UttdXrxGN6GmmUneit0tdtyGnP3jSvvQHdF4BMOsZvkiv8i53dj0RpPYGeSl9vqTEJRZS/ppUem6vXK6Mg/r5gAerPL5tN2A20ay5sj5derY1TmObzMeXaXQLXkeAatjOzVqcR7nrzqdckfvN6JVri0Ykz/8OuGK3RvwjzuvFFVEkgxnM3e2OPzDNblNja9N35voJ29pivpE+EQBoHBJN+Bp3yMB5BVO+f6Ou0gMzNrVMpawNLrVL02pnr+FVFe0Nw7ecen0xy1
C:\Windows\tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job - C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe /rawdata=IAyjVvt7e3YBICiB6iZ3mTRS0cHx8zfTkjcTKC0abFdubjBKtPTZGh0odGxvX6W3nHVd6Zy+vrYKRh3bo3LxMD4Rmc462L2QkBNkgC6Jnf2uj4SEq9OaS5GiIjSld1J1q5AhHibj9Lnj/UdQ/9XhzwSMBjbmZhLrOct6EvneH5q3Ay9XekxUjs9WUOMvS62gR+3sIgwnTr36EwI/E/OKzOKrWcevy/yM+LaL/LvfnX4D7VNYUXAn/4QcObA3vU8SaVygVl4cLkcw//XKR9WoLRPatBQJgHc31LLCeqBicXtjjDj936lgNNxkG+icCSiLAzKnKivecyrbCJfbwIzcxz6a86YCos6K48gKg+KAteOv0iRHaAT/i9NdFwRydmCufMYbLbERF5LC+wyZSTuXNhRpoofrU+iTI+jQLyT3pCogQHR9t/XIfNOpey73HB/N6w66v2FEcAinU725ylzgMXyGZZgvyi7ZxaPnMtBfojuQKWQvKeMw4gYu5Cy8Im1qmqIUTqgPuRRAsVNGKOQY1+mdSy0bsjT+mDcdkHUTxKwlf25+U3G9fJs98r/aNiojffdlg4bw9tp2zwOJsHsQQSiDoZgh791VDXALIbN92gz5zOiAangaqsJ2eTyOxBohXNH8jmyE9IrJ2vj9QOdKJrNZ4msUcmw2HwA1M2uEh5syl7ye98OxoXQjKdg8NY4N7WoHahTTUF5TC80SMQCygCp5jsR6JLmo2v5vcJD2ld0HmIWC8QeYXVQV55UU4U6GUZ/L977GTFybSwldIshIRUR479WIyu15a2XTbNi7lr7MjuXe2xgAITxD+IqEp//WZ15VmND2Wf8tq+u1bgJ/xBoUjJeu7vNJWYWvtRJn3rJd8qkBcWwQQ1gNkfgZF/hnll8Uu8/PXp8emq7HUnmnJ0nhdQ0K3BfE3QBXCxPEhdNpGQCo2L4HzNGDs3uOnisQCNpoeYylatz6h7BJVkaRJi4Q0zMHrT9iBmHQBiQD5/pzczRvE/k87U2ho2KnBEdugEIH0SfVAUNy10OsOhIRhFMm5TYw371IA3GoHFYvsB2PPTFbxvMgClTj9KH9hdZ8Fl/U6HJJBC6zgWy96G8h/DL+Y293HoUmSs/+dii2BUDbthWgXJNjpW7izWw3DPv611Iwsb8X6tIWXMbgvwxM2WtCI77tjpUYs0mp0zOMFVkpw7/7nRnGyUxVPp+OnS+8Nnnv1g+tzy1Hg0urymDVhrUATEp9gIEYA4thGZ6fvtrF8CsI1EICQjDGe7//T1VABET2XpxyrpJidetPomSdVUnlRRd9URXhqjCqN133souBt3pjrFjFhpPMCkinV6i4SkyZpYjWTuboCFdhM/UDOVyih3+lHQFDw06r9WWtakiiD53xir5Mu8OhiMsozlk/MxK1XPB9DhzSoWlHX69p6PSpyR8OJ7WnwcdFcm6YseVsCqb7chPosEuvxKIlS0MJziHfSz2lSlSkO/0PYwlj/9zGiCZRkFOuApmgrxLd60wjlaxebq7OHH/ZCNwkl6qUuV0EnuiSXX4shoISnXje4pgIxKkP0eEBnfoCScXN2sR0/foCSDp7LULrl3y8c7pYJ+mGYRhh9pYjNh0joTjrpjp2MnQKYBhuM/FKsas9vi+Td3forsw03c0PVN221GArr+ID06yxSx2bGFiHIHBDBuSYE9A6Pp05oRzhgwghxJ21lESczHHgPJRe82bkEG0TvSFC9A6W1iIeeViu5IIvZchwoNddAH6VrNqG/4SW8gqlhdWsZb2gLAWw8HUmtW9o7oSlSfvTQJVmg1GNWiT6/8rjCSEAn3spNkYncXitUlW6kg4uEF3Orsp7ZAWGXPTSggCGWcoy9lIqSJ2kaxToPAUfAj5JoHull51R6kqcua2BNAsek5gOtaCC0fuQQeQkt25DIK966ukv3wHLor7lHXhBMo0aI2HTGjfLu3ZH7DpsKEBcLtz3tbjsfYZx44/nnlQ6E2F3A08bYeeN19ccEBmhnjiVJIrr6FQTwNfc9s7AzhTo0zGdPrbupbjDiIRwoO7DpRKVBdMx0R/FQZJlZlN+PZJl5TzEeatyxcrFmT0FB+XhciHLU8+puJS0THzDVLoMUQpmFxFlsmTI4f6ukZeNsG5mQid7p1UVoNSfJqC6/ruyr5C8WMrkt7u7z8Fb0kjdXTRRwMUAmO95FeeeFSzRZvsyM7CbAAoLa8qFAxNPOxxg3RoMEdQ2MWzvv1rCQxU7dRQFZdMHMH8gpVGwQ0/RBdP4vx3T/JSsN2M9iCAWBjsNhJuScbwXFBezIAYOCwn/F1TR0MJzBHtGGOI2dh/qrbM/P1DQIb8DQd1qcHkWRc0desluznPr7cScFYBhngEZfWOAqpAD4oTir+Zxjw==
C:\Windows\tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job - C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe /rawdata=izA118TQ+apea9dHCUQbHW155alsfeFdToEmbh9gQkxh5osK5y1UAxRC9MLaoQ+ztqNul4Xcv0iqBjPg2nHXhQSQLjH1sW1kkroVoncyFxjxus9p9PX30UySNeiUZMB0LYr6QG06rx3sZNqZow0yrevPDdbsoJ7x1E3KaT/cfeTGXhKsQWHQGqEnx/R4yyfmz4LRXzrVMizoeqCg29yA2+Qri7KjM3Q5bXKUeICZ9dHx8JqyA6f9sEwrJ2mz2IoEk82yzUW+Yzi6BPGgygu5eMkiiHoaZubR0n9ZwrAhFwRLON7iq2PyKzqNUTKMKmxcwiA0l+THoG5lBm01F2W1s6GE4YiQ5HITLCBPo7f5OOilAwQcfZ3iPKrITfKG5/5iZqOFn/NeiBl2VJMYBtwyRR/fVTYjBjTh5vfaKyTND3XCFl52w7vZO6Hz7lXmPnbknfQlSURa4rhOOgSmN3p+j6+M4A3SP0pLHz8mxhTYC54JUmS0DQCkHcsnG/xhvvmDrT2hHt0mF5+JD8x1hLccE1M2a3BNqk1N9w0ypsINQQqGKa+bsXeweubLD4PtfFPp5EcUr2PNGNOvOdluVvTfejcTlsTrlobs+Jk8qhDDmMOr+6qAFS+N+WBPe+/87KOqCDuM5YLTpZ7YX1iOgBWMvowQzL9+e8VqU4yE2qKx03Ff+A2XyE6y6RJUAGXV4XLbxoj0AjzNFT1ZOk5f+pr7/ymYrOuGUkgVcuCMn9IvDZdqjhUcxic22MKT0q+GLECmYYSA2pl1+cMoHzclDbrVOxziNqGq6IjwkHtu4Frb/ImXFhNlKvxniYN8FMuUn6QN0JzFgJg742xtHzGwMN+O3Q==
C:\Windows\tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job - C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe /rawdata=aTEAQ5T2Uk6wAsXeadHw85VCIZL7Ye4KlgKhFzlaQzrYjv/AameQpszMWphOzuHq6S1bS4pGliXXkJwIeRqgWnYk9ajpyYmwYDjlRs+jnLNBC39Clgbr14L0pR2Dt+JU/AGrCuLLs9OXcAJzVFivZAS3kcsiqTcDO2N1WVPakrU1PdQtyyex4fi45eF7krVONrtaF3SgOGvURqhy82aGSQMQaCBHSePSiH3DMGFSWKzGIgG2vsemFYmvUKyAfe4HEy4wNNQ1ylDKKQvUYSetkQB6DCipmuf9QynL/LVPXQPj/rnZhru9INPlaYxO6xqEgn81RDHm8sioGSz2141raSryZQ8kAf5B2O6xayTloS9QC3A5x4TSXVYhtA8wocK4i8RNOIqo4477Vsz3XVzrU1IPPIGqOvu/8y9Xaf46lWTH/TtjdOJmKrjgkXkpwPlc5ipuQPFqJ5c5jJnoedoBnUTgNK9pSA1S/OKwfaRs8vnWaQVytQlB6H5jaFLaw2X2A6eKxXisyJy1hkDgA/E/0vde5fY/4vNWSph8TAqoLvIvBirGFRHkAYtq9Y7KQ5CrXABpXpLuVqNgv953y9r7VefuGY159KmSQXRoNoAjMe3ceYc27ZTyKR6Z7MpZkuCs5Pj9IvcLjOmBiHuwMRDhzhA3oVMbI9hEjIhWpoI/SLpj3HyUzWuZDgSMJ+nwVsz2EjMxwUR374HLmAdHVFuqK+5vFO6JfMAOS+i7Fmlgf2+5FVzuU8jBRUXvYbF8tIliY/Y9SbGGfkV3iRKuShTqnrczxjwgXvilPbamuOGTirNCW3z+GRuYqjTqgHMHwXKXTGB6L9dzDb4NH2P3tfS2ww1uiMuZlrjbxf3S+Snkm5pkssPjAxwhE4UMTNGow4SIFImZlSD2e7IfAShHDiZZZFsifw8Mes8K4JyzOQCt6U7KoRoY5edDtOcEioX4QAjBgJv4LwIBDD4a4vxtzcCKiYxMdpOju6oH125fIkbgI+ET1b/9LI8yCSXt4XBDTSyO
C:\Windows\tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job - C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe /rawdata=aTEAQ5T2Uk6wAsXeadHw85VCIZL7Ye4KlgKhFzlaQzrYjv/AameQpszMWphOzuHq6S1bS4pGliXXkJwIeRqgWnYk9ajpyYmwYDjlRs+jnLNBC39Clgbr14L0pR2Dt+JU/AGrCuLLs9OXcAJzVFivZAS3kcsiqTcDO2N1WVPakrU1PdQtyyex4fi45eF7krVONrtaF3SgOGvURqhy82aGSQMQaCBHSePSiH3DMGFSWKzGIgG2vsemFYmvUKyAfe4HEy4wNNQ1ylDKKQvUYSetkQB6DCipmuf9QynL/LVPXQPj/rnZhru9INPlaYxO6xqEgn81RDHm8sioGSz2141raSryZQ8kAf5B2O6xayTloS9QC3A5x4TSXVYhtA8wocK4i8RNOIqo4477Vsz3XVzrU1IPPIGqOvu/8y9Xaf46lWTH/TtjdOJmKrjgkXkpwPlc5ipuQPFqJ5c5jJnoedoBnUTgNK9pSA1S/OKwfaRs8vnWaQVytQlB6H5jaFLaw2X2A6eKxXisyJy1hkDgA/E/0vde5fY/4vNWSph8TAqoLvIvBirGFRHkAYtq9Y7KQ5CrXABpXpLuVqNgv953y9r7VefuGY159KmSQXRoNoAjMe3ceYc27ZTyKR6Z7MpZkuCs5Pj9IvcLjOmBiHuwMRDhzhA3oVMbI9hEjIhWpoI/SLpj3HyUzWuZDgSMJ+nwVsz2EjMxwUR374HLmAdHVFuqK+5vFO6JfMAOS+i7Fmlgf2+5FVzuU8jBRUXvYbF8tIliY/Y9SbGGfkV3iRKuShTqnrczxjwgXvilPbamuOGTirNCW3z+GRuYqjTqgHMHwXKXTGB6L9dzDb4NH2P3tfS2w6UD2DjezPcPjJLwTCap0UNOSRm4u5HvmieemkKesoyfevi5ITv7XR+fBs/zVqOmbG3+KuKk4XPBgH/3lrEcbG8uWBIX1QxTlnByEDlOeclhHQMeGbuKEGB1CkSFSCTpyKL3ZTpyhCgigxT+Dnhh3X61vHnYKLEg5C+Q/Ixrsfee
C:\Windows\tasks\5432e15e-8b38-4917-9568-a8baef47582c.job - C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe /agentregpath='SavePass 1.1' /appid=63429 /srcid='001504' /subid='0' /zdata='167904785' /bic=971F64B27F234AC0B6AAF2A9542B8569IE /verifier=6d03157a566d4768035584e8f611bb25 /installerversion=1_35_09_29 /installationtime=1417149375 /statsdomain=http://stats.newonlinedatastack.com /errorsdomain=http://errors.newonlinedatastack.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newonlinedatastack.com /runfrom='task' /externallog=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job - C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe 001504 971F64B27F234AC0B6AAF2A9542B8569IE 63429 1417149375 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 SavePass 1.1
C:\Windows\tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job - C:\Program Files (x86)\Sense\Sense-codedownloader.exe /rawdata=EEOw26hJ4wiFMUn32OXBsedk1AXP0HNKbw5HeGmXeB4uvvNpTs12zd2YaFZI6cDBejIKo3nPy/4BQReDBJbrvJWEY5WsiqA+Bo6rDR8CHrWyDYLD7plW1522iKNeqG1cUNwH6LN1vYy+if8tiYZieieLGGiwfLzg1uY0TT+kXqAeWYnOwWzNcJ5P/7RQ4ewcphQS/4nvHIQcTNoE3D1T/uIwijLVi1p8JzCSsHm4uX4V7nJX5MyOd5/p/fqTAuBrx+7Lj+mwUomR4qVOBm1U7/2CoydLbn0rJ9nYw9BRUPHa3zLQe6gAJhB8inxPbyOenl3FSPgEoXoMRtttQ8EInSyj+fkBDq7xF15P7jkqwmzJwfo/JgbsOTYQcTOcH5k4Ge3NsQOa6nbrOTtfvuiuXJZ6mmngJLhck/Vezk8rn4XBgy0hv6f0FhO7PW3KeIm7LXgMeVUhLK6zakQnf81MyLI+Nw3O7kcK1QGk1qPgFdgnkBCChK3KMIv+A2RuPTGRklaLojIHbcZUJvbF2zfNs/3CodkAeyjWSYShwYWxqOaGFnPqWvoMxwVmb8/O7jyoOrW47Y64p1Bg0KTfV9Ck7B7Y77wzQ6HBSK1E0MNewSusRy5icPigEC4Ecoaj/hVgQm/DbpIR/4jiDXSYEF5HeSxgbBMvDfrIyIc/ydjlHgSD6cZghpFNssmXiIDxOTrpkSBIrEKZvoP2jRViygweJlYFYc70LsQJ2cOze6/vd3vRe2+ynsWI8oePC7Fy55BdlZkehww5AfNwIJykHl4UyGxsUB6lzTuLt/V8Z66xbfL9KaCcTb4z+M1jXHuHgaU5gbGU+4+DVw51SAx2FQqidg8UHOXBJDVAHlQSZpEjgymtxVxdJ6h14mjg0bImM2DWhVdjnJInF8ruatJL4cHoD1qUgsAF3z/N6RjslsAyTw7NKjZLbkuwNYC+Q2p7tAloX3kB4toc6QURS0i7BzhsFAVBreAmJy1S1dc5GS/dve4Nr4oamMjivqf/0vq9XBHOMM4twHjzgN9eSa4HnUIL29zbGANQBOvhKSpo+B7Y0OMuFAX3yN5TFxHgDK24gzBVIhUuOsJwfSaoDiXowV7Y4EItn/0f9bC9AjbcLjBNzNZiWcHL7QCEhfQCYGOLtF50bwJG8p6q5+kv2u0tw3c+UchowuJNcSPMkGanJJWOMg8l8hLAYl2elT3kqjKZOXIJWPMaM0OrJ3lKwTV1gNjumTeoHgZZdxUVZ6Z/l5Q+/v0pTZTRdxKwYe/pZhGFU1YI6bDzpgZcTbxKsToZl94oGEbYM/Smw6diHPJ/GLVLO5/AHbTqVUijsoXwAjV/CHpKnfYwDZajdZd8sEHCAMc1I7eMjvy1Bn5RNy5CLyu42ie5e+J4zBYoYOyMLBLhGo/ctzekRTfHfeou9tqFa7+gnvJY2quNI+vfbKemAMwcm3T/UzQMQ6IkG6GcapEIncMCYL+R0lEzmWy+B+V8kjCCK80lA1jzov7S/U78aGev7M95SHRCi2PUgxj8BheHLG6za5iRHwM3oYVwnf6BR2IWi9b4CzdJNcKnyuUF9E7lNFG4IDTlgphkOK9o8bz6GAIZTPaS5fW78PWJ4DH53l3W+qJOB777+I4OJ5FUVjP6vXJofcfMKZG+78qNupoZS5sN6vb4g+4GebjPBsQQ9x1s+WqLVsCAcAC8NBIP7F7SuKw=
C:\Windows\tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job - C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe /rawdata=ljDKYv7SOfoyQZf8n5btBIEHlvKu9darPa3JSVHMk4bY5ZxI4DfrqMioWLzfgNqctpBwtcF/LZWEh0tWk4xCihRltrfILjF5hlZl2+i6l7bAvcwf/ozPz10GMCgMBI46LCcMxqns9m0llsiJawn8/7isg7sxCD8wmWU1gEqJj8AcTE7fRJBzHxaq4/l1rT1OyjC8ul6mYQPMQc/XC1vMH1jtRxUbaTM18fbly5rRigV23KBrVZJ/XPjURaxNLKMVhIKLjex0BiWpqvFKHPiij4LcDOARUIFSzhY3Ey3xEezNqZUcCzB2mOFYF//B2agBDgiA2YvpuZoElyaAG6PRoURMb2jbOOFuluPwVxDN7TQW5cMdWAzsGFHFLCnU3hSCcLfks8ECdS6Pf2nk7zbkvvJp2KVySUzaoyP1fnSboJjMkE69Q+NiJWbOrCNO1sY6kIphrsPD07oU9dR+G8jG7lN2YHvhHIb0AKzqaVp8eysPBBRuexBAAq1UDwZujN97CFwl0P2+hjyEIppVYYshuPbNONBJrfCYJvwrys85pq7GHZSZ7ahQJotwWlD1urUw/4Qy16IZyWfOm9ucqmIpdpkz80gPK7/eWNywBB0xQAFIwTF2QbdV3uGjV20xuIH81FvD8m4zzGUNj4EOlGGb4cSHtYY9yImQtk9NU/o+N8ILUcaJeS3zwl6js+LdddPRK/B4vgF1HxucCBQACtQT6Y0tpDX0yrwusA/RG8s+jctxj2GZ8WpH5CeGg2wP5h3Ta+asLInEPcdmrp2GrEDFu+Czy93kTEr9PZXVftgBSBKaSmRs0n4JWmYdLkZkaVvlMiN9P8VW40vv3wjOxeVGdrmUPUOaKwbEUtOC89pAbmyjsfbWxRNxehPQyg+pySy9z/DQZmFaXxhO16QayHanwXIf9hYyAVxb/7HdPvTdpMgDGMfvispzSjsWhI+9mWDMyo5n4rZP8USoEtgdj6KhpcG5CL8z+QRJbhd7IcX+RycJ49IVrglShNCpD4gpQgT5xOpp5NadXxL4ao6GACVc3Lrq1ZFU0WgouE+L2M1bImQI+JPswQkD49hg19TiUyb6nsXZqG5/IhoClmv0zHPvtDddAhOQ8DipLPszjHYfaJzoi1TBM8p3thhpDY5gl+vnveHtO5Ls+tWTgVAG9M8G96dhzkt4tdEPj+15lamb3o8=
C:\Windows\tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job - C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe /rawdata=ljDKYv7SOfoyQZf8n5btBIEHlvKu9darPa3JSVHMk4bY5ZxI4DfrqMioWLzfgNqctpBwtcF/LZWEh0tWk4xCihRltrfILjF5hlZl2+i6l7bAvcwf/ozPz10GMCgMBI46LCcMxqns9m0llsiJawn8/7isg7sxCD8wmWU1gEqJj8AcTE7fRJBzHxaq4/l1rT1OyjC8ul6mYQPMQc/XC1vMH1jtRxUbaTM18fbly5rRigV23KBrVZJ/XPjURaxNLKMVhIKLjex0BiWpqvFKHPiij4LcDOARUIFSzhY3Ey3xEezNqZUcCzB2mOFYF//B2agBDgiA2YvpuZoElyaAG6PRoURMb2jbOOFuluPwVxDN7TQW5cMdWAzsGFHFLCnU3hSCcLfks8ECdS6Pf2nk7zbkvvJp2KVySUzaoyP1fnSboJjMkE69Q+NiJWbOrCNO1sY6kIphrsPD07oU9dR+G8jG7lN2YHvhHIb0AKzqaVp8eysPBBRuexBAAq1UDwZujN97CFwl0P2+hjyEIppVYYshuPbNONBJrfCYJvwrys85pq7GHZSZ7ahQJotwWlD1urUw/4Qy16IZyWfOm9ucqmIpdpkz80gPK7/eWNywBB0xQAFIwTF2QbdV3uGjV20xuIH81FvD8m4zzGUNj4EOlGGb4cSHtYY9yImQtk9NU/o+N8ILUcaJeS3zwl6js+LdddPRK/B4vgF1HxucCBQACtQT6Y0tpDX0yrwusA/RG8s+jctxj2GZ8WpH5CeGg2wP5h3Ta+asLInEPcdmrp2GrEDFu+Czy93kTEr9PZXVftgBSBKaSmRs0n4JWmYdLkZkaVvlMiN9P8VW40vv3wjOxeVGdrmUPUOaKwbEUtOC89pAbmyjsfbWxRNxehPQyg+pySy9z/DQZmFaXxhO16QayHanwXIf9hYyAVxb/7HdPvTdpMgDGMfvispzSjsWhI+9mWDMyo5n4rZP8USoEtgdj6KhpcG5CL8z+QRJbhd7IcX+RycJ49IVrglShNCpD4gpQgT5ZHkuY2e5c0l0q4OmpxVNccLplFmYGbKI/dRn7VUCR0k5peylz469YisyuoNlmQJ7LbptJegLa8gDdI4estyx1mmZpSp2OKWvj2QEYZPG2zDLDx5Qo8RED1JJw0F+GUgD5kPTJFzsNvgBgnaHcdqiUQVEXXvvSFq8R30NN0w0imm5DK6AO57Fs1USik8HKUXmHBvLstVXlLpkvYEDMkznO0XgMH1kVJoxASbXc20vU/yfYSqyZLvbvQDwW5zL1a+wQd9Yb6FiCUmfInLjVZuEbRDpxypP73R+kTiIWpGOLKbvMvlgIg688+nm0/vjytI6+MJXqOXBbB5JP+6Ck79hoA==
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job - C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job - C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll [2014-11-28 624032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}]
Sense - C:\Program Files (x86)\Sense\Sense-bho.dll [2014-11-28 746456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-11-14 8292120]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=E:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]
"CCEnhancer"=C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe [2014-11-26 286208]
"DAEMON Tools Lite"=E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2012-09-19 764472]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-17 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2014-12-08 55568]
C:\Users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TPUCapture.lnk - E:\Program Files (x86)\TPUCapture\TPUCapture.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"NoAutoRebootWithLoggedOnUsers"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"e:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe"="e:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe:*:Enabled:PotPlayer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"e:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe"="e:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe:*:Enabled:PotPlayer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-12-11 09:39:31 ----DC---- C:\rsit
2014-12-11 09:39:31 ----D---- C:\Program Files\trend micro
2014-12-11 09:30:39 ----SHDC---- C:\$RECYCLE.BIN
2014-12-11 09:30:37 ----D---- C:\Windows\temp
2014-12-11 09:30:35 ----AC---- C:\ComboFix.txt
2014-12-05 09:58:57 ----A---- C:\Windows\SYSWOW64\vp6vfw.dll
2014-12-03 09:58:58 ----D---- C:\Program Files (x86)\SereneScreen
2014-12-03 09:58:58 ----A---- C:\Windows\SYSWOW64\MarineAquarium3.scr
2014-12-01 05:11:24 ----D---- C:\Program Files\BreakPoint Software
2014-12-01 05:10:59 ----D---- C:\Users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 04:48:54 ----D---- C:\ProgramData\Orbit
2014-11-30 04:34:52 ----D---- C:\Users\sef\AppData\Roaming\ATI
2014-11-30 04:34:52 ----D---- C:\ProgramData\ATI
2014-11-29 12:57:15 ----D---- C:\ProgramData\AMD
2014-11-29 12:57:15 ----D---- C:\Program Files (x86)\AMD AVT
2014-11-29 12:57:03 ----D---- C:\Program Files (x86)\ATI Technologies
2014-11-29 12:48:42 ----D---- C:\Program Files\ATI
2014-11-29 12:48:24 ----D---- C:\Program Files\ATI Technologies
2014-11-29 12:47:19 ----DC---- C:\AMD
2014-11-29 12:16:38 ----D---- C:\Users\sef\AppData\Roaming\KC Softwares
2014-11-29 12:15:05 ----D---- C:\ProgramData\Binarysense
2014-11-29 04:18:07 ----D---- C:\Program Files (x86)\System Ninja
2014-11-28 20:22:05 ----A---- C:\Windows\winhlp32.exe
2014-11-28 20:22:05 ----A---- C:\Windows\SYSWOW64\ftsrch.dll
2014-11-28 20:22:05 ----A---- C:\Windows\SYSWOW64\ftlx041e.dll
2014-11-28 20:22:05 ----A---- C:\Windows\SYSWOW64\ftlx0411.dll
2014-11-28 20:22:05 ----A---- C:\Windows\system32\ftsrch.dll
2014-11-28 20:22:05 ----A---- C:\Windows\system32\ftlx041e.dll
2014-11-28 20:22:05 ----A---- C:\Windows\system32\ftlx0411.dll
2014-11-28 11:50:39 ----D---- C:\Program Files\DVD Maker
2014-11-28 05:37:46 ----D---- C:\Program Files (x86)\Sense
2014-11-28 05:36:18 ----D---- C:\Program Files (x86)\SavePass 1.1
2014-11-28 05:24:01 ----D---- C:\Program Files (x86)\7-Zip
2014-11-25 22:57:42 ----D---- C:\Program Files (x86)\QuickTime
2014-11-25 17:57:10 ----D---- C:\Users\sef\AppData\Roaming\Oracle
2014-11-17 21:16:20 ----A---- C:\Windows\system32\amdhcp64.dll
2014-11-17 21:16:18 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2014-11-17 21:16:16 ----A---- C:\Windows\system32\atimpc64.dll
2014-11-17 21:16:16 ----A---- C:\Windows\system32\amdpcom64.dll
2014-11-17 21:16:14 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2014-11-17 21:16:14 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2014-11-17 21:16:00 ----A---- C:\Windows\system32\atiuxp64.dll
2014-11-17 21:15:58 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2014-11-17 21:15:56 ----A---- C:\Windows\system32\atiu9p64.dll
2014-11-17 21:15:54 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2014-11-17 21:15:50 ----A---- C:\Windows\system32\aticfx64.dll
2014-11-17 21:15:46 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2014-11-17 21:15:40 ----A---- C:\Windows\system32\atidxx64.dll
2014-11-17 21:15:36 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2014-11-17 21:15:28 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2014-11-17 21:15:22 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2014-11-17 21:15:14 ----A---- C:\Windows\system32\atiumd6a.dll
2014-11-17 21:15:10 ----A---- C:\Windows\system32\atiumd64.dll
2014-11-17 21:13:08 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2014-11-17 21:11:26 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2014-11-17 20:57:26 ----A---- C:\Windows\system32\clinfo.exe
2014-11-17 20:57:14 ----A---- C:\Windows\SYSWOW64\amdocl_ld32.exe
2014-11-17 20:57:14 ----A---- C:\Windows\SYSWOW64\amdocl_as32.exe
2014-11-17 20:57:14 ----A---- C:\Windows\system32\amdocl_ld64.exe
2014-11-17 20:57:14 ----A---- C:\Windows\system32\amdocl_as64.exe
2014-11-17 20:57:10 ----A---- C:\Windows\system32\OpenVideo64.dll
2014-11-17 20:57:04 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2014-11-17 20:56:58 ----A---- C:\Windows\system32\OVDecode64.dll
2014-11-17 20:56:54 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2014-11-17 20:56:48 ----A---- C:\Windows\system32\amdocl64.dll
2014-11-17 20:53:38 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2014-11-17 20:50:40 ----A---- C:\Windows\system32\OpenCL.dll
2014-11-17 20:50:36 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-11-17 20:12:02 ----A---- C:\Windows\system32\mantle64.dll
2014-11-17 20:11:42 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2014-11-17 20:11:18 ----A---- C:\Windows\system32\amdmantle64.dll
2014-11-17 20:10:32 ----A---- C:\Windows\system32\atio6axx.dll
2014-11-17 19:54:42 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2014-11-17 19:49:02 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2014-11-17 19:40:28 ----A---- C:\Windows\system32\mantleaxl64.dll
2014-11-17 19:40:16 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2014-11-17 19:40:00 ----A---- C:\Windows\system32\atiapfxx.exe
2014-11-17 19:39:52 ----A---- C:\Windows\system32\aticalrt64.dll
2014-11-17 19:39:50 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2014-11-17 19:39:42 ----A---- C:\Windows\system32\aticalcl64.dll
2014-11-17 19:39:40 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2014-11-17 19:39:26 ----A---- C:\Windows\system32\aticaldd64.dll
2014-11-17 19:36:06 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2014-11-17 19:22:08 ----A---- C:\Windows\system32\atidemgy.dll
2014-11-17 19:21:56 ----A---- C:\Windows\system32\atimuixx.dll
2014-11-17 19:21:48 ----A---- C:\Windows\system32\atieclxx.exe
2014-11-17 19:21:10 ----A---- C:\Windows\system32\atiesrxx.exe
2014-11-17 19:20:06 ----A---- C:\Windows\system32\atitmm64.dll
2014-11-17 19:17:06 ----A---- C:\Windows\system32\amdmmcl6.dll
2014-11-17 19:17:00 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2014-11-17 19:10:00 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2014-11-17 19:10:00 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2014-11-17 19:10:00 ----A---- C:\Windows\system32\ativvsvl.dat
2014-11-17 19:10:00 ----A---- C:\Windows\system32\ativvsva.dat
2014-11-17 19:06:04 ----A---- C:\Windows\system32\coinst_14.30.dll
2014-11-17 18:55:12 ----A---- C:\Windows\system32\atiadlxx.dll
2014-11-17 18:55:00 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2014-11-17 18:54:46 ----A---- C:\Windows\system32\atig6pxx.dll
2014-11-17 18:54:44 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2014-11-17 18:54:44 ----A---- C:\Windows\system32\atiglpxx.dll
2014-11-17 18:54:40 ----A---- C:\Windows\system32\atig6txx.dll
2014-11-17 18:54:26 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2014-11-17 18:54:12 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2014-11-17 18:52:18 ----A---- C:\Windows\system32\amdave64.dll
2014-11-17 18:52:12 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2014-11-17 18:52:00 ----A---- C:\Windows\system32\atisamu64.dll
2014-11-17 18:51:56 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2014-11-17 18:49:40 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2014-11-17 15:08:00 ----A---- C:\Windows\system32\kdbsdk64.dll
2014-11-17 15:03:08 ----A---- C:\Windows\SYSWOW64\kdbsdk32.dll
======List of files/folders modified in the last 1 month======
2014-12-11 09:39:42 ----D---- C:\Windows\Prefetch
2014-12-11 09:39:31 ----RD---- C:\Program Files
2014-12-11 09:30:38 ----DC---- C:\Qoobox
2014-12-11 09:30:37 ----D---- C:\Windows
2014-12-11 09:29:31 ----C---- C:\Windows\system.ini
2014-12-11 07:47:59 ----D---- C:\Windows\system32\config
2014-12-11 06:59:01 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-11 06:59:01 ----D---- C:\Windows\SysWOW64
2014-12-11 06:59:01 ----D---- C:\Windows\AppPatch
2014-12-11 06:59:01 ----D---- C:\Program Files (x86)\Common Files
2014-12-11 06:44:17 ----D---- C:\Windows\System32
2014-12-11 06:44:17 ----D---- C:\Windows\inf
2014-12-11 06:44:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-11 06:41:43 ----D---- C:\Windows\system32\catroot2
2014-12-11 06:41:42 ----SHD---- C:\System Volume Information
2014-12-11 06:41:20 ----D---- C:\Windows\system32\drivers
2014-12-11 06:41:11 ----D---- C:\Windows\SoftwareDistribution
2014-12-11 06:39:46 ----D---- C:\Program Files (x86)\Raptr
2014-12-11 06:39:36 ----D---- C:\Users\sef\AppData\Roaming\Raptr
2014-12-11 06:38:52 ----D---- C:\Windows\system32\Tasks
2014-12-11 03:24:26 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-12-11 02:06:22 ----SHD---- C:\Windows\Installer
2014-12-08 18:08:48 ----D---- C:\ProgramData\Spyware Terminator
2014-12-06 22:10:41 ----D---- C:\Users\sef\AppData\Roaming\DAEMON Tools Lite
2014-12-06 22:10:40 ----D---- C:\Windows\Logs
2014-12-05 15:29:25 ----D---- C:\ProgramData\Moborobo
2014-12-05 09:58:56 ----D---- C:\ProgramData\Package Cache
2014-12-05 02:30:10 ----D---- C:\Windows\SYSWOW64\directx
2014-12-03 09:59:02 ----D---- C:\Users\sef\AppData\Roaming\Marine Aquarium 3
2014-12-03 09:58:58 ----RD---- C:\Program Files (x86)
2014-12-01 04:48:54 ----D---- C:\ProgramData
2014-11-30 04:33:55 ----D---- C:\Windows\system32\catroot
2014-11-29 13:31:39 ----D---- C:\Windows\rescache
2014-11-29 12:56:58 ----D---- C:\Windows\system32\DriverStore
2014-11-29 12:56:42 ----D---- C:\Program Files\Common Files\ATI Technologies
2014-11-29 12:50:44 ----D---- C:\Windows\Tasks
2014-11-29 12:50:13 ----D---- C:\Windows\system32\drivers\etc
2014-11-29 12:49:19 ----D---- C:\Windows\erdnt
2014-11-29 09:46:24 ----D---- C:\Windows\Panther
2014-11-29 09:28:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-29 09:21:51 ----D---- C:\Program Files (x86)\Canon
2014-11-28 20:22:07 ----D---- C:\Windows\winsxs
2014-11-28 20:22:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-28 20:22:07 ----D---- C:\Windows\system32\cs-CZ
2014-11-28 20:22:07 ----D---- C:\Windows\cs-CZ
2014-11-28 14:15:30 ----D---- C:\ProgramData\Adobe
2014-11-28 05:36:57 ----D---- C:\Program Files\Common Files\System
2014-11-25 17:12:08 ----D---- C:\Program Files\Java
2014-11-25 17:11:12 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 17:11:10 ----D---- C:\ProgramData\Oracle
2014-11-25 17:11:09 ----D---- C:\Program Files (x86)\Java
2014-11-20 22:18:07 ----D---- C:\Program Files (x86)\Creative
2014-11-20 22:16:02 ----D---- C:\Program Files (x86)\MSI
2014-11-20 22:15:08 ----D---- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2012-10-18 16440]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-10-18 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2012-10-18 13368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-18 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-01-26 31648]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2013-10-02 51496]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-08-21 30624]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-17 16756736]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-17 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 bcgame;Nostromo HID Device Minidriver; C:\Windows\system32\drivers\bcgame.sys [2007-08-14 35328]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-10-22 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-10-22 19944]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-10-22 46016]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2012-10-26 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-10-15 24680]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-10-15 52200]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2014-08-07 34032]
R3 vhidmini;Virtual Hid Device; C:\Windows\system32\DRIVERS\vhidmini.sys [2007-09-29 13952]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S2 sbmntr;SBMNTR; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2012-01-15 36256]
S3 atillk64;atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTCFilterService;USB Networking Driver Filter Service; C:\Windows\system32\DRIVERS\motfilt.sys [2013-03-20 6144]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]
S3 DIRECTIO;DIRECTIO; \??\E:\Program Files\PerformanceTest\DirectIo64.sys [2012-08-13 25704]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 getbus;getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-11-02 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-11-02 27760]
S3 GPU-Z;GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys []
S3 GPUZ;GPUZ; \??\C:\Windows\TEMP\GPUZ.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2012-01-15 36256]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys []
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
S3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys []
S3 motandroidusb;Mot ADB Interface Driver; C:\Windows\System32\Drivers\motoandroid.sys [2013-03-26 32768]
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2013-03-19 23552]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys []
S3 MotoSwitchService;MotoSwitch Service; C:\Windows\system32\DRIVERS\motswch.sys [2012-06-08 8832]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\Windows\system32\DRIVERS\Motousbnet.sys [2013-03-19 27648]
S3 motusbdevice;Motorola USB Dev Driver; C:\Windows\system32\DRIVERS\motusbdevice.sys [2013-03-20 12288]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1; \??\C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [2009-10-05 14136]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-02-14 13328]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys []
S3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys []
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
S3 NTIOLib_SuiteFB;NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys []
S3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2013-11-15 39080]
S3 rzudd;Razer Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2013-11-15 149160]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SaiK1709;SaiK1709; C:\Windows\system32\DRIVERS\SaiK1709.sys [2012-09-20 180544]
S3 SaiU1709;SaiU1709; C:\Windows\system32\DRIVERS\SaiU1709.sys [2012-09-20 47168]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 TVICHW32;TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys []
S3 uisp;Logitech USB ICP driver; C:\Windows\System32\Drivers\mtdfu.sys [2014-01-04 17936]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-17 239616]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; e:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MoboroboDeviceService;Moborobo Device Service; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [2014-03-28 70952]
R2 MSI_FastBoot;MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2012-10-26 103992]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-10-24 1730000]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-03-17 162800]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-10-13 76152]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-05-07 108032]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 116648]
S2 PST Service;PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-23 257712]
S4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
S4 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-10-22 149032]
S4 OnlineStorageService;OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2012-07-12 7908664]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2013-04-03 1149104]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu logu
Krasny den Vam preju 
Zavirovano mate, ale havet pravdepodobne nebude problem rucne maznout... ikdyz po aplikaci CF nam log z RSIT urcity druh haveti vubec neukaze... uvidime...
Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic 
Pri spusteni ComboFixu jste souhlasil s podminkami uziti, takze se jen ujistim... jste osoba vyskolena pro pouziti CF nebo Vam alespon osoba zkusena asistovala? Dejte prosim log z CF.
Zavirovano mate, ale havet pravdepodobne nebude problem rucne maznout... ikdyz po aplikaci CF nam log z RSIT urcity druh haveti vubec neukaze... uvidime... Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic Pri spusteni ComboFixu jste souhlasil s podminkami uziti, takze se jen ujistim... jste osoba vyskolena pro pouziti CF nebo Vam alespon osoba zkusena asistovala? Dejte prosim log z CF.Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
dobry den,
os je legalni, ultimate verzi mam prave proto,ze ma funkce,ktere vyuziji a cena nebyla 5000 ale 2999kc
av/sp se nevypnul protoze nemuzu najit kde jsou k nim exe soubory
ComboFix 14-12-10.03 - sef 11.12.2014 6:44.9.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8139.5464 [GMT 1:00]
Spuštěný z: e:\download\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-11 do 2014-12-11 )))))))))))))))))))))))))))))))
.
.
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-12-11 05:38 . 2014-12-11 05:38 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C62541A9-A96C-4335-B138-2CDF8424F884}\offreg.dll
2014-12-10 21:12 . 2014-09-16 20:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D5F3DF5-C34D-4AB9-B365-4E900554053C}\gapaengine.dll
2014-12-10 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C62541A9-A96C-4335-B138-2CDF8424F884}\mpengine.dll
2014-12-09 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-05 08:58 . 2014-10-19 14:54 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-12-03 08:58 . 2014-12-03 08:58 -------- d-----w- c:\program files (x86)\SereneScreen
2014-12-03 08:58 . 2009-01-28 15:14 6234112 ----a-w- c:\windows\SysWow64\MarineAquarium3.scr
2014-12-01 04:11 . 2014-12-01 04:11 -------- d-----w- c:\program files\BreakPoint Software
2014-12-01 04:10 . 2014-12-01 04:10 -------- d-----w- c:\users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 03:48 . 2014-12-01 03:48 -------- d-----w- c:\programdata\Orbit
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Roaming\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Local\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\programdata\ATI
2014-11-30 03:34 . 2014-11-30 03:34 0 ----a-w- c:\windows\ativpsrm.bin
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\programdata\AMD
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\AMD AVT
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI Technologies
2014-11-29 11:47 . 2014-11-29 11:47 -------- dc----w- C:\AMD
2014-11-29 11:16 . 2014-11-29 11:16 -------- d-----w- c:\users\sef\AppData\Roaming\KC Softwares
2014-11-29 11:15 . 2014-11-29 11:15 -------- d-----w- c:\programdata\Binarysense
2014-11-29 03:18 . 2014-11-29 09:26 -------- d-----w- c:\program files (x86)\System Ninja
2014-11-28 19:22 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2014-11-28 10:51 . 2014-11-28 10:51 -------- d-----w- c:\users\sef\AppData\Local\WindowsApplication1
2014-11-28 10:50 . 2014-11-28 10:50 -------- d-----w- c:\program files\DVD Maker
2014-11-28 04:37 . 2014-11-28 04:38 -------- d-----w- c:\program files (x86)\Sense
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\users\sef\AppData\Local\CrashRpt
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\users\sef\AppData\Local\globalUpdate
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\program files (x86)\SavePass 1.1
2014-11-28 04:24 . 2014-11-28 04:24 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-25 21:57 . 2014-11-25 21:57 -------- d-----w- c:\program files (x86)\QuickTime
2014-11-25 16:57 . 2014-11-25 16:57 -------- d-----w- c:\users\sef\AppData\Roaming\Oracle
2014-11-22 08:57 . 2014-11-22 08:57 2734068 ----a-w- c:\users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-17 20:16 . 2014-11-17 20:16 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-17 20:16 . 2014-11-17 20:16 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-17 20:16 . 2014-11-17 20:16 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-17 20:15 . 2014-11-17 20:15 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-17 20:15 . 2014-11-17 20:15 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-17 20:15 . 2014-11-17 20:15 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-17 20:15 . 2014-11-17 20:15 1342760 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 1118720 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 10889312 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 9314984 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 7208104 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-17 20:15 . 2014-11-17 20:15 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-17 20:15 . 2014-11-17 20:15 8045488 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-17 20:15 . 2014-11-17 20:15 8295784 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-17 20:13 . 2014-11-17 20:13 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-17 20:11 . 2014-11-17 20:11 16756736 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-17 19:57 . 2014-11-17 19:57 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-17 19:57 . 2014-11-17 19:57 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2014-11-17 19:57 . 2014-11-17 19:57 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2014-11-17 19:57 . 2014-11-17 19:57 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2014-11-17 19:57 . 2014-11-17 19:57 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2014-11-17 19:57 . 2014-11-17 19:57 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-17 19:57 . 2014-11-17 19:57 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-17 19:56 . 2014-11-17 19:56 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-17 19:56 . 2014-11-17 19:56 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-17 19:56 . 2014-11-17 19:56 33869824 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-17 19:53 . 2014-11-17 19:53 28772352 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-17 19:50 . 2014-11-17 19:50 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-17 19:50 . 2014-11-17 19:50 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-17 19:12 . 2014-11-17 19:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-17 19:11 . 2014-11-17 19:11 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-17 19:11 . 2014-11-17 19:11 5836800 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-17 19:10 . 2014-11-17 19:10 28356608 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-17 18:54 . 2014-11-17 18:54 4590080 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-17 18:49 . 2014-11-17 18:49 23627264 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-17 18:40 . 2014-11-17 18:40 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-17 18:40 . 2014-11-17 18:40 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-17 18:40 . 2014-11-17 18:40 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-17 18:39 . 2014-11-17 18:39 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-17 18:39 . 2014-11-17 18:39 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-17 18:39 . 2014-11-17 18:39 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-17 18:39 . 2014-11-17 18:39 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-17 18:39 . 2014-11-17 18:39 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-17 18:36 . 2014-11-17 18:36 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-17 18:22 . 2014-11-17 18:22 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-17 18:21 . 2014-11-17 18:21 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-17 18:21 . 2014-11-17 18:21 623616 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-17 18:21 . 2014-11-17 18:21 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-17 18:20 . 2014-11-17 18:20 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-17 18:17 . 2014-11-17 18:17 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-17 18:17 . 2014-11-17 18:17 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-17 18:06 . 2014-11-17 18:06 839168 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-11-17 17:55 . 2014-11-17 17:55 1211392 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-17 17:55 . 2014-11-17 17:55 901120 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-17 17:54 . 2014-11-17 17:54 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-17 17:54 . 2014-11-17 17:54 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 581120 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-17 17:52 . 2014-11-17 17:52 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-17 17:52 . 2014-11-17 17:52 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-17 17:52 . 2014-11-17 17:52 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-17 17:51 . 2014-11-17 17:51 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-17 17:49 . 2014-11-17 17:49 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-17 14:08 . 2014-11-17 14:08 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-17 14:03 . 2014-11-17 14:03 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-11 02:24 . 2014-09-14 23:40 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-11 02:24 . 2012-12-22 07:34 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-11 02:14 . 2014-01-27 00:08 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-11-25 16:11 . 2013-11-09 01:52 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 21:43 . 2014-09-14 23:40 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-16 20:11 . 2014-02-18 15:09 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
2014-11-28 04:36 624032 ----a-w- c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}]
2014-11-28 04:37 746456 ----a-w- c:\program files (x86)\Sense\Sense-bho.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="e:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"CCEnhancer"="c:\users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe" [2014-11-26 286208]
"DAEMON Tools Lite"="e:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-17 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2014-12-08 55568]
.
c:\users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TPUCapture.lnk - e:\program files (x86)\TPUCapture\TPUCapture.exe [2009-8-28 345088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"NoAutoRebootWithLoggedOnUsers"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R2 sbmntr;sbmntr;c:\progra~2\YTDOWN~1\sbmntr.sys;c:\progra~2\YTDOWN~1\sbmntr.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 DIRECTIO;DIRECTIO;e:\program files\PerformanceTest\DirectIo64.sys;e:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 getbus;getbus;c:\users\sef\AppData\Local\Temp\getbus.sys;c:\users\sef\AppData\Local\Temp\getbus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\sef\AppData\Local\Temp\GPU-Z.sys;c:\users\sef\AppData\Local\Temp\GPU-Z.sys [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 SaiK1709;SaiK1709;c:\windows\system32\DRIVERS\SaiK1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1709.sys [x]
R3 SaiU1709;SaiU1709;c:\windows\system32\DRIVERS\SaiU1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1709.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TVICHW32;TVICHW32;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R4 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 MoboroboDeviceService;Moborobo Device Service;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys;c:\windows\SYSNATIVE\drivers\bcgame.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 02:19 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job
- c:\program files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job
- c:\program files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-22 18:32]
.
2014-12-11 c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job
- c:\program files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job
- c:\program files (x86)\Sense\Sense-codedownloader.exe [2014-11-28 04:37]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job
- c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe [2014-11-28 04:38]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job
- c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe [2014-11-28 04:38]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:37]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:37]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job
- c:\users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05 15:31]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job
- c:\users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05 15:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.daum.net/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: NameServer = 208.67.222.222,208.67.220.220
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\AIDA64Driver]
"ImagePath"="\??\e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1463186153-2632091326-3034755131-1001\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-11 09:30:35
ComboFix-quarantined-files.txt 2014-12-11 08:30
ComboFix2.txt 2014-11-29 11:51
ComboFix3.txt 2014-11-06 21:11
.
Před spuštěním: Volných bajtů: 16 105 074 688
Po spuštění: Volných bajtů: 15 931 535 360
.
- - End Of File - - DA4A7A9FBE056E04237B2D84D015F70D
A36C5E4F47E84449FF07ED3517B43A31
os je legalni, ultimate verzi mam prave proto,ze ma funkce,ktere vyuziji a cena nebyla 5000 ale 2999kc
av/sp se nevypnul protoze nemuzu najit kde jsou k nim exe soubory
ComboFix 14-12-10.03 - sef 11.12.2014 6:44.9.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8139.5464 [GMT 1:00]
Spuštěný z: e:\download\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-11 do 2014-12-11 )))))))))))))))))))))))))))))))
.
.
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2014-12-11 08:29 . 2014-12-11 08:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-12-11 05:38 . 2014-12-11 05:38 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C62541A9-A96C-4335-B138-2CDF8424F884}\offreg.dll
2014-12-10 21:12 . 2014-09-16 20:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D5F3DF5-C34D-4AB9-B365-4E900554053C}\gapaengine.dll
2014-12-10 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C62541A9-A96C-4335-B138-2CDF8424F884}\mpengine.dll
2014-12-09 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-05 08:58 . 2014-10-19 14:54 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-12-03 08:58 . 2014-12-03 08:58 -------- d-----w- c:\program files (x86)\SereneScreen
2014-12-03 08:58 . 2009-01-28 15:14 6234112 ----a-w- c:\windows\SysWow64\MarineAquarium3.scr
2014-12-01 04:11 . 2014-12-01 04:11 -------- d-----w- c:\program files\BreakPoint Software
2014-12-01 04:10 . 2014-12-01 04:10 -------- d-----w- c:\users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 03:48 . 2014-12-01 03:48 -------- d-----w- c:\programdata\Orbit
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Roaming\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Local\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\programdata\ATI
2014-11-30 03:34 . 2014-11-30 03:34 0 ----a-w- c:\windows\ativpsrm.bin
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\programdata\AMD
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\AMD AVT
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI Technologies
2014-11-29 11:47 . 2014-11-29 11:47 -------- dc----w- C:\AMD
2014-11-29 11:16 . 2014-11-29 11:16 -------- d-----w- c:\users\sef\AppData\Roaming\KC Softwares
2014-11-29 11:15 . 2014-11-29 11:15 -------- d-----w- c:\programdata\Binarysense
2014-11-29 03:18 . 2014-11-29 09:26 -------- d-----w- c:\program files (x86)\System Ninja
2014-11-28 19:22 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2014-11-28 10:51 . 2014-11-28 10:51 -------- d-----w- c:\users\sef\AppData\Local\WindowsApplication1
2014-11-28 10:50 . 2014-11-28 10:50 -------- d-----w- c:\program files\DVD Maker
2014-11-28 04:37 . 2014-11-28 04:38 -------- d-----w- c:\program files (x86)\Sense
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\users\sef\AppData\Local\CrashRpt
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\users\sef\AppData\Local\globalUpdate
2014-11-28 04:36 . 2014-11-28 04:36 -------- d-----w- c:\program files (x86)\SavePass 1.1
2014-11-28 04:24 . 2014-11-28 04:24 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-25 21:57 . 2014-11-25 21:57 -------- d-----w- c:\program files (x86)\QuickTime
2014-11-25 16:57 . 2014-11-25 16:57 -------- d-----w- c:\users\sef\AppData\Roaming\Oracle
2014-11-22 08:57 . 2014-11-22 08:57 2734068 ----a-w- c:\users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-17 20:16 . 2014-11-17 20:16 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-17 20:16 . 2014-11-17 20:16 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-17 20:16 . 2014-11-17 20:16 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-17 20:15 . 2014-11-17 20:15 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-17 20:15 . 2014-11-17 20:15 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-17 20:15 . 2014-11-17 20:15 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-17 20:15 . 2014-11-17 20:15 1342760 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 1118720 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 10889312 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 9314984 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 7208104 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-17 20:15 . 2014-11-17 20:15 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-17 20:15 . 2014-11-17 20:15 8045488 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-17 20:15 . 2014-11-17 20:15 8295784 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-17 20:13 . 2014-11-17 20:13 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-17 20:11 . 2014-11-17 20:11 16756736 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-17 19:57 . 2014-11-17 19:57 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-17 19:57 . 2014-11-17 19:57 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2014-11-17 19:57 . 2014-11-17 19:57 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2014-11-17 19:57 . 2014-11-17 19:57 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2014-11-17 19:57 . 2014-11-17 19:57 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2014-11-17 19:57 . 2014-11-17 19:57 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-17 19:57 . 2014-11-17 19:57 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-17 19:56 . 2014-11-17 19:56 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-17 19:56 . 2014-11-17 19:56 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-17 19:56 . 2014-11-17 19:56 33869824 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-17 19:53 . 2014-11-17 19:53 28772352 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-17 19:50 . 2014-11-17 19:50 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-17 19:50 . 2014-11-17 19:50 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-17 19:12 . 2014-11-17 19:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-17 19:11 . 2014-11-17 19:11 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-17 19:11 . 2014-11-17 19:11 5836800 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-17 19:10 . 2014-11-17 19:10 28356608 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-17 18:54 . 2014-11-17 18:54 4590080 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-17 18:49 . 2014-11-17 18:49 23627264 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-17 18:40 . 2014-11-17 18:40 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-17 18:40 . 2014-11-17 18:40 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-17 18:40 . 2014-11-17 18:40 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-17 18:39 . 2014-11-17 18:39 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-17 18:39 . 2014-11-17 18:39 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-17 18:39 . 2014-11-17 18:39 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-17 18:39 . 2014-11-17 18:39 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-17 18:39 . 2014-11-17 18:39 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-17 18:36 . 2014-11-17 18:36 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-17 18:22 . 2014-11-17 18:22 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-17 18:21 . 2014-11-17 18:21 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-17 18:21 . 2014-11-17 18:21 623616 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-17 18:21 . 2014-11-17 18:21 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-17 18:20 . 2014-11-17 18:20 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-17 18:17 . 2014-11-17 18:17 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-17 18:17 . 2014-11-17 18:17 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-17 18:06 . 2014-11-17 18:06 839168 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-11-17 17:55 . 2014-11-17 17:55 1211392 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-17 17:55 . 2014-11-17 17:55 901120 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-17 17:54 . 2014-11-17 17:54 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-17 17:54 . 2014-11-17 17:54 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 581120 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-17 17:52 . 2014-11-17 17:52 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-17 17:52 . 2014-11-17 17:52 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-17 17:52 . 2014-11-17 17:52 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-17 17:51 . 2014-11-17 17:51 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-17 17:49 . 2014-11-17 17:49 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-17 14:08 . 2014-11-17 14:08 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-17 14:03 . 2014-11-17 14:03 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-11 02:24 . 2014-09-14 23:40 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-11 02:24 . 2012-12-22 07:34 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-11 02:14 . 2014-01-27 00:08 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-11-25 16:11 . 2013-11-09 01:52 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 21:43 . 2014-09-14 23:40 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-16 20:11 . 2014-02-18 15:09 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
2014-11-28 04:36 624032 ----a-w- c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}]
2014-11-28 04:37 746456 ----a-w- c:\program files (x86)\Sense\Sense-bho.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="e:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"CCEnhancer"="c:\users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe" [2014-11-26 286208]
"DAEMON Tools Lite"="e:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-17 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2014-12-08 55568]
.
c:\users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TPUCapture.lnk - e:\program files (x86)\TPUCapture\TPUCapture.exe [2009-8-28 345088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"NoAutoRebootWithLoggedOnUsers"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R2 sbmntr;sbmntr;c:\progra~2\YTDOWN~1\sbmntr.sys;c:\progra~2\YTDOWN~1\sbmntr.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 DIRECTIO;DIRECTIO;e:\program files\PerformanceTest\DirectIo64.sys;e:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 getbus;getbus;c:\users\sef\AppData\Local\Temp\getbus.sys;c:\users\sef\AppData\Local\Temp\getbus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\sef\AppData\Local\Temp\GPU-Z.sys;c:\users\sef\AppData\Local\Temp\GPU-Z.sys [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 SaiK1709;SaiK1709;c:\windows\system32\DRIVERS\SaiK1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1709.sys [x]
R3 SaiU1709;SaiU1709;c:\windows\system32\DRIVERS\SaiU1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1709.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TVICHW32;TVICHW32;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R4 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 MoboroboDeviceService;Moborobo Device Service;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys;c:\windows\SYSNATIVE\drivers\bcgame.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 02:19 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job
- c:\program files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job
- c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job
- c:\program files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-22 18:32]
.
2014-12-11 c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job
- c:\program files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe [2014-11-28 04:36]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job
- c:\program files (x86)\Sense\Sense-codedownloader.exe [2014-11-28 04:37]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job
- c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe [2014-11-28 04:38]
.
2014-12-11 c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job
- c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe [2014-11-28 04:38]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:37]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:37]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job
- c:\users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05 15:31]
.
2014-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job
- c:\users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05 15:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.daum.net/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: NameServer = 208.67.222.222,208.67.220.220
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\AIDA64Driver]
"ImagePath"="\??\e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1463186153-2632091326-3034755131-1001\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-11 09:30:35
ComboFix-quarantined-files.txt 2014-12-11 08:30
ComboFix2.txt 2014-11-29 11:51
ComboFix3.txt 2014-11-06 21:11
.
Před spuštěním: Volných bajtů: 16 105 074 688
Po spuštění: Volných bajtů: 15 931 535 360
.
- - End Of File - - DA4A7A9FBE056E04237B2D84D015F70D
A36C5E4F47E84449FF07ED3517B43A31
Re: prosim o kontrolu logu
MSE vypnete: otevrete okno MSE napr. poklepanim na ikonu MSE v tray liste (vpravo dole vedle hodin) -> nahore Nastaveni -> Ochrana v realnem case -> odskrtnout volbu Zapnout ochranu v realnem case. Po restartu (aplikaci CFScriptu) jej znovu zapnete 
Pokud jeste nemate, presunte ComboFix na plochu.
- Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
- zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)
Kód: Vybrat vše
KillAll:: Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=- "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpywareTerminatorUpdater"=- Driver:: sbmntr Folder:: c:\program files (x86)\Sense c:\users\sef\AppData\Local\CrashRpt c:\users\sef\AppData\Local\globalUpdate c:\program files (x86)\SavePass 1.1 c:\progra~2\YTDOWN~1 DDS:: uStart Page = hxxp://www.daum.net/ File:: c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job RegNull:: [HKEY_USERS\S-1-5-21-1463186153-2632091326-3034755131-1001\Control Panel\Desktop*] RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] ClearJavaCache:: Reboot:: - Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
- Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
dobry den ,
problem je prave v tom ze mse v tray liste nemam prestoze bezi:( pokud by jste mi napovedel kde najdu exe soubor pak to vypnu) dekuji
problem je prave v tom ze mse v tray liste nemam prestoze bezi:( pokud by jste mi napovedel kde najdu exe soubor pak to vypnu) dekuji
Re: prosim o kontrolu logu
C:\Program Files\Microsoft Security Client\msseces.exe... pripadne jej nechte zapnuty a z logu stejne uvidim, do jake miry se ComboFixu pletl do cesty 
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
ComboFix 14-12-10.03 - sef 13.12.2014 4:05.10.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8139.5786 [GMT 1:00]
Spuštěný z: c:\users\sef\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\sef\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job"
"c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job"
"c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SavePass 1.1
c:\program files (x86)\SavePass 1.1\1293297481.mxaddon
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-4.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce.crx
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce.xpi
c:\program files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe
c:\program files (x86)\SavePass 1.1\background.html
c:\program files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe
c:\program files (x86)\SavePass 1.1\f4b1b179-2c88-4a16-b515-c49c45868d4f.crx
c:\program files (x86)\SavePass 1.1\Interop.IWshRuntimeLibrary.dll
c:\program files (x86)\SavePass 1.1\Newtonsoft.Json.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bg.exe
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho64.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe
c:\program files (x86)\SavePass 1.1\SavePass 1.1.ico
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Common.dll
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Core.dll
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Protocol.dll
c:\program files (x86)\SavePass 1.1\Uninstall.exe
c:\program files (x86)\SavePass 1.1\utils.exe
c:\program files (x86)\SavePass 1.1\WebSocket4Net.dll
c:\program files (x86)\Sense
c:\program files (x86)\Sense\06bd5836-7973-42ed-aa4c-975080e7c4f9.crx
c:\program files (x86)\Sense\1293297481.mxaddon
c:\program files (x86)\Sense\background.html
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-11.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-4.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d.crx
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d.xpi
c:\program files (x86)\Sense\Sense-bg.exe
c:\program files (x86)\Sense\Sense-bho.dll
c:\program files (x86)\Sense\Sense-bho64.dll
c:\program files (x86)\Sense\Sense-buttonutil.dll
c:\program files (x86)\Sense\Sense-buttonutil.exe
c:\program files (x86)\Sense\Sense-buttonutil64.dll
c:\program files (x86)\Sense\Sense-buttonutil64.exe
c:\program files (x86)\Sense\Sense-codedownloader.exe
c:\program files (x86)\Sense\Sense.ico
c:\program files (x86)\Sense\Uninstall.exe
c:\program files (x86)\Sense\utils.exe
c:\users\sef\AppData\Local\CrashRpt
c:\users\sef\AppData\Local\globalUpdate
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job
c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job
c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SBMNTR
-------\Service_sbmntr
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-13 do 2014-12-13 )))))))))))))))))))))))))))))))
.
.
2014-12-13 03:27 . 2014-12-13 03:27 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D26F1345-80C9-409F-9EF2-F5AD9C18C40F}\offreg.dll
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-12-12 23:22 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D26F1345-80C9-409F-9EF2-F5AD9C18C40F}\mpengine.dll
2014-12-11 08:39 . 2014-12-11 08:41 -------- d-----w- c:\program files\trend micro
2014-12-11 08:39 . 2014-12-11 08:39 -------- dc----w- C:\rsit
2014-12-10 21:12 . 2014-09-16 20:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D5F3DF5-C34D-4AB9-B365-4E900554053C}\gapaengine.dll
2014-12-10 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-05 08:58 . 2014-10-19 14:54 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-12-03 08:58 . 2014-12-03 08:58 -------- d-----w- c:\program files (x86)\SereneScreen
2014-12-03 08:58 . 2009-01-28 15:14 6234112 ----a-w- c:\windows\SysWow64\MarineAquarium3.scr
2014-12-01 04:11 . 2014-12-01 04:11 -------- d-----w- c:\program files\BreakPoint Software
2014-12-01 04:10 . 2014-12-01 04:10 -------- d-----w- c:\users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 03:48 . 2014-12-01 03:48 -------- d-----w- c:\programdata\Orbit
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Roaming\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Local\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\programdata\ATI
2014-11-30 03:34 . 2014-11-30 03:34 0 ----a-w- c:\windows\ativpsrm.bin
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\programdata\AMD
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\AMD AVT
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI Technologies
2014-11-29 11:47 . 2014-11-29 11:47 -------- dc----w- C:\AMD
2014-11-29 11:16 . 2014-11-29 11:16 -------- d-----w- c:\users\sef\AppData\Roaming\KC Softwares
2014-11-29 11:15 . 2014-11-29 11:15 -------- d-----w- c:\programdata\Binarysense
2014-11-29 03:18 . 2014-11-29 09:26 -------- d-----w- c:\program files (x86)\System Ninja
2014-11-28 19:22 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2014-11-28 10:51 . 2014-11-28 10:51 -------- d-----w- c:\users\sef\AppData\Local\WindowsApplication1
2014-11-28 10:50 . 2014-11-28 10:50 -------- d-----w- c:\program files\DVD Maker
2014-11-28 04:24 . 2014-11-28 04:24 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-25 21:57 . 2014-11-25 21:57 -------- d-----w- c:\program files (x86)\QuickTime
2014-11-25 16:57 . 2014-11-25 16:57 -------- d-----w- c:\users\sef\AppData\Roaming\Oracle
2014-11-22 08:57 . 2014-11-22 08:57 2734068 ----a-w- c:\users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-17 20:16 . 2014-11-17 20:16 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-17 20:16 . 2014-11-17 20:16 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-17 20:16 . 2014-11-17 20:16 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-17 20:15 . 2014-11-17 20:15 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-17 20:15 . 2014-11-17 20:15 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-17 20:15 . 2014-11-17 20:15 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-17 20:15 . 2014-11-17 20:15 1342760 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 1118720 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 10889312 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 9314984 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 7208104 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-17 20:15 . 2014-11-17 20:15 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-17 20:15 . 2014-11-17 20:15 8045488 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-17 20:15 . 2014-11-17 20:15 8295784 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-17 20:13 . 2014-11-17 20:13 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-17 20:11 . 2014-11-17 20:11 16756736 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-17 19:57 . 2014-11-17 19:57 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-17 19:57 . 2014-11-17 19:57 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2014-11-17 19:57 . 2014-11-17 19:57 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2014-11-17 19:57 . 2014-11-17 19:57 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2014-11-17 19:57 . 2014-11-17 19:57 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2014-11-17 19:57 . 2014-11-17 19:57 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-17 19:57 . 2014-11-17 19:57 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-17 19:56 . 2014-11-17 19:56 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-17 19:56 . 2014-11-17 19:56 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-17 19:56 . 2014-11-17 19:56 33869824 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-17 19:53 . 2014-11-17 19:53 28772352 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-17 19:50 . 2014-11-17 19:50 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-17 19:50 . 2014-11-17 19:50 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-17 19:12 . 2014-11-17 19:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-17 19:11 . 2014-11-17 19:11 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-17 19:11 . 2014-11-17 19:11 5836800 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-17 19:10 . 2014-11-17 19:10 28356608 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-17 18:54 . 2014-11-17 18:54 4590080 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-17 18:49 . 2014-11-17 18:49 23627264 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-17 18:40 . 2014-11-17 18:40 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-17 18:40 . 2014-11-17 18:40 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-17 18:40 . 2014-11-17 18:40 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-17 18:39 . 2014-11-17 18:39 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-17 18:39 . 2014-11-17 18:39 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-17 18:39 . 2014-11-17 18:39 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-17 18:39 . 2014-11-17 18:39 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-17 18:39 . 2014-11-17 18:39 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-17 18:36 . 2014-11-17 18:36 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-17 18:22 . 2014-11-17 18:22 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-17 18:21 . 2014-11-17 18:21 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-17 18:21 . 2014-11-17 18:21 623616 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-17 18:21 . 2014-11-17 18:21 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-17 18:20 . 2014-11-17 18:20 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-17 18:17 . 2014-11-17 18:17 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-17 18:17 . 2014-11-17 18:17 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-17 18:06 . 2014-11-17 18:06 839168 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-11-17 17:55 . 2014-11-17 17:55 1211392 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-17 17:55 . 2014-11-17 17:55 901120 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-17 17:54 . 2014-11-17 17:54 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-17 17:54 . 2014-11-17 17:54 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 581120 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-17 17:52 . 2014-11-17 17:52 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-17 17:52 . 2014-11-17 17:52 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-17 17:52 . 2014-11-17 17:52 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-17 17:51 . 2014-11-17 17:51 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-17 17:49 . 2014-11-17 17:49 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-17 14:08 . 2014-11-17 14:08 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-17 14:03 . 2014-11-17 14:03 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-13 01:28 . 2014-09-14 23:40 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-13 01:28 . 2012-12-22 07:34 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-12 18:06 . 2014-01-27 00:08 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-11-25 16:11 . 2013-11-09 01:52 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 21:43 . 2014-09-14 23:40 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-16 20:11 . 2014-02-18 15:09 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCEnhancer"="c:\users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe" [2014-11-26 286208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-17 767176]
.
c:\users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TPUCapture.lnk - e:\program files (x86)\TPUCapture\TPUCapture.exe [2009-8-28 345088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"NoAutoRebootWithLoggedOnUsers"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 DIRECTIO;DIRECTIO;e:\program files\PerformanceTest\DirectIo64.sys;e:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 getbus;getbus;c:\users\sef\AppData\Local\Temp\getbus.sys;c:\users\sef\AppData\Local\Temp\getbus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\sef\AppData\Local\Temp\GPU-Z.sys;c:\users\sef\AppData\Local\Temp\GPU-Z.sys [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 SaiK1709;SaiK1709;c:\windows\system32\DRIVERS\SaiK1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1709.sys [x]
R3 SaiU1709;SaiU1709;c:\windows\system32\DRIVERS\SaiU1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1709.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TVICHW32;TVICHW32;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R4 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 MoboroboDeviceService;Moborobo Device Service;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys;c:\windows\SYSNATIVE\drivers\bcgame.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AIDA64DRIVER
*NewlyCreated* - NTIOLIB_1_0_3
*NewlyCreated* - NTIOLIB_1_0_4
*NewlyCreated* - NTIOLIB_FASTBOOT
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-11 23:49 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-22 18:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: NameServer = 208.67.222.222,208.67.220.220
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{11111111-1111-1111-1111-110611341129} - c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
BHO-{11111111-1111-1111-1111-110611811153} - c:\program files (x86)\Sense\Sense-bho.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\AIDA64Driver]
"ImagePath"="\??\e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1463186153-2632091326-3034755131-1001\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
e:\fraps\fraps.exe
c:\program files (x86)\MSI\Fast Boot\FastBoot.exe
e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
.
**************************************************************************
.
Celkový čas: 2014-12-13 04:29:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-13 03:29
ComboFix2.txt 2014-12-11 08:30
ComboFix3.txt 2014-11-29 11:51
ComboFix4.txt 2014-11-06 21:11
.
Před spuštěním: Volných bajtů: 14 961 864 704
Po spuštění: Volných bajtů: 16 732 065 792
.
- - End Of File - - 3657458ED35D5E4F40D0DA06F5B0166B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8139.5786 [GMT 1:00]
Spuštěný z: c:\users\sef\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\sef\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job"
"c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job"
"c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job"
"c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job"
"c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SavePass 1.1
c:\program files (x86)\SavePass 1.1\1293297481.mxaddon
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-4.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce.crx
c:\program files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce.xpi
c:\program files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe
c:\program files (x86)\SavePass 1.1\background.html
c:\program files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe
c:\program files (x86)\SavePass 1.1\f4b1b179-2c88-4a16-b515-c49c45868d4f.crx
c:\program files (x86)\SavePass 1.1\Interop.IWshRuntimeLibrary.dll
c:\program files (x86)\SavePass 1.1\Newtonsoft.Json.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bg.exe
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho64.dll
c:\program files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe
c:\program files (x86)\SavePass 1.1\SavePass 1.1.ico
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Common.dll
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Core.dll
c:\program files (x86)\SavePass 1.1\SuperSocket.ClientEngine.Protocol.dll
c:\program files (x86)\SavePass 1.1\Uninstall.exe
c:\program files (x86)\SavePass 1.1\utils.exe
c:\program files (x86)\SavePass 1.1\WebSocket4Net.dll
c:\program files (x86)\Sense
c:\program files (x86)\Sense\06bd5836-7973-42ed-aa4c-975080e7c4f9.crx
c:\program files (x86)\Sense\1293297481.mxaddon
c:\program files (x86)\Sense\background.html
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-11.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-4.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d.crx
c:\program files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d.xpi
c:\program files (x86)\Sense\Sense-bg.exe
c:\program files (x86)\Sense\Sense-bho.dll
c:\program files (x86)\Sense\Sense-bho64.dll
c:\program files (x86)\Sense\Sense-buttonutil.dll
c:\program files (x86)\Sense\Sense-buttonutil.exe
c:\program files (x86)\Sense\Sense-buttonutil64.dll
c:\program files (x86)\Sense\Sense-buttonutil64.exe
c:\program files (x86)\Sense\Sense-codedownloader.exe
c:\program files (x86)\Sense\Sense.ico
c:\program files (x86)\Sense\Uninstall.exe
c:\program files (x86)\Sense\utils.exe
c:\users\sef\AppData\Local\CrashRpt
c:\users\sef\AppData\Local\globalUpdate
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.job
c:\windows\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user.job
c:\windows\Tasks\5432e15e-8b38-4917-9568-a8baef47582c.job
c:\windows\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5.job
c:\windows\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SBMNTR
-------\Service_sbmntr
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-13 do 2014-12-13 )))))))))))))))))))))))))))))))
.
.
2014-12-13 03:27 . 2014-12-13 03:27 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D26F1345-80C9-409F-9EF2-F5AD9C18C40F}\offreg.dll
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2014-12-13 03:27 . 2014-12-13 03:27 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-12-12 23:22 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D26F1345-80C9-409F-9EF2-F5AD9C18C40F}\mpengine.dll
2014-12-11 08:39 . 2014-12-11 08:41 -------- d-----w- c:\program files\trend micro
2014-12-11 08:39 . 2014-12-11 08:39 -------- dc----w- C:\rsit
2014-12-10 21:12 . 2014-09-16 20:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D5F3DF5-C34D-4AB9-B365-4E900554053C}\gapaengine.dll
2014-12-10 21:12 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-05 08:58 . 2014-10-19 14:54 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-12-03 08:58 . 2014-12-03 08:58 -------- d-----w- c:\program files (x86)\SereneScreen
2014-12-03 08:58 . 2009-01-28 15:14 6234112 ----a-w- c:\windows\SysWow64\MarineAquarium3.scr
2014-12-01 04:11 . 2014-12-01 04:11 -------- d-----w- c:\program files\BreakPoint Software
2014-12-01 04:10 . 2014-12-01 04:10 -------- d-----w- c:\users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 03:48 . 2014-12-01 03:48 -------- d-----w- c:\programdata\Orbit
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Roaming\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\users\sef\AppData\Local\ATI
2014-11-30 03:34 . 2014-11-30 03:34 -------- d-----w- c:\programdata\ATI
2014-11-30 03:34 . 2014-11-30 03:34 0 ----a-w- c:\windows\ativpsrm.bin
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\programdata\AMD
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\AMD AVT
2014-11-29 11:57 . 2014-11-29 11:57 -------- d-----w- c:\program files (x86)\ATI Technologies
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI
2014-11-29 11:48 . 2014-11-29 11:48 -------- d-----w- c:\program files\ATI Technologies
2014-11-29 11:47 . 2014-11-29 11:47 -------- dc----w- C:\AMD
2014-11-29 11:16 . 2014-11-29 11:16 -------- d-----w- c:\users\sef\AppData\Roaming\KC Softwares
2014-11-29 11:15 . 2014-11-29 11:15 -------- d-----w- c:\programdata\Binarysense
2014-11-29 03:18 . 2014-11-29 09:26 -------- d-----w- c:\program files (x86)\System Ninja
2014-11-28 19:22 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2014-11-28 19:22 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2014-11-28 10:51 . 2014-11-28 10:51 -------- d-----w- c:\users\sef\AppData\Local\WindowsApplication1
2014-11-28 10:50 . 2014-11-28 10:50 -------- d-----w- c:\program files\DVD Maker
2014-11-28 04:24 . 2014-11-28 04:24 -------- d-----w- c:\program files (x86)\7-Zip
2014-11-25 21:57 . 2014-11-25 21:57 -------- d-----w- c:\program files (x86)\QuickTime
2014-11-25 16:57 . 2014-11-25 16:57 -------- d-----w- c:\users\sef\AppData\Roaming\Oracle
2014-11-22 08:57 . 2014-11-22 08:57 2734068 ----a-w- c:\users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-17 20:16 . 2014-11-17 20:16 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-17 20:16 . 2014-11-17 20:16 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-17 20:16 . 2014-11-17 20:16 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-17 20:16 . 2014-11-17 20:16 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-17 20:16 . 2014-11-17 20:16 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-17 20:15 . 2014-11-17 20:15 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-17 20:15 . 2014-11-17 20:15 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-17 20:15 . 2014-11-17 20:15 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-17 20:15 . 2014-11-17 20:15 1342760 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 1118720 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 10889312 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-17 20:15 . 2014-11-17 20:15 9314984 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-17 20:15 . 2014-11-17 20:15 7208104 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-17 20:15 . 2014-11-17 20:15 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-17 20:15 . 2014-11-17 20:15 8045488 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-17 20:15 . 2014-11-17 20:15 8295784 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-17 20:13 . 2014-11-17 20:13 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-17 20:11 . 2014-11-17 20:11 16756736 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-17 19:57 . 2014-11-17 19:57 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-17 19:57 . 2014-11-17 19:57 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2014-11-17 19:57 . 2014-11-17 19:57 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2014-11-17 19:57 . 2014-11-17 19:57 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2014-11-17 19:57 . 2014-11-17 19:57 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2014-11-17 19:57 . 2014-11-17 19:57 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-17 19:57 . 2014-11-17 19:57 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-17 19:56 . 2014-11-17 19:56 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-17 19:56 . 2014-11-17 19:56 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-17 19:56 . 2014-11-17 19:56 33869824 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-17 19:53 . 2014-11-17 19:53 28772352 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-17 19:50 . 2014-11-17 19:50 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-17 19:50 . 2014-11-17 19:50 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-17 19:12 . 2014-11-17 19:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-17 19:11 . 2014-11-17 19:11 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-17 19:11 . 2014-11-17 19:11 5836800 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-17 19:10 . 2014-11-17 19:10 28356608 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-17 18:54 . 2014-11-17 18:54 4590080 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-17 18:49 . 2014-11-17 18:49 23627264 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-17 18:40 . 2014-11-17 18:40 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-17 18:40 . 2014-11-17 18:40 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-17 18:40 . 2014-11-17 18:40 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-17 18:39 . 2014-11-17 18:39 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-17 18:39 . 2014-11-17 18:39 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-17 18:39 . 2014-11-17 18:39 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-17 18:39 . 2014-11-17 18:39 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-17 18:39 . 2014-11-17 18:39 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-17 18:36 . 2014-11-17 18:36 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-17 18:22 . 2014-11-17 18:22 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-17 18:21 . 2014-11-17 18:21 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-17 18:21 . 2014-11-17 18:21 623616 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-17 18:21 . 2014-11-17 18:21 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-17 18:20 . 2014-11-17 18:20 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-17 18:17 . 2014-11-17 18:17 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-17 18:17 . 2014-11-17 18:17 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-17 18:06 . 2014-11-17 18:06 839168 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-11-17 17:55 . 2014-11-17 17:55 1211392 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-17 17:55 . 2014-11-17 17:55 901120 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-17 17:54 . 2014-11-17 17:54 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-17 17:54 . 2014-11-17 17:54 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-17 17:54 . 2014-11-17 17:54 581120 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-17 17:52 . 2014-11-17 17:52 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-17 17:52 . 2014-11-17 17:52 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-17 17:52 . 2014-11-17 17:52 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-17 17:51 . 2014-11-17 17:51 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-17 17:49 . 2014-11-17 17:49 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-17 14:08 . 2014-11-17 14:08 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-17 14:03 . 2014-11-17 14:03 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-13 01:28 . 2014-09-14 23:40 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-13 01:28 . 2012-12-22 07:34 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-12 18:06 . 2014-01-27 00:08 347464 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-11-25 16:11 . 2013-11-09 01:52 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-13 21:43 . 2014-09-14 23:40 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-16 20:11 . 2014-02-18 15:09 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCEnhancer"="c:\users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe" [2014-11-26 286208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-17 767176]
.
c:\users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TPUCapture.lnk - e:\program files (x86)\TPUCapture\TPUCapture.exe [2009-8-28 345088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"NoAutoRebootWithLoggedOnUsers"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 atillk64;atillk64;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys;c:\program files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 DIRECTIO;DIRECTIO;e:\program files\PerformanceTest\DirectIo64.sys;e:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 getbus;getbus;c:\users\sef\AppData\Local\Temp\getbus.sys;c:\users\sef\AppData\Local\Temp\getbus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\sef\AppData\Local\Temp\GPU-Z.sys;c:\users\sef\AppData\Local\Temp\GPU-Z.sys [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;e:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
R3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 SaiK1709;SaiK1709;c:\windows\system32\DRIVERS\SaiK1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1709.sys [x]
R3 SaiU1709;SaiU1709;c:\windows\system32\DRIVERS\SaiU1709.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1709.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TVICHW32;TVICHW32;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys;c:\program files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R4 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 MoboroboDeviceService;Moborobo Device Service;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys;c:\windows\SYSNATIVE\drivers\bcgame.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AIDA64DRIVER
*NewlyCreated* - NTIOLIB_1_0_3
*NewlyCreated* - NTIOLIB_1_0_4
*NewlyCreated* - NTIOLIB_FASTBOOT
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-11 23:49 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-22 18:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: NameServer = 208.67.222.222,208.67.220.220
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{11111111-1111-1111-1111-110611341129} - c:\program files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
BHO-{11111111-1111-1111-1111-110611811153} - c:\program files (x86)\Sense\Sense-bho.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\AIDA64Driver]
"ImagePath"="\??\e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1463186153-2632091326-3034755131-1001\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
e:\fraps\fraps.exe
c:\program files (x86)\MSI\Fast Boot\FastBoot.exe
e:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
.
**************************************************************************
.
Celkový čas: 2014-12-13 04:29:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-13 03:29
ComboFix2.txt 2014-12-11 08:30
ComboFix3.txt 2014-11-29 11:51
ComboFix4.txt 2014-11-06 21:11
.
Před spuštěním: Volných bajtů: 14 961 864 704
Po spuštění: Volných bajtů: 16 732 065 792
.
- - End Of File - - 3657458ED35D5E4F40D0DA06F5B0166B
A36C5E4F47E84449FF07ED3517B43A31
Re: prosim o kontrolu logu
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
# AdwCleaner v4.105 - Report created 13/12/2014 at 12:11:42
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : sef - SEF-PC
# Running from : E:\Download\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\sef\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611811153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622812253}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622812253}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\UpToDown
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R2].txt - [6433 octets] - [13/12/2014 12:10:30]
AdwCleaner[S2].txt - [5891 octets] - [13/12/2014 12:11:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5951 octets] ##########
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : sef - SEF-PC
# Running from : E:\Download\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\sef\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611811153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622812253}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622812253}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\UpToDown
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R2].txt - [6433 octets] - [13/12/2014 12:10:30]
AdwCleaner[S2].txt - [5891 octets] - [13/12/2014 12:11:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5951 octets] ##########
Re: prosim o kontrolu logu
- Prejmenujte ComboFix na Uninstall a spustte jako spravce
- ComboFix se odinstaluje.
Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014
Ran by sef (administrator) on SEF-PC on 14-12-2014 01:06:22
Running from C:\Users\sef\Desktop
Loaded Profile: sef (Available profiles: sef & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Moborobo\MoboRoboDeviceService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(techPowerUp!) E:\Program Files (x86)\TPUCapture\TPUCapture.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(FinalWire Ltd.) E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Belkin Corporation) C:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe
(Google Inc.) C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Run: [CCEnhancer] => C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe [286208 2014-11-26] (SingularLabs)
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\Users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TPUCapture.lnk
ShortcutTarget: TPUCapture.lnk -> E:\Program Files (x86)\TPUCapture\TPUCapture.exe (techPowerUp!)
ShellIconOverlayIdentifiers: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001 -> {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profi ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: [NameServer] 208.67.222.222,208.67.220.220
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\sef\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @talk.google.com/O1DPlugin -> C:\Users\sef\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @tools.google.com/Google Update;version=3 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @tools.google.com/Google Update;version=9 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\sef\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sef\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=5
CHR Profile: C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-08-08]
CHR Extension: (Adblock Plus) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-12]
CHR Extension: (Reverse Phone Search) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\deckacljcpocafbjcpcnclkplimnemak [2014-03-12]
CHR Extension: (Reverse Phone Lookup) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\eccacjpoadkkkichonipjpkjoklpdacg [2014-11-18]
CHR Extension: (AdBlock Premium) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-03-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-09]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-09]
CHR Extension: (Adblock Super) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-12-12]
CHR Extension: (Auto HD For YouTube™) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-03-12]
CHR Extension: (Linkclump) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2014-11-16]
CHR Extension: (Clickable Links) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp [2014-11-16]
CHR Extension: (LastPass Vault) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-03-09]
CHR Extension: (Webutation) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfmabiojpommfcalfdgjjeaahnjbj [2014-04-04]
CHR Extension: (EEZYSMS - Free SMS) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla [2014-03-12]
CHR Extension: (Peněženka Google) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
CHR Extension: (Televize Online) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2014-03-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
U2 HiPatchService; e:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-10-22] ()
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MoboroboDeviceService; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1730000 2014-10-24] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S4 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-13] ()
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AIDA64Driver; E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-08-21] ()
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2012-01-15] (Google Inc) [File not signed]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-10-18] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2012-10-18] ()
R3 bcgame; C:\Windows\System32\drivers\bcgame.sys [35328 2007-08-14] (Belkin Corporation)
S3 DIRECTIO; E:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-18] (Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [36256 2012-01-15] (Google Inc) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-26] (REALiX(tm))
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5343584 2012-10-10] (Intel Corporation) [File not signed]
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-10-22] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-10-22] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-10-22] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-05] (MSI)
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 SaiK1709; C:\Windows\System32\DRIVERS\SaiK1709.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
S3 SaiU1709; C:\Windows\System32\DRIVERS\SaiU1709.sys [47168 2012-09-20] (Saitek)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2014-08-07] (Sony Ericsson Mobile Communications)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-10-02] (Windows (R) Win 7 DDK provider)
S3 uisp; C:\Windows\System32\Drivers\mtdfu.sys [17936 2014-01-04] (Logitech, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\vhidmini.sys [13952 2007-09-29] (Windows (R) Codename Longhorn DDK provider)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-02-05] ()
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys [X]
S3 GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 01:06 - 2014-12-14 01:06 - 00022242 _____ () C:\Users\sef\Desktop\FRST.txt
2014-12-14 01:06 - 2014-12-14 01:06 - 00000000 ___DC () C:\FRST
2014-12-14 01:04 - 2014-12-14 01:04 - 02119168 _____ (Farbar) C:\Users\sef\Desktop\FRST64.exe
2014-12-14 01:02 - 2014-12-14 01:03 - 00000000 __SDC () C:\32788R22FWJFW
2014-12-13 12:10 - 2014-12-13 12:11 - 00000000 ___DC () C:\AdwCleaner
2014-12-13 04:27 - 2014-12-13 12:12 - 00001776 _____ () C:\Windows\PFRO.log
2014-12-13 04:27 - 2014-12-13 04:27 - 00299880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-13 04:00 - 2014-12-13 04:00 - 00005121 _____ () C:\Users\sef\Desktop\Nový textový dokument (3).txt
2014-12-13 00:08 - 2014-12-13 00:08 - 00001544 _____ () C:\Users\sef\Desktop\msseces.exe – zástupce.lnk
2014-12-12 18:49 - 2014-12-13 20:26 - 00001238 _____ () C:\Windows\setupact.log
2014-12-12 18:49 - 2014-12-12 18:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-11 09:54 - 2014-12-11 09:54 - 00064416 _____ () C:\Users\sef\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 09:39 - 2014-12-11 09:41 - 00000000 ____D () C:\Program Files\trend micro
2014-12-11 09:39 - 2014-12-11 09:39 - 00000000 ___DC () C:\rsit
2014-12-11 09:33 - 2014-12-11 09:33 - 00040218 _____ () C:\Users\sef\Desktop\m.txt
2014-12-11 06:40 - 2014-12-14 00:00 - 00011436 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 04:16 - 2014-12-10 04:16 - 00000000 ____D () C:\Users\sef\Desktop\fsm2013
2014-12-05 18:41 - 2014-12-05 18:41 - 00000000 ____D () C:\Users\sef\Documents\Electronic Arts
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\ProgramData\Desktop\The Sims 4.lnk
2014-12-05 09:58 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-12-05 09:46 - 2014-12-05 09:46 - 00000000 ____D () C:\Users\sef\Desktop\G1152_V02.part01
2014-12-05 02:30 - 2014-12-05 02:30 - 00001064 _____ () C:\Users\Public\Desktop\theHunter.lnk
2014-12-05 02:30 - 2014-12-05 02:30 - 00001064 _____ () C:\ProgramData\Desktop\theHunter.lnk
2014-12-03 10:03 - 2014-12-03 10:03 - 00001484 _____ () C:\Users\sef\Desktop\AudiRS6_MTMWheels_10.jpg – zástupce.lnk
2014-12-03 09:58 - 2014-12-03 09:58 - 00000000 ____D () C:\Program Files (x86)\SereneScreen
2014-12-03 09:58 - 2009-01-28 16:14 - 06234112 _____ (SereneScreen) C:\Windows\SysWOW64\MarineAquarium3.scr
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\ProgramData\Desktop\Audacity.lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00001258 _____ () C:\Users\Public\Desktop\Hex Workshop Hex Editor (64 bit).lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00001258 _____ () C:\ProgramData\Desktop\Hex Workshop Hex Editor (64 bit).lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
2014-12-01 05:11 - 2014-12-01 05:11 - 00000000 ____D () C:\Program Files\BreakPoint Software
2014-12-01 05:10 - 2014-12-01 05:10 - 00000000 ____D () C:\Users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 04:48 - 2014-12-01 04:48 - 00000000 ____D () C:\ProgramData\Orbit
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\Users\sef\AppData\Roaming\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\Users\sef\AppData\Local\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\ProgramData\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\ProgramData\AMD
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-29 12:48 - 2014-11-29 12:48 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-29 12:48 - 2014-11-29 12:48 - 00000000 ____D () C:\Program Files\ATI
2014-11-29 12:47 - 2014-11-29 12:47 - 00000000 ___DC () C:\AMD
2014-11-29 12:18 - 2014-11-29 12:18 - 00000000 ____D () C:\Users\sef\Documents\Egosoft
2014-11-29 12:16 - 2014-11-29 12:16 - 00000000 ____D () C:\Users\sef\AppData\Roaming\KC Softwares
2014-11-29 12:15 - 2014-11-29 12:15 - 00000000 ____D () C:\ProgramData\Binarysense
2014-11-29 11:51 - 2014-11-29 11:51 - 00000000 ____D () C:\Users\sef\Desktop\WindowsServiceManager
2014-11-29 11:51 - 2014-11-29 11:51 - 00000000 ____D () C:\Users\sef\Desktop\RegistryCleaner
2014-11-29 08:44 - 2014-11-29 08:45 - 19008356 _____ () C:\Users\sef\Desktop\IMG.tif
2014-11-29 04:18 - 2014-11-29 10:26 - 00000000 ____D () C:\Program Files (x86)\System Ninja
2014-11-29 04:18 - 2014-11-29 04:18 - 00001059 _____ () C:\Users\Public\Desktop\System Ninja.lnk
2014-11-29 04:18 - 2014-11-29 04:18 - 00001059 _____ () C:\ProgramData\Desktop\System Ninja.lnk
2014-11-29 04:18 - 2014-11-29 04:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
2014-11-29 04:13 - 2014-11-29 04:13 - 00000000 ____D () C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual
2014-11-28 20:22 - 2009-08-04 18:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-11-28 20:22 - 2009-08-04 18:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-11-28 14:13 - 2014-11-28 14:13 - 01462198 _____ () C:\Users\sef\Documents\duplicate.txt
2014-11-28 13:51 - 2014-11-28 13:51 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-28 13:51 - 2014-11-28 13:51 - 00000728 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-28 13:51 - 2014-11-28 13:51 - 00000728 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-11-28 11:51 - 2014-11-28 11:51 - 00000000 ____D () C:\Users\sef\AppData\Local\WindowsApplication1
2014-11-28 11:50 - 2014-11-28 11:50 - 00000000 ____D () C:\Program Files\DVD Maker
2014-11-28 05:38 - 2014-11-28 05:38 - 00005784 _____ () C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5
2014-11-28 05:37 - 2014-11-28 05:37 - 00006772 _____ () C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1
2014-11-28 05:36 - 2014-11-28 05:36 - 00008192 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11
2014-11-28 05:36 - 2014-11-28 05:36 - 00006456 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1
2014-11-28 05:36 - 2014-11-28 05:36 - 00005454 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5
2014-11-28 05:36 - 2014-11-28 05:36 - 00005118 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2
2014-11-28 05:36 - 2014-11-28 05:36 - 00004464 _____ () C:\Windows\System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c
2014-11-28 05:36 - 2014-11-28 05:36 - 00003626 _____ () C:\Windows\System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890
2014-11-28 05:36 - 2014-11-28 05:36 - 00003564 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-11-28 05:24 - 2014-11-28 05:24 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-27 20:06 - 2014-11-27 20:06 - 00000000 ____D () C:\Users\sef\Documents\My Cheat Tables
2014-11-25 22:57 - 2014-11-25 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-25 22:57 - 2014-11-25 22:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-25 17:57 - 2014-11-25 17:57 - 00000000 ____D () C:\Users\sef\AppData\Roaming\Oracle
2014-11-22 09:57 - 2014-11-22 09:57 - 02734068 _____ () C:\Users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-21 23:41 - 2014-11-21 23:41 - 00001063 _____ () C:\Users\Public\Desktop\Colin McRae Rally Remastered.lnk
2014-11-21 23:41 - 2014-11-21 23:41 - 00001063 _____ () C:\ProgramData\Desktop\Colin McRae Rally Remastered.lnk
2014-11-21 23:41 - 2014-11-21 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
2014-11-17 21:16 - 2014-11-17 21:16 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 10889312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 09314984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 08295784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 08045488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 07208104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 07028336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 01342760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 01118720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-17 21:13 - 2014-11-17 21:13 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-17 21:11 - 2014-11-17 21:11 - 16756736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-17 20:57 - 2014-11-17 20:57 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-17 20:57 - 2014-11-17 20:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 33869824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-17 20:53 - 2014-11-17 20:53 - 28772352 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-17 20:50 - 2014-11-17 20:50 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-17 20:50 - 2014-11-17 20:50 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-17 20:12 - 2014-11-17 20:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-17 20:11 - 2014-11-17 20:11 - 05836800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-17 20:11 - 2014-11-17 20:11 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-17 20:10 - 2014-11-17 20:10 - 28356608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-17 19:54 - 2014-11-17 19:54 - 04590080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-17 19:49 - 2014-11-17 19:49 - 23627264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-17 19:40 - 2014-11-17 19:40 - 00627128 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-17 19:40 - 2014-11-17 19:40 - 00627128 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-17 19:40 - 2014-11-17 19:40 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-17 19:40 - 2014-11-17 19:40 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-17 19:40 - 2014-11-17 19:40 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-17 19:36 - 2014-11-17 19:36 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-17 19:22 - 2014-11-17 19:22 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-17 19:21 - 2014-11-17 19:21 - 00623616 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-17 19:21 - 2014-11-17 19:21 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-17 19:21 - 2014-11-17 19:21 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-17 19:20 - 2014-11-17 19:20 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-17 19:17 - 2014-11-17 19:17 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-17 19:17 - 2014-11-17 19:17 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-17 19:12 - 2014-11-17 19:12 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-17 19:10 - 2014-11-17 19:10 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-11-17 19:06 - 2014-11-17 19:06 - 00839168 _____ (AMD) C:\Windows\system32\coinst_14.30.dll
2014-11-17 19:01 - 2014-11-17 19:01 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-17 18:55 - 2014-11-17 18:55 - 01211392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-17 18:55 - 2014-11-17 18:55 - 00901120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00581120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-17 18:54 - 2014-11-17 18:54 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-11-17 18:51 - 2014-11-17 18:51 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-11-17 18:49 - 2014-11-17 18:49 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-17 15:08 - 2014-11-17 15:08 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-17 15:03 - 2014-11-17 15:03 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 01:03 - 2013-08-09 17:36 - 00000000 ____D () C:\Windows\erdnt
2014-12-14 00:43 - 2013-11-28 20:48 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 20:34 - 2014-09-15 00:40 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-13 20:34 - 2012-12-22 08:34 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-13 13:14 - 2010-11-21 10:27 - 00756168 _____ () C:\Windows\system32\perfh005.dat
2014-12-13 13:14 - 2010-11-21 10:27 - 00178888 _____ () C:\Windows\system32\perfc005.dat
2014-12-13 13:14 - 2009-07-14 06:13 - 01823228 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 12:19 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 12:19 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 12:12 - 2014-01-18 02:05 - 00003210 _____ () C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-12-13 12:12 - 2013-03-15 19:58 - 00003130 _____ () C:\Windows\System32\Tasks\FRAPS
2014-12-13 12:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 04:27 - 2009-07-14 03:34 - 76808192 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 61472768 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00258048 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00032768 _____ () C:\Windows\system32\config\SAM.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-12-13 02:28 - 2014-01-27 01:08 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-11 20:05 - 2014-09-13 11:22 - 00000000 ____D () C:\Users\sef\Desktop\oooo
2014-12-08 18:08 - 2012-10-23 22:19 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-12-06 22:10 - 2012-10-20 17:10 - 00000000 ____D () C:\Users\sef\AppData\Roaming\DAEMON Tools Lite
2014-12-05 15:29 - 2013-11-25 06:58 - 00000000 ____D () C:\ProgramData\Moborobo
2014-12-05 10:31 - 2014-04-14 03:20 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-12-05 10:31 - 2012-10-21 00:13 - 00000000 ____D () C:\Users\Administrator
2014-12-05 09:58 - 2013-06-06 06:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-05 09:58 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-05 09:44 - 2014-05-28 17:16 - 00000098 _____ () C:\Users\sef\AppData\Roaming\LauncherSettings_live.cfg
2014-12-05 08:58 - 2013-02-05 06:55 - 00000040 _____ () C:\Users\sef\AppData\Roaming\TheHunterSettings_live.cfg
2014-12-05 02:30 - 2014-01-29 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\theHunter
2014-12-05 02:30 - 2012-10-18 23:21 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-03 09:59 - 2014-01-29 01:28 - 00000000 ____D () C:\Users\sef\AppData\Roaming\Marine Aquarium 3
2014-12-03 09:50 - 2013-10-03 01:31 - 00000000 ____D () C:\Users\sef\Desktop\All sizes hawt at Rock Otočec Flickr - Photo Sharing!_files
2014-12-01 01:29 - 2014-01-26 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAN Optimizer
2014-11-29 13:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-29 12:56 - 2014-06-13 11:44 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-11-29 11:41 - 2014-07-14 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps
2014-11-29 09:46 - 2013-06-06 11:28 - 00000000 ____D () C:\Users\sef\AppData\Local\Warframe
2014-11-29 09:46 - 2012-10-18 11:28 - 00000000 ____D () C:\Windows\Panther
2014-11-29 09:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-29 09:28 - 2012-10-18 12:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-29 09:21 - 2013-11-07 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-11-29 09:21 - 2013-11-07 19:30 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-28 14:15 - 2012-10-22 05:18 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-28 13:51 - 2013-01-28 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-28 05:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-28 05:28 - 2014-07-20 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-11-28 05:27 - 2014-01-18 21:02 - 00000000 ____D () C:\Users\sef\AppData\Local\CrashDumps
2014-11-28 05:27 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-11-25 17:12 - 2012-10-30 07:37 - 00000000 ____D () C:\Program Files\Java
2014-11-25 17:11 - 2013-11-09 02:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-25 17:11 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-25 17:11 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-25 17:11 - 2012-10-30 08:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 09:39 - 2014-10-16 14:27 - 00003778 _____ () C:\Windows\System32\Tasks\Java Updater
2014-11-20 23:15 - 2012-10-18 23:23 - 00000000 ____D () C:\Users\sef\Documents\My Games
2014-11-20 22:21 - 2014-03-15 23:53 - 00053248 ___SH () C:\Users\sef\Documents\Thumbs.db
2014-11-20 22:18 - 2014-06-17 12:15 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-11-20 22:16 - 2012-10-20 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-11-20 22:16 - 2012-10-20 12:21 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-11-20 22:15 - 2012-10-18 13:37 - 00000000 ____D () C:\Windows\Minidump
2014-11-16 11:06 - 2014-11-06 15:10 - 00004135 _____ () C:\Users\sef\Desktop\Nový textový dokument (2).txt
2014-11-14 21:13 - 2013-12-08 04:02 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 21:13 - 2013-12-08 04:02 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 10:07 - 2014-10-15 20:55 - 00000787 _____ () C:\Users\sef\Desktop\Nový textový dokument.txt
2014-11-14 01:01 - 2014-03-05 16:31 - 00003924 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA
2014-11-14 01:01 - 2014-03-05 16:31 - 00003528 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core
Files to move or delete:
====================
C:\ProgramData\ISTask.dll
Some content of TEMP:
====================
C:\Users\sef\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 03:49
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
Ran by sef at 2014-12-14 01:06:39
Running from C:\Users\sef\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.60 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
Alien Isolation (HKLM-x32\...\Alien Isolation_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{A3808FE1-6B99-1B1F-F18A-FE658F175C0E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.7.672769 - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version: - )
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Daum PotPlayer 1.5.35238 (HKLM-x32\...\PotPlayer) (Version: - )
DEFIANCE (HKLM-x32\...\{58C7728C-D226-41B9-AA52-39CCC3ADB65F}_is1) (Version: - Trion Worlds, Inc.)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.8 - DjVuZone)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GamersFirst LIVE! (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\GamersFirst LIVE!) (Version: - GamersFirst)
Global Agenda Live (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF001}) (Version: 1.5.1.5 - Hi-Rez Studios)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Google Chrome SxS) (Version: 41.0.2249.0 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hellgate (HKLM-x32\...\{65DF3688-6EF3-4C86-83DE-54AB46029F07}) (Version: 2.0.0.3 - Hanbit Soft)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Processor Diagnostic Tool 64Bit (HKLM\...\{6D3B2650-6767-49B6-A63E-CD410C653B05}) (Version: 17.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{42FBBB6D-AB2A-4C2E-8B6F-1E5AD20A6D07}) (Version: 3.0.42.1767 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java(TM) SE Development Kit 6 Update 37 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160370}) (Version: 1.6.0.370 - Oracle)
JavaFX 2.2.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-223648764D10}) (Version: 2.2.3 - Oracle Corporation)
JavaFX 2.2.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-223648764D10}) (Version: 2.2.3 - Oracle Corporation)
Litecoin (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Litecoin) (Version: 0.8.6.1 - Litecoin project)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
Nostromo (HKLM-x32\...\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}) (Version: 3.2.4 - Belkin International)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Race Driver - GRID 2 1.0.82.5097 (HKLM-x32\...\Race Driver - GRID 2_is1) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 3.9.8.6081 - GetData Pty Ltd)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
SereneScreen Marine Aquarium 3 (HKLM-x32\...\SereneScreen Marine Aquarium 3_is1) (Version: 3.0 - Prolific Publishing, Inc.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
SSDlife Free (HKLM-x32\...\{69D08A2A-0C31-482B-841C-B68A7BAF6164}) (Version: 2.3.50 - BinarySense Inc.)
System Ninja version 3.0.4 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.4 - SingularLabs)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
The Vanishing of Ethan Carter (HKLM-x32\...\The Vanishing of Ethan Carter_is1) (Version: - )
theHunter (remove only) (HKLM-x32\...\theHunter) (Version: - Expansive Worlds)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 736 - Expansive Worlds)
Tom Clancy's Ghost Recon - Advanced Warfighter 2 Final (HKLM-x32\...\Tom Clancy's Ghost Recon - Advanced Warfighter 2 Final) (Version: - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Warframe (HKLM-x32\...\GamersFirst Warframe) (Version: - GamersFirst)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
14-12-2014 00:03:14 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-12-13 04:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02F6E3D8-0D09-491F-B908-62B668B90169} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core => C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {05020F51-A3E1-464B-8DDE-68C484E1144A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {07A52C09-6F52-4843-9412-A99D786E6A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.)
Task: {2D174B02-7409-4FDC-918D-BCBD4A87A32C} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {2EA7DAFC-FCD9-4EF2-AF11-57FD0FCD618B} - System32\Tasks\{C19D9003-2B5B-4315-83C3-969136217B51} => C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [2012-08-13] (OpenOffice.org)
Task: {3352339F-EEB1-42C3-A0A7-CAB4566C28F2} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe <==== ATTENTION
Task: {49FDD0F9-B8CF-42BB-A58D-EEC2397374AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-23] (Adobe Systems Incorporated)
Task: {53BCC9C8-4BA4-4C5D-88CC-55F830088951} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {636C25E2-6634-4A92-BA72-2D9D7C086DA0} - System32\Tasks\Java Updater => C:\Users\sef\AppData\Roaming\nircmd.exe
Task: {6509BB08-713F-4D3C-838A-60AC68CBC36D} - System32\Tasks\ASUS\i-Setup133818 => C:\Windows\AMD_Chipset_V307320_Windows7\AsusSetup.exe [2012-10-18] (ASUSTek)
Task: {70FF7A13-A5A0-4667-9F9F-90CFD6D53137} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {841508BE-654D-478F-81CE-49B6DD2DFCC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {95046D41-F528-4197-AC19-A2DCA28C8161} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {99E5674F-54EB-4FB8-8A66-4E79111C9192} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {9A33798E-3CFC-4C9E-B858-7FD326B1B6B9} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {9C2D454D-34AF-4682-B925-E75A27EE9164} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA => C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {A086B98C-7234-45F9-8838-4DBAA12C748D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {A3C60635-6032-4EFD-BAA6-6726B85E1B10} - System32\Tasks\FRAPS => E:\Fraps\fraps.exe [2012-08-14] (Beepa P/L)
Task: {B15003B8-2600-45FC-8415-1C3485FA0094} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.)
Task: {B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD} - System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe <==== ATTENTION
Task: {BDEA9532-3C4C-4177-8222-D8A884850233} - System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe <==== ATTENTION
Task: {C695F5C5-C7C7-4129-9A9D-5E8672C739CB} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {D0256A77-E2B8-46A2-B04B-EABAA885CD03} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {D12E8995-810F-41C3-96B9-EDD9C6CC6233} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe <==== ATTENTION
Task: {D8C6DEF1-E2E8-4489-BF6B-97CC41B9AFD5} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe
Task: {E05EDB11-6F77-488D-8060-B801AAEEF304} - System32\Tasks\AIDA64 AutoStart => E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2012-08-21] (FinalWire Ltd.)
Task: {EB71097A-452A-4121-8531-B9EEF8597E17} - System32\Tasks\{3C7487B0-473F-4424-A451-933226856C86} => C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe [2014-02-25] (Freemake)
Task: {EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
Task: {F64DC22D-5238-4908-AAD3-E63E07C995CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-11-25 06:58 - 2014-03-28 17:14 - 00070952 _____ () C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
2014-09-15 00:40 - 2014-10-13 22:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-04-30 00:40 - 2010-04-30 00:40 - 00013312 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-11-25 06:58 - 2014-03-28 17:15 - 00940400 _____ () C:\Program Files (x86)\Moborobo\DriverInstall.dll
2014-10-29 02:14 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2007-08-16 08:35 - 2007-08-16 08:35 - 01574128 _____ () C:\Program Files (x86)\Belkin\Nostromo\n52res.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: ISCTAgent => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MoboroboDeviceService => 2
MSCONFIG\Services: MSI_FastBoot => 2
MSCONFIG\Services: OnlineStorageService => 3
MSCONFIG\Services: ST2012_Svc => 2
MSCONFIG\Services: UNS => 2
========================= Accounts: ==========================
Administrator (S-1-5-21-1463186153-2632091326-3034755131-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1463186153-2632091326-3034755131-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1463186153-2632091326-3034755131-1005 - Limited - Enabled)
sef (S-1-5-21-1463186153-2632091326-3034755131-1001 - Administrator - Enabled) => C:\Users\sef
==================== Faulty Device Manager Devices =============
Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: AODDriver4.1
Description: AODDriver4.1
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.1
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: USB Modem Phone ADB port
Description: USB Modem Phone ADB port
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: AndroidTerminal
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/14/2014 01:01:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/13/2014 10:09:47 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 05:06:55 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 00:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeErrorReporter.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c42d
ID chybujícího procesu: 0x111c
Čas spuštění chybující aplikace: 0xFreemakeErrorReporter.exe0
Cesta k chybující aplikaci: FreemakeErrorReporter.exe1
Cesta k chybujícímu modulu: FreemakeErrorReporter.exe2
ID zprávy: FreemakeErrorReporter.exe3
Error: (12/13/2014 00:17:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeErrorReporter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Windows.Markup.XamlParseException
Zásobník:
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na System.Windows.Application.LoadComponent(System.Object, System.Uri)
na ErrorReporter.App.InitializeComponent()
na ErrorReporter.App.Main()
Error: (12/13/2014 00:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 00:06:06 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 07:06:44 AM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 05:02:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/13/2014 05:02:06 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Kořenový prvek souboru manifestu musí být symbolická adresa.
System errors:
=============
Error: (12/14/2014 01:02:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/13/2014 08:39:10 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Stínové kopie svazku E: byly přerušeny kvůli selhání V/V operace. ve svazku E:.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 00:12:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PST Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (12/13/2014 00:12:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba DPS (Diagnostic Policy Service) byla ukončena s následující chybou:
%%5
Error: (12/13/2014 00:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%3
Error: (12/13/2014 00:12:34 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Microsoft Office Sessions:
=========================
Error: (12/14/2014 01:01:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Program Files (x86)\theHunter\launcher\launcher.exe
Error: (12/13/2014 10:09:47 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 05:06:55 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 00:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreemakeErrorReporter.exe1.0.0.05369fdeaKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d111c01d016c667850c15C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exeC:\Windows\syswow64\KERNELBASE.dlla550ee90-82b9-11e4-a695-8c89a5c6f49e
Error: (12/13/2014 00:17:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeErrorReporter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Windows.Markup.XamlParseException
Zásobník:
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na System.Windows.Application.LoadComponent(System.Object, System.Uri)
na ErrorReporter.App.InitializeComponent()
na ErrorReporter.App.Main()
Error: (12/13/2014 00:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 00:06:06 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 07:06:44 AM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 05:02:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifeste:\program files (x86)\thehunter\launcher\launcher.exe
Error: (12/13/2014 05:02:06 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
CodeIntegrity Errors:
===================================
Date: 2014-12-13 04:26:46.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.341
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.321
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.603
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.583
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.553
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.533
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-29 12:48:54.988
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-29 12:48:54.960
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8139.18 MB
Available physical RAM: 5789.41 MB
Total Pagefile: 16276.54 MB
Available Pagefile: 13831.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:15.63 GB) NTFS
Drive d: (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:931.41 GB) (Free:420.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8916B28E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 248C4331)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by sef (administrator) on SEF-PC on 14-12-2014 01:06:22
Running from C:\Users\sef\Desktop
Loaded Profile: sef (Available profiles: sef & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Moborobo\MoboRoboDeviceService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(techPowerUp!) E:\Program Files (x86)\TPUCapture\TPUCapture.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(FinalWire Ltd.) E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Belkin Corporation) C:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe
(Google Inc.) C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Run: [CCEnhancer] => C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2-mulitlingual\CCEnhancer-4.2.exe [286208 2014-11-26] (SingularLabs)
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\Users\sef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TPUCapture.lnk
ShortcutTarget: TPUCapture.lnk -> E:\Program Files (x86)\TPUCapture\TPUCapture.exe (techPowerUp!)
ShellIconOverlayIdentifiers: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001 -> {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profi ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FB022049-4C4B-4C3A-8A21-C6C0BE63B89D}: [NameServer] 208.67.222.222,208.67.220.220
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\sef\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @talk.google.com/O1DPlugin -> C:\Users\sef\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @tools.google.com/Google Update;version=3 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: @tools.google.com/Google Update;version=9 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\sef\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sef\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=5
CHR Profile: C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-08-08]
CHR Extension: (Adblock Plus) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-12]
CHR Extension: (Reverse Phone Search) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\deckacljcpocafbjcpcnclkplimnemak [2014-03-12]
CHR Extension: (Reverse Phone Lookup) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\eccacjpoadkkkichonipjpkjoklpdacg [2014-11-18]
CHR Extension: (AdBlock Premium) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-03-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-03-09]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-09]
CHR Extension: (Adblock Super) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-12-12]
CHR Extension: (Auto HD For YouTube™) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-03-12]
CHR Extension: (Linkclump) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2014-11-16]
CHR Extension: (Clickable Links) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp [2014-11-16]
CHR Extension: (LastPass Vault) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-03-09]
CHR Extension: (Webutation) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfmabiojpommfcalfdgjjeaahnjbj [2014-04-04]
CHR Extension: (EEZYSMS - Free SMS) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla [2014-03-12]
CHR Extension: (Peněženka Google) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
CHR Extension: (Televize Online) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2014-03-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
U2 HiPatchService; e:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-10-22] ()
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MoboroboDeviceService; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1730000 2014-10-24] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S4 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-13] ()
S4 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AIDA64Driver; E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-08-21] ()
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2012-01-15] (Google Inc) [File not signed]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-10-18] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2012-10-18] ()
R3 bcgame; C:\Windows\System32\drivers\bcgame.sys [35328 2007-08-14] (Belkin Corporation)
S3 DIRECTIO; E:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-18] (Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [36256 2012-01-15] (Google Inc) [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-01-26] (REALiX(tm))
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5343584 2012-10-10] (Intel Corporation) [File not signed]
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-10-22] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-10-22] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-10-22] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-05] (MSI)
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 SaiK1709; C:\Windows\System32\DRIVERS\SaiK1709.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
S3 SaiU1709; C:\Windows\System32\DRIVERS\SaiU1709.sys [47168 2012-09-20] (Saitek)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2014-08-07] (Sony Ericsson Mobile Communications)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-10-02] (Windows (R) Win 7 DDK provider)
S3 uisp; C:\Windows\System32\Drivers\mtdfu.sys [17936 2014-01-04] (Logitech, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\vhidmini.sys [13952 2007-09-29] (Windows (R) Codename Longhorn DDK provider)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-02-05] ()
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys [X]
S3 GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 01:06 - 2014-12-14 01:06 - 00022242 _____ () C:\Users\sef\Desktop\FRST.txt
2014-12-14 01:06 - 2014-12-14 01:06 - 00000000 ___DC () C:\FRST
2014-12-14 01:04 - 2014-12-14 01:04 - 02119168 _____ (Farbar) C:\Users\sef\Desktop\FRST64.exe
2014-12-14 01:02 - 2014-12-14 01:03 - 00000000 __SDC () C:\32788R22FWJFW
2014-12-13 12:10 - 2014-12-13 12:11 - 00000000 ___DC () C:\AdwCleaner
2014-12-13 04:27 - 2014-12-13 12:12 - 00001776 _____ () C:\Windows\PFRO.log
2014-12-13 04:27 - 2014-12-13 04:27 - 00299880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-13 04:00 - 2014-12-13 04:00 - 00005121 _____ () C:\Users\sef\Desktop\Nový textový dokument (3).txt
2014-12-13 00:08 - 2014-12-13 00:08 - 00001544 _____ () C:\Users\sef\Desktop\msseces.exe – zástupce.lnk
2014-12-12 18:49 - 2014-12-13 20:26 - 00001238 _____ () C:\Windows\setupact.log
2014-12-12 18:49 - 2014-12-12 18:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-11 09:54 - 2014-12-11 09:54 - 00064416 _____ () C:\Users\sef\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-11 09:39 - 2014-12-11 09:41 - 00000000 ____D () C:\Program Files\trend micro
2014-12-11 09:39 - 2014-12-11 09:39 - 00000000 ___DC () C:\rsit
2014-12-11 09:33 - 2014-12-11 09:33 - 00040218 _____ () C:\Users\sef\Desktop\m.txt
2014-12-11 06:40 - 2014-12-14 00:00 - 00011436 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 04:16 - 2014-12-10 04:16 - 00000000 ____D () C:\Users\sef\Desktop\fsm2013
2014-12-05 18:41 - 2014-12-05 18:41 - 00000000 ____D () C:\Users\sef\Documents\Electronic Arts
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2014-12-05 09:58 - 2014-12-05 09:58 - 00000872 _____ () C:\ProgramData\Desktop\The Sims 4.lnk
2014-12-05 09:58 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-12-05 09:46 - 2014-12-05 09:46 - 00000000 ____D () C:\Users\sef\Desktop\G1152_V02.part01
2014-12-05 02:30 - 2014-12-05 02:30 - 00001064 _____ () C:\Users\Public\Desktop\theHunter.lnk
2014-12-05 02:30 - 2014-12-05 02:30 - 00001064 _____ () C:\ProgramData\Desktop\theHunter.lnk
2014-12-03 10:03 - 2014-12-03 10:03 - 00001484 _____ () C:\Users\sef\Desktop\AudiRS6_MTMWheels_10.jpg – zástupce.lnk
2014-12-03 09:58 - 2014-12-03 09:58 - 00000000 ____D () C:\Program Files (x86)\SereneScreen
2014-12-03 09:58 - 2009-01-28 16:14 - 06234112 _____ (SereneScreen) C:\Windows\SysWOW64\MarineAquarium3.scr
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-12-01 21:48 - 2014-12-01 21:48 - 00000712 _____ () C:\ProgramData\Desktop\Audacity.lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00001258 _____ () C:\Users\Public\Desktop\Hex Workshop Hex Editor (64 bit).lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00001258 _____ () C:\ProgramData\Desktop\Hex Workshop Hex Editor (64 bit).lnk
2014-12-01 05:11 - 2014-12-01 05:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
2014-12-01 05:11 - 2014-12-01 05:11 - 00000000 ____D () C:\Program Files\BreakPoint Software
2014-12-01 05:10 - 2014-12-01 05:10 - 00000000 ____D () C:\Users\sef\AppData\Roaming\BreakPoint Software
2014-12-01 04:48 - 2014-12-01 04:48 - 00000000 ____D () C:\ProgramData\Orbit
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\Users\sef\AppData\Roaming\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\Users\sef\AppData\Local\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 ____D () C:\ProgramData\ATI
2014-11-30 04:34 - 2014-11-30 04:34 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\ProgramData\AMD
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-11-29 12:57 - 2014-11-29 12:57 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-29 12:48 - 2014-11-29 12:48 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-29 12:48 - 2014-11-29 12:48 - 00000000 ____D () C:\Program Files\ATI
2014-11-29 12:47 - 2014-11-29 12:47 - 00000000 ___DC () C:\AMD
2014-11-29 12:18 - 2014-11-29 12:18 - 00000000 ____D () C:\Users\sef\Documents\Egosoft
2014-11-29 12:16 - 2014-11-29 12:16 - 00000000 ____D () C:\Users\sef\AppData\Roaming\KC Softwares
2014-11-29 12:15 - 2014-11-29 12:15 - 00000000 ____D () C:\ProgramData\Binarysense
2014-11-29 11:51 - 2014-11-29 11:51 - 00000000 ____D () C:\Users\sef\Desktop\WindowsServiceManager
2014-11-29 11:51 - 2014-11-29 11:51 - 00000000 ____D () C:\Users\sef\Desktop\RegistryCleaner
2014-11-29 08:44 - 2014-11-29 08:45 - 19008356 _____ () C:\Users\sef\Desktop\IMG.tif
2014-11-29 04:18 - 2014-11-29 10:26 - 00000000 ____D () C:\Program Files (x86)\System Ninja
2014-11-29 04:18 - 2014-11-29 04:18 - 00001059 _____ () C:\Users\Public\Desktop\System Ninja.lnk
2014-11-29 04:18 - 2014-11-29 04:18 - 00001059 _____ () C:\ProgramData\Desktop\System Ninja.lnk
2014-11-29 04:18 - 2014-11-29 04:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
2014-11-29 04:13 - 2014-11-29 04:13 - 00000000 ____D () C:\Users\sef\Desktop\CCEnhancer-4.2-mulitlingual
2014-11-28 20:22 - 2009-08-04 18:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-11-28 20:22 - 2009-08-04 18:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-11-28 20:22 - 2009-08-04 18:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-11-28 14:13 - 2014-11-28 14:13 - 01462198 _____ () C:\Users\sef\Documents\duplicate.txt
2014-11-28 13:51 - 2014-11-28 13:51 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-28 13:51 - 2014-11-28 13:51 - 00000728 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-28 13:51 - 2014-11-28 13:51 - 00000728 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-11-28 11:51 - 2014-11-28 11:51 - 00000000 ____D () C:\Users\sef\AppData\Local\WindowsApplication1
2014-11-28 11:50 - 2014-11-28 11:50 - 00000000 ____D () C:\Program Files\DVD Maker
2014-11-28 05:38 - 2014-11-28 05:38 - 00005784 _____ () C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5
2014-11-28 05:37 - 2014-11-28 05:37 - 00006772 _____ () C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1
2014-11-28 05:36 - 2014-11-28 05:36 - 00008192 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11
2014-11-28 05:36 - 2014-11-28 05:36 - 00006456 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1
2014-11-28 05:36 - 2014-11-28 05:36 - 00005454 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5
2014-11-28 05:36 - 2014-11-28 05:36 - 00005118 _____ () C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2
2014-11-28 05:36 - 2014-11-28 05:36 - 00004464 _____ () C:\Windows\System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c
2014-11-28 05:36 - 2014-11-28 05:36 - 00003626 _____ () C:\Windows\System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890
2014-11-28 05:36 - 2014-11-28 05:36 - 00003564 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-11-28 05:24 - 2014-11-28 05:24 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-27 20:06 - 2014-11-27 20:06 - 00000000 ____D () C:\Users\sef\Documents\My Cheat Tables
2014-11-25 22:57 - 2014-11-25 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-25 22:57 - 2014-11-25 22:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-25 17:57 - 2014-11-25 17:57 - 00000000 ____D () C:\Users\sef\AppData\Roaming\Oracle
2014-11-22 09:57 - 2014-11-22 09:57 - 02734068 _____ () C:\Users\sef\AppData\Roaming\x11modPitcairnglg2tc4032w256l4.bin
2014-11-21 23:41 - 2014-11-21 23:41 - 00001063 _____ () C:\Users\Public\Desktop\Colin McRae Rally Remastered.lnk
2014-11-21 23:41 - 2014-11-21 23:41 - 00001063 _____ () C:\ProgramData\Desktop\Colin McRae Rally Remastered.lnk
2014-11-21 23:41 - 2014-11-21 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
2014-11-17 21:16 - 2014-11-17 21:16 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-17 21:16 - 2014-11-17 21:16 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 10889312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 09314984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 08295784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 08045488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 07208104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 07028336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 01342760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 01118720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-17 21:15 - 2014-11-17 21:15 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-17 21:13 - 2014-11-17 21:13 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-17 21:11 - 2014-11-17 21:11 - 16756736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-17 20:57 - 2014-11-17 20:57 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-17 20:57 - 2014-11-17 20:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-17 20:57 - 2014-11-17 20:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 33869824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-17 20:56 - 2014-11-17 20:56 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-17 20:53 - 2014-11-17 20:53 - 28772352 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-17 20:50 - 2014-11-17 20:50 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-17 20:50 - 2014-11-17 20:50 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-17 20:12 - 2014-11-17 20:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-17 20:11 - 2014-11-17 20:11 - 05836800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-17 20:11 - 2014-11-17 20:11 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-17 20:10 - 2014-11-17 20:10 - 28356608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-17 19:54 - 2014-11-17 19:54 - 04590080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-17 19:49 - 2014-11-17 19:49 - 23627264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-17 19:40 - 2014-11-17 19:40 - 00627128 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-17 19:40 - 2014-11-17 19:40 - 00627128 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-17 19:40 - 2014-11-17 19:40 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-17 19:40 - 2014-11-17 19:40 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-17 19:40 - 2014-11-17 19:40 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-17 19:39 - 2014-11-17 19:39 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-17 19:36 - 2014-11-17 19:36 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-17 19:22 - 2014-11-17 19:22 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-17 19:21 - 2014-11-17 19:21 - 00623616 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-17 19:21 - 2014-11-17 19:21 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-17 19:21 - 2014-11-17 19:21 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-17 19:20 - 2014-11-17 19:20 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-17 19:17 - 2014-11-17 19:17 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-17 19:17 - 2014-11-17 19:17 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-17 19:12 - 2014-11-17 19:12 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-17 19:10 - 2014-11-17 19:10 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-11-17 19:10 - 2014-11-17 19:10 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-11-17 19:06 - 2014-11-17 19:06 - 00839168 _____ (AMD) C:\Windows\system32\coinst_14.30.dll
2014-11-17 19:01 - 2014-11-17 19:01 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-17 18:55 - 2014-11-17 18:55 - 01211392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-17 18:55 - 2014-11-17 18:55 - 00901120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00581120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-17 18:54 - 2014-11-17 18:54 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-17 18:54 - 2014-11-17 18:54 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-11-17 18:52 - 2014-11-17 18:52 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-11-17 18:51 - 2014-11-17 18:51 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-11-17 18:49 - 2014-11-17 18:49 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-17 15:08 - 2014-11-17 15:08 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-17 15:03 - 2014-11-17 15:03 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-14 01:03 - 2013-08-09 17:36 - 00000000 ____D () C:\Windows\erdnt
2014-12-14 00:43 - 2013-11-28 20:48 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 20:34 - 2014-09-15 00:40 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-13 20:34 - 2012-12-22 08:34 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-13 13:14 - 2010-11-21 10:27 - 00756168 _____ () C:\Windows\system32\perfh005.dat
2014-12-13 13:14 - 2010-11-21 10:27 - 00178888 _____ () C:\Windows\system32\perfc005.dat
2014-12-13 13:14 - 2009-07-14 06:13 - 01823228 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 12:19 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 12:19 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 12:12 - 2014-01-18 02:05 - 00003210 _____ () C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-12-13 12:12 - 2013-03-15 19:58 - 00003130 _____ () C:\Windows\System32\Tasks\FRAPS
2014-12-13 12:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 04:27 - 2009-07-14 03:34 - 76808192 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 61472768 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00258048 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00032768 _____ () C:\Windows\system32\config\SAM.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-12-13 04:27 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-12-13 02:28 - 2014-01-27 01:08 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-11 20:05 - 2014-09-13 11:22 - 00000000 ____D () C:\Users\sef\Desktop\oooo
2014-12-08 18:08 - 2012-10-23 22:19 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-12-06 22:10 - 2012-10-20 17:10 - 00000000 ____D () C:\Users\sef\AppData\Roaming\DAEMON Tools Lite
2014-12-05 15:29 - 2013-11-25 06:58 - 00000000 ____D () C:\ProgramData\Moborobo
2014-12-05 10:31 - 2014-04-14 03:20 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-12-05 10:31 - 2012-10-21 00:13 - 00000000 ____D () C:\Users\Administrator
2014-12-05 09:58 - 2013-06-06 06:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-05 09:58 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-05 09:44 - 2014-05-28 17:16 - 00000098 _____ () C:\Users\sef\AppData\Roaming\LauncherSettings_live.cfg
2014-12-05 08:58 - 2013-02-05 06:55 - 00000040 _____ () C:\Users\sef\AppData\Roaming\TheHunterSettings_live.cfg
2014-12-05 02:30 - 2014-01-29 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\theHunter
2014-12-05 02:30 - 2012-10-18 23:21 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-03 09:59 - 2014-01-29 01:28 - 00000000 ____D () C:\Users\sef\AppData\Roaming\Marine Aquarium 3
2014-12-03 09:50 - 2013-10-03 01:31 - 00000000 ____D () C:\Users\sef\Desktop\All sizes hawt at Rock Otočec Flickr - Photo Sharing!_files
2014-12-01 01:29 - 2014-01-26 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAN Optimizer
2014-11-29 13:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-29 12:56 - 2014-06-13 11:44 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-11-29 11:41 - 2014-07-14 01:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps
2014-11-29 09:46 - 2013-06-06 11:28 - 00000000 ____D () C:\Users\sef\AppData\Local\Warframe
2014-11-29 09:46 - 2012-10-18 11:28 - 00000000 ____D () C:\Windows\Panther
2014-11-29 09:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-29 09:28 - 2012-10-18 12:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-29 09:21 - 2013-11-07 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-11-29 09:21 - 2013-11-07 19:30 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-28 14:15 - 2012-10-22 05:18 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-28 13:51 - 2013-01-28 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-28 05:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-28 05:28 - 2014-07-20 05:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-11-28 05:27 - 2014-01-18 21:02 - 00000000 ____D () C:\Users\sef\AppData\Local\CrashDumps
2014-11-28 05:27 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-11-25 17:12 - 2012-10-30 07:37 - 00000000 ____D () C:\Program Files\Java
2014-11-25 17:11 - 2013-11-09 02:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-25 17:11 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-25 17:11 - 2013-11-09 02:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-25 17:11 - 2012-10-30 08:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 09:39 - 2014-10-16 14:27 - 00003778 _____ () C:\Windows\System32\Tasks\Java Updater
2014-11-20 23:15 - 2012-10-18 23:23 - 00000000 ____D () C:\Users\sef\Documents\My Games
2014-11-20 22:21 - 2014-03-15 23:53 - 00053248 ___SH () C:\Users\sef\Documents\Thumbs.db
2014-11-20 22:18 - 2014-06-17 12:15 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-11-20 22:16 - 2012-10-20 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-11-20 22:16 - 2012-10-20 12:21 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-11-20 22:15 - 2012-10-18 13:37 - 00000000 ____D () C:\Windows\Minidump
2014-11-16 11:06 - 2014-11-06 15:10 - 00004135 _____ () C:\Users\sef\Desktop\Nový textový dokument (2).txt
2014-11-14 21:13 - 2013-12-08 04:02 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 21:13 - 2013-12-08 04:02 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 10:07 - 2014-10-15 20:55 - 00000787 _____ () C:\Users\sef\Desktop\Nový textový dokument.txt
2014-11-14 01:01 - 2014-03-05 16:31 - 00003924 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA
2014-11-14 01:01 - 2014-03-05 16:31 - 00003528 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core
Files to move or delete:
====================
C:\ProgramData\ISTask.dll
Some content of TEMP:
====================
C:\Users\sef\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 03:49
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014
Ran by sef at 2014-12-14 01:06:39
Running from C:\Users\sef\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.60 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
Alien Isolation (HKLM-x32\...\Alien Isolation_is1) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{A3808FE1-6B99-1B1F-F18A-FE658F175C0E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.7.672769 - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version: - )
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Daum PotPlayer 1.5.35238 (HKLM-x32\...\PotPlayer) (Version: - )
DEFIANCE (HKLM-x32\...\{58C7728C-D226-41B9-AA52-39CCC3ADB65F}_is1) (Version: - Trion Worlds, Inc.)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.8 - DjVuZone)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GamersFirst LIVE! (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\GamersFirst LIVE!) (Version: - GamersFirst)
Global Agenda Live (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF001}) (Version: 1.5.1.5 - Hi-Rez Studios)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Google Chrome SxS) (Version: 41.0.2249.0 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hellgate (HKLM-x32\...\{65DF3688-6EF3-4C86-83DE-54AB46029F07}) (Version: 2.0.0.3 - Hanbit Soft)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Processor Diagnostic Tool 64Bit (HKLM\...\{6D3B2650-6767-49B6-A63E-CD410C653B05}) (Version: 17.0.0 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{42FBBB6D-AB2A-4C2E-8B6F-1E5AD20A6D07}) (Version: 3.0.42.1767 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
Java(TM) SE Development Kit 6 Update 37 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160370}) (Version: 1.6.0.370 - Oracle)
JavaFX 2.2.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-223648764D10}) (Version: 2.2.3 - Oracle Corporation)
JavaFX 2.2.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-223648764D10}) (Version: 2.2.3 - Oracle Corporation)
Litecoin (HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Litecoin) (Version: 0.8.6.1 - Litecoin project)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
Nostromo (HKLM-x32\...\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}) (Version: 3.2.4 - Belkin International)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Race Driver - GRID 2 1.0.82.5097 (HKLM-x32\...\Race Driver - GRID 2_is1) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 3.9.8.6081 - GetData Pty Ltd)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
SereneScreen Marine Aquarium 3 (HKLM-x32\...\SereneScreen Marine Aquarium 3_is1) (Version: 3.0 - Prolific Publishing, Inc.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
SSDlife Free (HKLM-x32\...\{69D08A2A-0C31-482B-841C-B68A7BAF6164}) (Version: 2.3.50 - BinarySense Inc.)
System Ninja version 3.0.4 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.4 - SingularLabs)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
The Vanishing of Ethan Carter (HKLM-x32\...\The Vanishing of Ethan Carter_is1) (Version: - )
theHunter (remove only) (HKLM-x32\...\theHunter) (Version: - Expansive Worlds)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 736 - Expansive Worlds)
Tom Clancy's Ghost Recon - Advanced Warfighter 2 Final (HKLM-x32\...\Tom Clancy's Ghost Recon - Advanced Warfighter 2 Final) (Version: - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Warframe (HKLM-x32\...\GamersFirst Warframe) (Version: - GamersFirst)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sef\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
14-12-2014 00:03:14 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-12-13 04:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02F6E3D8-0D09-491F-B908-62B668B90169} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001Core => C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {05020F51-A3E1-464B-8DDE-68C484E1144A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {07A52C09-6F52-4843-9412-A99D786E6A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.)
Task: {2D174B02-7409-4FDC-918D-BCBD4A87A32C} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {2EA7DAFC-FCD9-4EF2-AF11-57FD0FCD618B} - System32\Tasks\{C19D9003-2B5B-4315-83C3-969136217B51} => C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [2012-08-13] (OpenOffice.org)
Task: {3352339F-EEB1-42C3-A0A7-CAB4566C28F2} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe <==== ATTENTION
Task: {49FDD0F9-B8CF-42BB-A58D-EEC2397374AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-23] (Adobe Systems Incorporated)
Task: {53BCC9C8-4BA4-4C5D-88CC-55F830088951} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {636C25E2-6634-4A92-BA72-2D9D7C086DA0} - System32\Tasks\Java Updater => C:\Users\sef\AppData\Roaming\nircmd.exe
Task: {6509BB08-713F-4D3C-838A-60AC68CBC36D} - System32\Tasks\ASUS\i-Setup133818 => C:\Windows\AMD_Chipset_V307320_Windows7\AsusSetup.exe [2012-10-18] (ASUSTek)
Task: {70FF7A13-A5A0-4667-9F9F-90CFD6D53137} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {841508BE-654D-478F-81CE-49B6DD2DFCC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {95046D41-F528-4197-AC19-A2DCA28C8161} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {99E5674F-54EB-4FB8-8A66-4E79111C9192} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {9A33798E-3CFC-4C9E-B858-7FD326B1B6B9} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {9C2D454D-34AF-4682-B925-E75A27EE9164} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463186153-2632091326-3034755131-1001UA => C:\Users\sef\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {A086B98C-7234-45F9-8838-4DBAA12C748D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {A3C60635-6032-4EFD-BAA6-6726B85E1B10} - System32\Tasks\FRAPS => E:\Fraps\fraps.exe [2012-08-14] (Beepa P/L)
Task: {B15003B8-2600-45FC-8415-1C3485FA0094} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.)
Task: {B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD} - System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe <==== ATTENTION
Task: {BDEA9532-3C4C-4177-8222-D8A884850233} - System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe <==== ATTENTION
Task: {C695F5C5-C7C7-4129-9A9D-5E8672C739CB} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {D0256A77-E2B8-46A2-B04B-EABAA885CD03} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {D12E8995-810F-41C3-96B9-EDD9C6CC6233} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe <==== ATTENTION
Task: {D8C6DEF1-E2E8-4489-BF6B-97CC41B9AFD5} - System32\Tasks\RtlNetworkGenieVistaStart => C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe
Task: {E05EDB11-6F77-488D-8060-B801AAEEF304} - System32\Tasks\AIDA64 AutoStart => E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2012-08-21] (FinalWire Ltd.)
Task: {EB71097A-452A-4121-8531-B9EEF8597E17} - System32\Tasks\{3C7487B0-473F-4424-A451-933226856C86} => C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe [2014-02-25] (Freemake)
Task: {EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
Task: {F64DC22D-5238-4908-AAD3-E63E07C995CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-11-25 06:58 - 2014-03-28 17:14 - 00070952 _____ () C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
2014-09-15 00:40 - 2014-10-13 22:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-04-30 00:40 - 2010-04-30 00:40 - 00013312 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-11-25 06:58 - 2014-03-28 17:15 - 00940400 _____ () C:\Program Files (x86)\Moborobo\DriverInstall.dll
2014-10-29 02:14 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 00:50 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2007-08-16 08:35 - 2007-08-16 08:35 - 01574128 _____ () C:\Program Files (x86)\Belkin\Nostromo\n52res.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: ISCTAgent => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MoboroboDeviceService => 2
MSCONFIG\Services: MSI_FastBoot => 2
MSCONFIG\Services: OnlineStorageService => 3
MSCONFIG\Services: ST2012_Svc => 2
MSCONFIG\Services: UNS => 2
========================= Accounts: ==========================
Administrator (S-1-5-21-1463186153-2632091326-3034755131-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1463186153-2632091326-3034755131-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1463186153-2632091326-3034755131-1005 - Limited - Enabled)
sef (S-1-5-21-1463186153-2632091326-3034755131-1001 - Administrator - Enabled) => C:\Users\sef
==================== Faulty Device Manager Devices =============
Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: AODDriver4.1
Description: AODDriver4.1
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.1
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: USB Modem Phone ADB port
Description: USB Modem Phone ADB port
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: AndroidTerminal
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/14/2014 01:01:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/13/2014 10:09:47 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 05:06:55 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 00:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeErrorReporter.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c42d
ID chybujícího procesu: 0x111c
Čas spuštění chybující aplikace: 0xFreemakeErrorReporter.exe0
Cesta k chybující aplikaci: FreemakeErrorReporter.exe1
Cesta k chybujícímu modulu: FreemakeErrorReporter.exe2
ID zprávy: FreemakeErrorReporter.exe3
Error: (12/13/2014 00:17:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeErrorReporter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Windows.Markup.XamlParseException
Zásobník:
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na System.Windows.Application.LoadComponent(System.Object, System.Uri)
na ErrorReporter.App.InitializeComponent()
na ErrorReporter.App.Main()
Error: (12/13/2014 00:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 00:06:06 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 07:06:44 AM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (12/13/2014 05:02:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/13/2014 05:02:06 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Kořenový prvek souboru manifestu musí být symbolická adresa.
System errors:
=============
Error: (12/14/2014 01:02:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/13/2014 08:39:10 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Stínové kopie svazku E: byly přerušeny kvůli selhání V/V operace. ve svazku E:.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 08:38:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (12/13/2014 00:12:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PST Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (12/13/2014 00:12:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba DPS (Diagnostic Policy Service) byla ukončena s následující chybou:
%%5
Error: (12/13/2014 00:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.1 neuspěla při spuštění v důsledku následující chyby:
%%3
Error: (12/13/2014 00:12:34 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Microsoft Office Sessions:
=========================
Error: (12/14/2014 01:01:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Program Files (x86)\theHunter\launcher\launcher.exe
Error: (12/13/2014 10:09:47 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 05:06:55 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 00:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreemakeErrorReporter.exe1.0.0.05369fdeaKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d111c01d016c667850c15C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exeC:\Windows\syswow64\KERNELBASE.dlla550ee90-82b9-11e4-a695-8c89a5c6f49e
Error: (12/13/2014 00:17:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeErrorReporter.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Windows.Markup.XamlParseException
Zásobník:
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na System.Windows.Application.LoadComponent(System.Object, System.Uri)
na ErrorReporter.App.InitializeComponent()
na ErrorReporter.App.Main()
Error: (12/13/2014 00:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 00:06:06 PM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 07:06:44 AM) (Source: MsiInstaller) (EventID: 11714) (User: sef-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/13/2014 05:02:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifeste:\program files (x86)\thehunter\launcher\launcher.exe
Error: (12/13/2014 05:02:06 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
CodeIntegrity Errors:
===================================
Date: 2014-12-13 04:26:46.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.341
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.321
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:26:46.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.603
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.583
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.553
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-13 04:05:07.533
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-29 12:48:54.988
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-29 12:48:54.960
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8139.18 MB
Available physical RAM: 5789.41 MB
Total Pagefile: 16276.54 MB
Available Pagefile: 13831.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:15.63 GB) NTFS
Drive d: (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:931.41 GB) (Free:420.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8916B28E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 248C4331)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: prosim o kontrolu logu
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001 -> {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profi ... code=ms&q={searchTerms} FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CHR Extension: (EEZYSMS - Free SMS) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla [2014-03-12] S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys [X] S3 GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [X] S3 MBfilt; system32\drivers\MBfilt64.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] S3 MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X] S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X] S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X] S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X] S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2014-12-11 09:39 - 2014-12-11 09:41 - 00000000 ____D () C:\Program Files\trend micro 2014-12-11 09:39 - 2014-12-11 09:39 - 00000000 ___DC () C:\rsit C:\ProgramData\ISTask.dll Task: {05020F51-A3E1-464B-8DDE-68C484E1144A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION Task: {2D174B02-7409-4FDC-918D-BCBD4A87A32C} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION Task: {3352339F-EEB1-42C3-A0A7-CAB4566C28F2} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe <==== ATTENTION Task: {53BCC9C8-4BA4-4C5D-88CC-55F830088951} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION Task: {636C25E2-6634-4A92-BA72-2D9D7C086DA0} - System32\Tasks\Java Updater => C:\Users\sef\AppData\Roaming\nircmd.exe Task: {70FF7A13-A5A0-4667-9F9F-90CFD6D53137} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION Task: {841508BE-654D-478F-81CE-49B6DD2DFCC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION Task: {A086B98C-7234-45F9-8838-4DBAA12C748D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION Task: {B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD} - System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe <==== ATTENTION Task: {BDEA9532-3C4C-4177-8222-D8A884850233} - System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe <==== ATTENTION Task: {C695F5C5-C7C7-4129-9A9D-5E8672C739CB} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION Task: {D0256A77-E2B8-46A2-B04B-EABAA885CD03} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION Task: {D12E8995-810F-41C3-96B9-EDD9C6CC6233} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe <==== ATTENTION Task: {EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION C:\Program Files (x86)\Sense C:\Program Files (x86)\SavePass 1.1 C:\Program Files (x86)\YTDownloader C:\Users\sef\AppData\Roaming\nircmd.exe AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9 Folder: C:\32788R22FWJFW Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2014
Ran by sef at 2014-12-14 06:00:47 Run:1
Running from C:\Users\sef\Desktop
Loaded Profile: sef (Available profiles: sef & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001 -> {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profi ... code=ms&q={searchTerms}
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Extension: (EEZYSMS - Free SMS) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla [2014-03-12]
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys [X]
S3 GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-11 09:39 - 2014-12-11 09:41 - 00000000 ____D () C:\Program Files\trend micro
2014-12-11 09:39 - 2014-12-11 09:39 - 00000000 ___DC () C:\rsit
C:\ProgramData\ISTask.dll
Task: {05020F51-A3E1-464B-8DDE-68C484E1144A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {2D174B02-7409-4FDC-918D-BCBD4A87A32C} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {3352339F-EEB1-42C3-A0A7-CAB4566C28F2} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe <==== ATTENTION
Task: {53BCC9C8-4BA4-4C5D-88CC-55F830088951} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {636C25E2-6634-4A92-BA72-2D9D7C086DA0} - System32\Tasks\Java Updater => C:\Users\sef\AppData\Roaming\nircmd.exe
Task: {70FF7A13-A5A0-4667-9F9F-90CFD6D53137} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {841508BE-654D-478F-81CE-49B6DD2DFCC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {A086B98C-7234-45F9-8838-4DBAA12C748D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD} - System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe <==== ATTENTION
Task: {BDEA9532-3C4C-4177-8222-D8A884850233} - System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe <==== ATTENTION
Task: {C695F5C5-C7C7-4129-9A9D-5E8672C739CB} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {D0256A77-E2B8-46A2-B04B-EABAA885CD03} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {D12E8995-810F-41C3-96B9-EDD9C6CC6233} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe <==== ATTENTION
Task: {EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
C:\Program Files (x86)\Sense
C:\Program Files (x86)\SavePass 1.1
C:\Program Files (x86)\YTDownloader
C:\Users\sef\AppData\Roaming\nircmd.exe
AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9
Folder: C:\32788R22FWJFW
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A40E547-20FD-44a2-94D0-1C98342D1507}" => Key deleted successfully.
"HKCR\CLSID\{3A40E547-20FD-44a2-94D0-1C98342D1507}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla => Moved successfully.
AODDriver4.1 => Service deleted successfully.
atillk64 => Service deleted successfully.
catchme => Service deleted successfully.
cpuz136 => Service deleted successfully.
getbus => Service deleted successfully.
GPU-Z => Service deleted successfully.
GPUZ => Service deleted successfully.
IntcAzAudAddService => Service deleted successfully.
ipadtst => Service deleted successfully.
MBfilt => Service deleted successfully.
motccgpfl => Service deleted successfully.
MSI_MSIBIOS_010507 => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
NTIOLib_1_1_S => Service deleted successfully.
NTIOLib_SuiteFB => Service deleted successfully.
TVICHW32 => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\ProgramData\ISTask.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05020F51-A3E1-464B-8DDE-68C484E1144A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05020F51-A3E1-464B-8DDE-68C484E1144A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D174B02-7409-4FDC-918D-BCBD4A87A32C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D174B02-7409-4FDC-918D-BCBD4A87A32C}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3352339F-EEB1-42C3-A0A7-CAB4566C28F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3352339F-EEB1-42C3-A0A7-CAB4566C28F2}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53BCC9C8-4BA4-4C5D-88CC-55F830088951}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53BCC9C8-4BA4-4C5D-88CC-55F830088951}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{636C25E2-6634-4A92-BA72-2D9D7C086DA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{636C25E2-6634-4A92-BA72-2D9D7C086DA0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Java Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70FF7A13-A5A0-4667-9F9F-90CFD6D53137}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70FF7A13-A5A0-4667-9F9F-90CFD6D53137}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{841508BE-654D-478F-81CE-49B6DD2DFCC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{841508BE-654D-478F-81CE-49B6DD2DFCC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A086B98C-7234-45F9-8838-4DBAA12C748D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A086B98C-7234-45F9-8838-4DBAA12C748D}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD}" => Key deleted successfully.
C:\Windows\System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5432e15e-8b38-4917-9568-a8baef47582c" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDEA9532-3C4C-4177-8222-D8A884850233}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDEA9532-3C4C-4177-8222-D8A884850233}" => Key deleted successfully.
C:\Windows\System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f025b33d-4fe1-43d1-9072-60df121c2890" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C695F5C5-C7C7-4129-9A9D-5E8672C739CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C695F5C5-C7C7-4129-9A9D-5E8672C739CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0256A77-E2B8-46A2-B04B-EABAA885CD03}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0256A77-E2B8-46A2-B04B-EABAA885CD03}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D12E8995-810F-41C3-96B9-EDD9C6CC6233}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D12E8995-810F-41C3-96B9-EDD9C6CC6233}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-1" => Key deleted successfully.
"C:\Program Files (x86)\Sense" => File/Directory not found.
"C:\Program Files (x86)\SavePass 1.1" => File/Directory not found.
"C:\Program Files (x86)\YTDownloader" => File/Directory not found.
"C:\Users\sef\AppData\Roaming\nircmd.exe" => File/Directory not found.
C:\ProgramData\TEMP => ":0CE7F3C9" ADS removed successfully.
========================= Folder: C:\32788R22FWJFW ========================
====== End of Folder: ======
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 545.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by sef at 2014-12-14 06:00:47 Run:1
Running from C:\Users\sef\Desktop
Loaded Profile: sef (Available profiles: sef & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1463186153-2632091326-3034755131-1001 -> {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profi ... code=ms&q={searchTerms}
FF Plugin-x32: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\PROGRA~2\MEADCO~1\npmeadax.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-1463186153-2632091326-3034755131-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Extension: (EEZYSMS - Free SMS) - C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla [2014-03-12]
S2 AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\sef\AppData\Local\Temp\getbus.sys [X]
S3 GPU-Z; \??\C:\Users\sef\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MSI_MSIBIOS_010507; \??\E:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 TVICHW32; \??\C:\Program Files (x86)\GIGABYTE\EasyBoost\TVicHW64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-11 09:39 - 2014-12-11 09:41 - 00000000 ____D () C:\Program Files\trend micro
2014-12-11 09:39 - 2014-12-11 09:39 - 00000000 ___DC () C:\rsit
C:\ProgramData\ISTask.dll
Task: {05020F51-A3E1-464B-8DDE-68C484E1144A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {2D174B02-7409-4FDC-918D-BCBD4A87A32C} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {3352339F-EEB1-42C3-A0A7-CAB4566C28F2} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-2.exe <==== ATTENTION
Task: {53BCC9C8-4BA4-4C5D-88CC-55F830088951} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => C:\Program Files (x86)\Sense\fd74a172-49f3-4b56-9556-083971d5629d-5.exe <==== ATTENTION
Task: {636C25E2-6634-4A92-BA72-2D9D7C086DA0} - System32\Tasks\Java Updater => C:\Users\sef\AppData\Roaming\nircmd.exe
Task: {70FF7A13-A5A0-4667-9F9F-90CFD6D53137} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {841508BE-654D-478F-81CE-49B6DD2DFCC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {A086B98C-7234-45F9-8838-4DBAA12C748D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD} - System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => C:\Program Files (x86)\SavePass 1.1\5432e15e-8b38-4917-9568-a8baef47582c.exe <==== ATTENTION
Task: {BDEA9532-3C4C-4177-8222-D8A884850233} - System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => C:\Program Files (x86)\SavePass 1.1\f025b33d-4fe1-43d1-9072-60df121c2890.exe <==== ATTENTION
Task: {C695F5C5-C7C7-4129-9A9D-5E8672C739CB} - System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {D0256A77-E2B8-46A2-B04B-EABAA885CD03} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-5.exe <==== ATTENTION
Task: {D12E8995-810F-41C3-96B9-EDD9C6CC6233} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => C:\Program Files (x86)\SavePass 1.1\50d4aed4-2aaa-454f-abde-2027603ed4ce-11.exe <==== ATTENTION
Task: {EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF} - System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
C:\Program Files (x86)\Sense
C:\Program Files (x86)\SavePass 1.1
C:\Program Files (x86)\YTDownloader
C:\Users\sef\AppData\Roaming\nircmd.exe
AlternateDataStreams: C:\ProgramData\TEMP:0CE7F3C9
Folder: C:\32788R22FWJFW
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A40E547-20FD-44a2-94D0-1C98342D1507}" => Key deleted successfully.
"HKCR\CLSID\{3A40E547-20FD-44a2-94D0-1C98342D1507}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKU\S-1-5-21-1463186153-2632091326-3034755131-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\sef\AppData\Local\Google\Chrome\User Data\Default\Extensions\njafagaehmjjlgdmjfahajjnobmkhdla => Moved successfully.
AODDriver4.1 => Service deleted successfully.
atillk64 => Service deleted successfully.
catchme => Service deleted successfully.
cpuz136 => Service deleted successfully.
getbus => Service deleted successfully.
GPU-Z => Service deleted successfully.
GPUZ => Service deleted successfully.
IntcAzAudAddService => Service deleted successfully.
ipadtst => Service deleted successfully.
MBfilt => Service deleted successfully.
motccgpfl => Service deleted successfully.
MSI_MSIBIOS_010507 => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
NTIOLib_1_1_S => Service deleted successfully.
NTIOLib_SuiteFB => Service deleted successfully.
TVICHW32 => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\ProgramData\ISTask.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05020F51-A3E1-464B-8DDE-68C484E1144A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05020F51-A3E1-464B-8DDE-68C484E1144A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D174B02-7409-4FDC-918D-BCBD4A87A32C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D174B02-7409-4FDC-918D-BCBD4A87A32C}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3352339F-EEB1-42C3-A0A7-CAB4566C28F2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3352339F-EEB1-42C3-A0A7-CAB4566C28F2}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53BCC9C8-4BA4-4C5D-88CC-55F830088951}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53BCC9C8-4BA4-4C5D-88CC-55F830088951}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{636C25E2-6634-4A92-BA72-2D9D7C086DA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{636C25E2-6634-4A92-BA72-2D9D7C086DA0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Java Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70FF7A13-A5A0-4667-9F9F-90CFD6D53137}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70FF7A13-A5A0-4667-9F9F-90CFD6D53137}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{841508BE-654D-478F-81CE-49B6DD2DFCC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{841508BE-654D-478F-81CE-49B6DD2DFCC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A086B98C-7234-45F9-8838-4DBAA12C748D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A086B98C-7234-45F9-8838-4DBAA12C748D}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7DF9F1E-E5C9-41BA-9CCC-5A0BBB76C8FD}" => Key deleted successfully.
C:\Windows\System32\Tasks\5432e15e-8b38-4917-9568-a8baef47582c => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5432e15e-8b38-4917-9568-a8baef47582c" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDEA9532-3C4C-4177-8222-D8A884850233}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDEA9532-3C4C-4177-8222-D8A884850233}" => Key deleted successfully.
C:\Windows\System32\Tasks\f025b33d-4fe1-43d1-9072-60df121c2890 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f025b33d-4fe1-43d1-9072-60df121c2890" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C695F5C5-C7C7-4129-9A9D-5E8672C739CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C695F5C5-C7C7-4129-9A9D-5E8672C739CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\fd74a172-49f3-4b56-9556-083971d5629d-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fd74a172-49f3-4b56-9556-083971d5629d-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0256A77-E2B8-46A2-B04B-EABAA885CD03}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0256A77-E2B8-46A2-B04B-EABAA885CD03}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-5_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D12E8995-810F-41C3-96B9-EDD9C6CC6233}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D12E8995-810F-41C3-96B9-EDD9C6CC6233}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE1536C8-00F6-40A6-B89F-8F25FB7BCEAF}" => Key deleted successfully.
C:\Windows\System32\Tasks\50d4aed4-2aaa-454f-abde-2027603ed4ce-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\50d4aed4-2aaa-454f-abde-2027603ed4ce-1" => Key deleted successfully.
"C:\Program Files (x86)\Sense" => File/Directory not found.
"C:\Program Files (x86)\SavePass 1.1" => File/Directory not found.
"C:\Program Files (x86)\YTDownloader" => File/Directory not found.
"C:\Users\sef\AppData\Roaming\nircmd.exe" => File/Directory not found.
C:\ProgramData\TEMP => ":0CE7F3C9" ADS removed successfully.
========================= Folder: C:\32788R22FWJFW ========================
====== End of Folder: ======
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 545.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: prosim o kontrolu logu
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: prosim o kontrolu logu
diky za vycerpavajici pomoc ,jeste bych se rad zeptal mel bych nahradit antivir od microsovtu necim jinym? a existuje vubec nejaka ochrana ,ktera spolehlive eliminuje nerad z webu? dekuji
Přispějete na provoz fóra?