Prosím o kontrolu

Zpráva

Chabadaj · #1 Příspěvek od **Chabadaj** » 19 říj 2014 12:54

Dobrý den,poslední dobou si všímám,že mi něco jakoby nabíhá(vedle ikonky myši se dělá to kolečko) a příjde mi PC i pomalejší.
PC mam rok.
Prosím o kontrolu logu díky moc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by uživatel at 2014-10-19 13:49:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 76 GB (51%) free of 150 GB
Total RAM: 8140 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:10, on 19.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TuneUp Utilities 2014\ProgramDeactivator.exe
C:\Program Files\trend micro\uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Dropbox.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSISleep - Unknown owner - C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11555 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\AUDIODG.EXE 0x160
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 2556
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe"
"C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe" /TUStart /pid:2156
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4764.0.748846618\913514761" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.301.1001.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4764.2.1850959683\1453655781" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4764.3.2003780645\2042726891" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4764.4.68085108\2075163660" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4764.6.1378598245\1439489167" /prefetch:673131151
"C:\Program Files (x86)\TuneUp Utilities 2014\ProgramDeactivator.exe" /NoUpdateWizard
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Users\uživatel\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf907b4eccc5f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SidebarExecute.job - C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job - C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe $(Arg0)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-17 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
BS Player ControlBar B Toolbar - C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-17 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{32099AAC-C132-4136-9E9A-4E364A424E17}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{31264a33-a653-46c4-af49-1232c59a7da5} - BS Player ControlBar B Toolbar - C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-11-04 7204568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2014-10-17 55568]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Battle.net]
C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2014-10-17 2864688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
D:\Programy\Origin\Origin.exe [2014-09-16 3600216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gyazo]
C:\Program Files (x86)\Gyazo\GyStation.exe [2014-05-08 2993376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update]
C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [2014-07-01 579024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe Minimum []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarKeyboard]
C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe Minimum []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\uživatel\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\uživatel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\Installer\{F17BA1CA-0FAF-40BF-A5FD-BF1B727D855E}\app_icon.ico []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
C:\Users\UIVATE~1\AppData\Local\GAMERS~1\LIVE!\Live.exe [2013-06-25 2878504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [2011-09-20 115048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2014-04-08 1047536]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-09-15 767200]

C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
Dropbox.lnk - C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-19 13:49:06 ----D---- C:\rsit
2014-10-19 13:49:06 ----D---- C:\Program Files\trend micro
2014-10-19 10:24:16 ----SHD---- C:\found.000
2014-10-15 09:14:35 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 09:14:33 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 09:14:33 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 09:14:33 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 09:14:32 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 09:14:32 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 09:14:32 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 09:14:05 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 09:14:05 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 09:14:05 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 09:14:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 09:14:03 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 09:14:03 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 09:14:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:14:03 ----A---- C:\Windows\system32\mf.dll
2014-10-15 09:14:02 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 09:14:02 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:14:01 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 09:14:01 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 09:14:01 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 09:14:01 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:14:01 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 09:14:01 ----A---- C:\Windows\system32\ci.dll
2014-10-15 09:14:01 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 09:14:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 09:14:00 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 09:14:00 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 09:14:00 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 09:14:00 ----A---- C:\Windows\system32\winload.exe
2014-10-15 09:14:00 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 09:14:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:14:00 ----A---- C:\Windows\system32\evr.dll
2014-10-15 09:14:00 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 09:14:00 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 09:13:59 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 09:13:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 09:13:59 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 09:13:59 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 09:13:59 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 09:13:59 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 09:13:58 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 09:13:58 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 09:13:58 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 09:13:58 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 09:13:58 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 09:13:58 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 09:13:58 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 09:13:58 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 09:13:58 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 09:13:58 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 09:13:57 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 09:13:57 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 09:13:57 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 09:13:57 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 09:13:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 09:13:57 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 09:13:57 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 09:13:57 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 09:13:57 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 09:13:57 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 09:13:57 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 09:13:57 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 09:13:57 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 09:13:56 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 09:13:56 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 09:13:56 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:13:56 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:13:55 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 09:13:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 09:13:55 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 09:13:55 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 09:13:50 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 09:13:50 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 09:13:49 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 09:13:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 09:13:47 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 09:13:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 09:13:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 09:13:46 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 09:13:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:13:46 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 09:13:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:13:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 09:13:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 09:13:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 09:13:45 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 09:13:45 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 09:13:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 09:13:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 09:13:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 09:13:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 09:13:44 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 09:13:44 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 09:13:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:13:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:13:44 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 09:13:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 09:13:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 09:13:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 09:13:43 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 09:13:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 09:13:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 09:13:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 09:13:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 09:13:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 09:13:42 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 09:13:42 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 09:13:42 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 09:13:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:13:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 09:13:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 09:13:41 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 09:13:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 09:13:41 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 09:13:40 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 09:13:40 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 09:13:40 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 09:13:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:13:40 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 09:13:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:13:39 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 09:13:04 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 09:13:04 ----A---- C:\Windows\system32\msi.dll
2014-10-15 09:12:57 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 09:12:57 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 09:12:54 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 09:12:53 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 09:12:53 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 09:12:53 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 09:12:53 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 09:12:52 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 09:12:52 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 09:12:52 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 09:12:52 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 09:12:52 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:12:52 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 09:12:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 09:12:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 09:12:51 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 09:12:51 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 09:12:51 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 09:12:35 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 09:12:35 ----A---- C:\Windows\system32\packager.dll
2014-10-11 21:44:06 ----D---- C:\Users\uživatel\AppData\Roaming\HeroesAndGeneralsDesktop
2014-10-03 20:01:53 ----D---- C:\Users\uživatel\AppData\Roaming\WizardWars
2014-10-03 20:01:40 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-10-03 20:01:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-10-03 20:01:38 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-10-01 16:24:38 ----D---- C:\Users\uživatel\AppData\Roaming\AMD
2014-10-01 10:53:55 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 10:53:55 ----A---- C:\Windows\system32\qdvd.dll
2014-09-30 17:55:01 ----D---- C:\ProgramData\ATI
2014-09-30 17:54:59 ----D---- C:\Program Files (x86)\AMD AVT
2014-09-24 18:06:09 ----D---- C:\AMD
2014-09-24 09:06:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 09:06:51 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-19 13:49:06 ----D---- C:\Program Files
2014-10-19 13:45:13 ----D---- C:\Windows\Temp
2014-10-19 13:44:24 ----D---- C:\Windows\system32\config
2014-10-19 13:43:20 ----D---- C:\Users\uživatel\AppData\Roaming\TS3Client
2014-10-19 13:41:55 ----D---- C:\Users\uživatel\AppData\Roaming\Raptr
2014-10-19 13:41:30 ----D---- C:\Windows\inf
2014-10-19 13:40:45 ----D---- C:\Users\uživatel\AppData\Roaming\Dropbox
2014-10-19 13:40:42 ----D---- C:\Users\uživatel\AppData\Roaming\DropboxMaster
2014-10-19 13:39:40 ----D---- C:\Windows
2014-10-19 12:15:23 ----D---- C:\Windows\system32\catroot2
2014-10-18 17:03:56 ----D---- C:\Windows\Microsoft.NET
2014-10-18 17:02:07 ----RSD---- C:\Windows\assembly
2014-10-18 10:22:52 ----D---- C:\Program Files (x86)\Raptr
2014-10-18 10:21:54 ----D---- C:\Windows\Prefetch
2014-10-18 02:40:11 ----D---- C:\Windows\Logs
2014-10-18 02:40:11 ----D---- C:\Windows\debug
2014-10-17 22:31:35 ----D---- C:\Program Files (x86)\Battle.net
2014-10-17 20:36:10 ----D---- C:\Users\uživatel\AppData\Roaming\uTorrent
2014-10-17 12:02:36 ----D---- C:\ProgramData\Origin
2014-10-16 19:55:44 ----SHD---- C:\System Volume Information
2014-10-16 03:29:39 ----D---- C:\Windows\winsxs
2014-10-16 03:26:43 ----D---- C:\Windows\SysWOW64
2014-10-16 03:26:43 ----D---- C:\Windows\System32
2014-10-16 03:26:42 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 03:26:42 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-16 03:26:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 03:26:42 ----D---- C:\Windows\system32\en-US
2014-10-16 03:26:42 ----D---- C:\Windows\system32\drivers
2014-10-16 03:26:42 ----D---- C:\Windows\system32\Dism
2014-10-16 03:26:42 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 03:26:42 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-16 03:26:42 ----D---- C:\Windows\system32\Boot
2014-10-16 03:26:42 ----D---- C:\Program Files\Windows Media Player
2014-10-16 03:26:42 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 03:26:41 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-16 03:26:41 ----D---- C:\Program Files\Internet Explorer
2014-10-16 03:26:41 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 03:11:21 ----SHD---- C:\Windows\Installer
2014-10-16 03:06:15 ----D---- C:\Windows\system32\MRT
2014-10-16 03:01:25 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 09:12:26 ----D---- C:\Windows\system32\catroot
2014-10-14 16:41:41 ----D---- C:\Users\uživatel\AppData\Roaming\Skype
2014-10-09 09:07:05 ----D---- C:\Windows\system32\wdi
2014-10-07 17:38:08 ----D---- C:\Program Files\WinRAR
2014-10-07 17:37:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-04 21:24:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-04 02:07:06 ----D---- C:\Users\uživatel\AppData\Roaming\DAEMON Tools Lite
2014-10-03 20:01:38 ----RD---- C:\Program Files (x86)
2014-09-30 17:55:01 ----HD---- C:\ProgramData
2014-09-30 17:54:59 ----D---- C:\ProgramData\AMD
2014-09-30 17:54:05 ----D---- C:\Program Files\ATI Technologies
2014-09-30 17:50:18 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-17 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-17 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-17 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-17 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-17 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-26 283064]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-17 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-17 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-17 92008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-09-16 16750080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-09-15 576000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3hub.sys [2012-08-27 114568]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\DRIVERS\rusb3xhc.sys [2012-08-27 230280]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2014-03-26 14112]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
S2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_2;NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-02-14 13328]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys []
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-09-20 40664]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-09-16 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-09-15 344064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-17 50344]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-07-01 84432]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-03-17 162800]
R2 MSISleep;MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [2013-04-29 282624]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-06-30 76152]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-04-10 350528]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-04 5316448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2014-07-16 2145080]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-07 267440]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-01-22 49152]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-10-03 175136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 19 říj 2014 18:36

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

Pak použij Mbam z mého popdisu a dej mi sem z něj log, předem nic nemazat !

Chabadaj · #3 Příspěvek od **Chabadaj** » 21 říj 2014 17:36

# AdwCleaner v4.001 - Report created 21/10/2014 at 18:41:03
# Updated 20/10/2014 by Xplode
# Database : 2014-10-20.3
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : uživatel - UŽIVATEL-PC
# Running from : C:\Users\uživatel\Desktop\adwcleaner_4.001.exe
# Option : Scan

***** [ Services ] *****

Service Found : TBSrv

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Found : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
File Found : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Found : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\Tbccint
Folder Found : C:\ProgramData\Tbccint
Folder Found : C:\Users\uživatel\AppData\Local\globalUpdate
Folder Found : C:\Users\uživatel\AppData\Local\Tbccint
Folder Found : C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B
Folder Found : C:\Users\uživatel\AppData\LocalLow\Tbccint
Folder Found : C:\Users\uživatel\AppData\Roaming\BabSolution

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Tbccint
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Found : HKCU\Software\Tbccint
Key Found : HKCU\Software\Tbccint_HKLM
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : [x64] HKCU\Software\Tbccint
Key Found : [x64] HKCU\Software\Tbccint_HKLM
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [9167 octets] - [21/10/2014 18:30:37]
AdwCleaner[R1].txt - [9043 octets] - [21/10/2014 18:41:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [9103 octets] ##########

#4 Příspěvek od **Roli** » 21 říj 2014 17:44

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.

Pak ještě nezapomeň na ten Mbam.

Chabadaj · #5 Příspěvek od **Chabadaj** » 21 říj 2014 18:02

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.10.2014
Čas skenování: 18:48:51
Protokol: ss.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.10.21.07
Databáze rootkitů: v2014.10.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: uA3ivatel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 396950
Uplynulý čas: 10 min, 33 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 1
PUP.Optional.ClientConnect, C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe, 1944, , [0a5155c282fae94ddafc942002ff44bc]

Moduly: 0
(No malicious items detected)

Klíče registru: 3
PUP.Optional.ClientConnect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TBSrv, , [0a5155c282fae94ddafc942002ff44bc],
PUP.Optional.Conduit.A, HKU\S-1-5-21-888966768-835259863-1363282881-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [3328130487f5aa8c85f46d353bc76e92],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [3328130487f5aa8c85f46d353bc76e92],

Hodnoty registru: 6
PUP.Optional.Conduit.A, HKU\S-1-5-21-888966768-835259863-1363282881-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [3328130487f5aa8c85f46d353bc76e92],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{31264A33-A653-46C4-AF49-1232C59A7DA5}, BS Player ControlBar B Toolbar, , [3328130487f5aa8c85f46d353bc76e92]
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{31264A33-A653-46C4-AF49-1232C59A7DA5}, , [3328130487f5aa8c85f46d353bc76e92],
PUP.Optional.Conduit.A, HKU\S-1-5-21-888966768-835259863-1363282881-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [4516b76085f769cdf485f4aeb74bd030],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{31264a33-a653-46c4-af49-1232c59a7da5}, , [104b6cab5a22d1654237c4de5ba720e0],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{31264a33-a653-46c4-af49-1232c59a7da5}, , [48139a7db0cc53e33643534ff9099967],

Data registru: 0
(No malicious items detected)

Složky: 2
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\Logs, , [0c4f6fa84f2d2610266e7d87eb18dd23],

Soubory: 11
PUP.Optional.ClientConnect, C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe, , [0a5155c282fae94ddafc942002ff44bc],
PUP.Optional.OneClickDownloader.A, C:\Users\uA3ivatel\Downloads\The_SIMS_4-Deluxe_Edition-SKIDROWCRACK.exe, , [312afb1cf18ba29474027ea9d62bb44c],
PUP.Optional.ClientConnect, C:\Users\uA3ivatel\AppData\Local\Tbccint\Community Alerts\Alert.dll, , [411a0c0b89f38babbb1b664e46bb22de],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\Local\Tbccint\CT3329621\BS_Player_ControlBar_BAutoUpdateHelper.exe, , [be9dad6adaa2df5778a3b987a35da957],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\Local\Tbccint\CT3329621\BS_Player_ControlBar_BToolbarHelper.exe, , [f9627b9c720a10268e8da59b3bc53cc4],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\cctoolbar.cfg, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\hk64tbBS_P.dll, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\hktbBS_P.dll, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\ldrtbBS_P.dll, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll, , [0c4f6fa84f2d2610266e7d87eb18dd23],
PUP.Optional.Conduit.A, C:\Users\uA3ivatel\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_P.dll, , [0c4f6fa84f2d2610266e7d87eb18dd23],

Fyzické sektory: 0
(No malicious items detected)

(end)

(Teď jdu reset to PC ) a pošlu log

Chabadaj · #6 Příspěvek od **Chabadaj** » 21 říj 2014 18:13

# AdwCleaner v4.001 - Report created 21/10/2014 at 19:04:47
# DB v2014-10-20.3
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : uživatel - UŽIVATEL-PC
# Running from : C:\Users\uživatel\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : TBSrv

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\uživatel\AppData\Roaming\BabSolution
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Users\uživatel\AppData\Local\globalUpdate
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\uživatel\AppData\Local\Tbccint
Folder Deleted : C:\Users\uživatel\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\uživatel\AppData\LocalLow\BS_Player_ControlBar_B
File Deleted : C:\END
File Deleted : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Deleted : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
File Deleted : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [9167 octets] - [21/10/2014 18:30:37]
AdwCleaner[R1].txt - [9295 octets] - [21/10/2014 18:41:03]
AdwCleaner[R2].txt - [9355 octets] - [21/10/2014 19:02:54]
AdwCleaner[S0].txt - [9098 octets] - [21/10/2014 19:04:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9158 octets] ##########

#7 Příspěvek od **Roli** » 21 říj 2014 18:34

To co Mbam našel nech smazat.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Chabadaj · #8 Příspěvek od **Chabadaj** » 21 říj 2014 20:01

ComboFix 14-10-21.01 - uživatel 21.10.2014 20:17:40.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8140.6153 [GMT 2:00]
Spuštěný z: c:\users\u×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\tmp5318.tmp
c:\windows\SysWow64\tmp5358.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-21 do 2014-10-21 )))))))))))))))))))))))))))))))
.
.
2014-10-21 18:54 . 2014-10-21 18:54 -------- d-----w- c:\users\Pro všechny\AppData\Local\temp
2014-10-21 18:54 . 2014-10-21 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-21 18:01 . 2014-10-21 18:01 79064 ----a-w- c:\windows\system32\drivers\snsr.sys
2014-10-21 17:08 . 2014-10-21 17:08 -------- d-----w- C:\found.001
2014-10-21 16:44 . 2014-10-21 17:50 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-21 16:37 . 2014-10-21 16:40 -------- d-----w- c:\users\uživatel\AppData\Roaming\Malwarebytes
2014-10-21 16:36 . 2014-10-21 16:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-10-21 16:30 . 2014-10-21 17:04 -------- d-----w- C:\AdwCleaner
2014-10-21 07:05 . 2014-10-14 19:59 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15D1BEFC-C408-4772-BE94-3AA497DB3971}\mpengine.dll
2014-10-20 19:50 . 2014-10-20 19:50 -------- d-----w- c:\users\uživatel\AppData\Roaming\Alien Isolation
2014-10-19 11:49 . 2014-10-19 11:49 -------- d-----w- C:\rsit
2014-10-19 11:49 . 2014-10-19 11:49 -------- d-----w- c:\program files\trend micro
2014-10-19 08:24 . 2014-10-19 08:24 -------- d-----w- C:\found.000
2014-10-16 17:57 . 2014-10-16 17:57 -------- d-----w- c:\users\uživatel\AppData\Local\PAYDAY
2014-10-16 16:43 . 2014-10-20 19:54 -------- d-----w- c:\users\uživatel\AppData\Local\PokerStars
2014-10-15 07:13 . 2014-07-07 02:06 1480192 ----a-w- c:\windows\system32\crypt32.dll
2014-10-15 07:12 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-11 19:44 . 2014-10-11 19:44 -------- d-----w- c:\users\uživatel\AppData\Roaming\HeroesAndGeneralsDesktop
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\users\uživatel\AppData\Roaming\WizardWars
2014-10-03 18:01 . 2014-10-03 17:59 175136 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-10-01 14:24 . 2014-10-01 14:24 -------- d-----w- c:\users\uživatel\AppData\Roaming\AMD
2014-10-01 08:53 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 08:53 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-30 15:55 . 2014-09-30 15:55 -------- d-----w- c:\programdata\ATI
2014-09-30 15:54 . 2014-09-30 15:54 -------- d-----w- c:\program files (x86)\AMD AVT
2014-09-27 00:16 . 2014-09-27 00:16 -------- d-----w- c:\users\uživatel\AppData\Local\The Witcher 2
2014-09-24 16:06 . 2014-09-30 15:45 -------- d-----w- C:\AMD
2014-09-24 07:06 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 07:06 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-16 01:01 . 2014-02-17 11:32 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-07 15:37 . 2013-11-24 15:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-07 15:37 . 2013-11-24 15:51 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-02 13:53 . 2013-11-20 17:29 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-15 22:32 . 2014-09-15 22:32 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-09-15 22:32 . 2014-06-21 05:26 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-09-15 22:31 . 2014-06-21 05:26 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-09-15 22:31 . 2014-06-21 05:26 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-09-15 22:31 . 2014-09-15 22:31 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-09-15 22:31 . 2014-06-21 05:26 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-09-15 22:31 . 2014-06-21 05:26 1335544 ----a-w- c:\windows\system32\aticfx64.dll
2014-09-15 22:31 . 2014-06-21 05:26 1113576 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-09-15 22:31 . 2014-06-21 05:25 10826488 ----a-w- c:\windows\system32\atidxx64.dll
2014-09-15 22:31 . 2014-06-21 05:25 9254184 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-09-15 22:31 . 2014-06-21 05:25 7207592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-09-15 22:31 . 2014-06-21 05:25 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-09-15 22:31 . 2014-09-15 22:31 8044976 ----a-w- c:\windows\system32\atiumd6a.dll
2014-09-15 22:31 . 2014-09-15 22:31 8296296 ----a-w- c:\windows\system32\atiumd64.dll
2014-09-15 22:29 . 2014-09-15 22:29 293088 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-09-15 22:26 . 2014-09-15 22:26 16750080 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-09-15 22:18 . 2014-09-15 22:18 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-09-15 22:18 . 2014-09-15 22:18 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-09-15 22:17 . 2014-09-15 22:17 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-09-15 22:17 . 2014-09-15 22:17 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-09-15 22:17 . 2014-09-15 22:17 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-09-15 22:17 . 2014-09-15 22:17 33867264 ----a-w- c:\windows\system32\amdocl64.dll
2014-09-15 22:17 . 2014-09-15 22:17 28770304 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-09-15 22:16 . 2014-09-15 22:16 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-09-15 22:16 . 2014-09-15 22:16 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-09-15 22:13 . 2014-09-15 22:13 27918336 ----a-w- c:\windows\system32\atio6axx.dll
2014-09-15 22:09 . 2014-09-15 22:09 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-09-15 22:09 . 2014-09-15 22:09 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-09-15 22:09 . 2014-09-15 22:09 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-09-15 22:09 . 2014-09-15 22:09 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-09-15 22:09 . 2014-09-15 22:09 5639168 ----a-w- c:\windows\system32\amdmantle64.dll
2014-09-15 22:08 . 2014-09-15 22:08 23375360 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-09-15 22:07 . 2014-09-15 22:07 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-09-15 22:07 . 2014-09-15 22:07 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-09-15 22:07 . 2014-09-15 22:07 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-09-15 22:07 . 2014-09-15 22:07 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-09-15 22:07 . 2014-09-15 22:07 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-09-15 22:07 . 2014-09-15 22:07 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-09-15 22:06 . 2014-09-15 22:06 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-09-15 22:05 . 2014-09-15 22:05 4480000 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-09-15 22:03 . 2014-09-15 22:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-09-15 22:03 . 2014-09-15 22:03 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-09-15 22:03 . 2014-09-15 22:03 619008 ----a-w- c:\windows\system32\atieclxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-09-15 22:03 . 2014-09-15 22:03 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-09-15 22:03 . 2014-09-15 22:03 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-09-15 22:00 . 2014-09-15 22:00 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-09-15 22:00 . 2014-06-21 01:29 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-09-15 21:59 . 2014-09-15 21:59 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-09-15 21:59 . 2014-09-15 21:59 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-09-15 21:59 . 2014-09-15 21:59 827392 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-09-15 21:59 . 2014-09-15 21:59 1210880 ----a-w- c:\windows\system32\atiadlxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 900608 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-09-15 21:59 . 2014-09-15 21:59 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-09-15 21:59 . 2014-09-15 21:59 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-09-15 21:58 . 2014-09-15 21:58 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-09-15 16:21 . 2014-09-15 16:21 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-09-15 16:19 . 2014-09-15 16:19 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-09-03 16:24 . 2013-11-27 00:43 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-08-23 02:07 . 2014-08-28 08:58 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 08:58 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-19 15:34 . 2013-11-20 18:55 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-08-13 23:45 . 2013-11-20 18:55 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-08-07 00:17 . 2014-08-07 00:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-01 11:53 . 2014-09-10 07:39 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 07:39 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-10-17 55568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2014-04-08 1047536]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-09-15 767200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
c:\users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-7-4 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Live Update"=c:\program files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 MSISleep;MSISleep;c:\program files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe;c:\program files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-17 20:09 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-24 15:37]
.
2014-07-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17 01:46]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf907b4eccc5f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cfed383aba69c3.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2013-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2014-02-28 c:\windows\Tasks\SidebarExecute.job
- c:\program files (x86)\Windows Sidebar\sidebar.exe [2013-11-21 12:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-17 01:46 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-888966768-835259863-1363282881-1000\Software\SecuROM\License information*]
"datasecu"=hex:9b,1f,1f,5d,70,41,b1,58,85,2c,e3,6a,f3,ff,38,af,80,2f,63,c3,c3,
67,c9,b2,cf,24,0c,28,77,5c,d1,1c,2b,cc,ab,15,1e,bf,1c,5d,04,4d,55,b5,c8,da,\
"rkeysecu"=hex:c2,ae,60,1b,e3,50,aa,ec,a7,a0,2d,4e,03,49,33,72
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="99AA8D4652C34C02FD41E34C19FC22FD93707F2D63C393A924D603F3388C2F8EE6608658E4033342BA0D2715837F9D25F01AA68B8B54D46C266D163772E4DD012ED71970E18B24AE1225B00878D4CF96917B9CA11A06AA88480F4572D8F817154D9E41BD5D4017807949DD2E74A4E2FB26A8BFF61865903312C490CB1ADB46A943563F22CF5A07E588D1CEC85869826CFE4D30C8EED28192AEAF371DCAF0D91334B015B515E072FD7D25E64BEAF5DE781227FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667A2D97226D213B555A6171C11EC38DE3D43EED2E1DC97BAAF01D0C8C687115F10E3C0BA22A28B1F99EDA691BA4774FDCFE7AAD21E095AF5DEF00699989022463E192634FEBB18479E9227BBC459CE5BA8F191CEE9EC426316F86FCFAA855FD00575393991A64937B6B4FCFCC9BB797E837AF07D489EA898B3153B0845AF8F4D9BF99E6F887E70178F73ED257AF8748820E14CF58F3A5ACDAD0646C405DCEB2E4BE43561E3DED3B0E6AFF0E75C20B53DD1C9D9356C60975E0F50266BD8DAA208F1BB8C7DF86B3071101136DA4A43A303039A041CDBB4964DF3BA21C30581D6950348E8967048B4EE73009EFB72F91A67AD7EE8ED315D7EBE0D51B2FBA0A61DB304984463C5A002DE0CAB3E29D4DEEA9862E55CD29308EFFA20678B2797A97F668F7BC9FCCB21311C68076026C70FD76CC782E4587D62F7EF868D0EB7A9697DD05388D963A57B4C24ABC6811A762F1AD994CC3BEE3DA19D2EAC1DD10A6B4A083F13178AF6CC64539C8EE55490DC645EFB14004F6AF67CD9EA16B2A3D84436059EA345A2800E98B84B5A22BB794E5AC314A7994303202F1AFD55AD02C7EF994F01EF739FA709D1639BF0FD5527703FDD06C35EECD60479BE659534205AFC64349AF5C7327D3555AD1B43BEEAD1BAC535D87054D8E3411E1C4214AA667BD00CF548482B3E73D86668FC59EF00157D2446B849C7430F4AE5FB5821C0EF78A288C9868C4A5CDF91CE55194E5EC96F5995807580C621A2679B9B90A2650C02FED65BF67D165A7CD05DABE9521D31C4C5D8C883D72516C8310FAB7811CB3EADC4F7C7616945B6685963170E2782D45D0A3076F929F97E12181451C17AEDBEF427EFA12C334E2726C6B5B5C7A528056245E25515E02169755E82263F80077835AFC6ECE750F1939B832F9A00386CC7E5683A25367DB717C8993636EBD7178BAFB80B2645CB2E9993D12CCDBF5EF0D7D9BA861BDE162280C8B70E82E3C9614B0A724C3B9B4249883CC58FC937AA9CA015D41ADEB75088CE96F36D81E633F03E4DE09E0CE2E74C6528C8BDFC394699C454A4CA8B0EE95461B663BD9ADB078EA068DA1CF03B0285694E16A1CBBB6A5599B66CF2B2"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-21 20:57:56
ComboFix-quarantined-files.txt 2014-10-21 18:57
.
Před spuštěním: Volných bajtů: 82 355 613 696
Po spuštění: Volných bajtů: 82 041 057 280
.
- - End Of File - - 5E9366500146C98515F7D08CE76EC204
A36C5E4F47E84449FF07ED3517B43A31

Chabadaj · #9 Příspěvek od **Chabadaj** » 21 říj 2014 20:02

ComboFix 14-10-21.01 - uživatel 21.10.2014 20:17:40.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8140.6153 [GMT 2:00]
Spuštěný z: c:\users\u×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\tmp5318.tmp
c:\windows\SysWow64\tmp5358.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-21 do 2014-10-21 )))))))))))))))))))))))))))))))
.
.
2014-10-21 18:54 . 2014-10-21 18:54 -------- d-----w- c:\users\Pro všechny\AppData\Local\temp
2014-10-21 18:54 . 2014-10-21 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-21 18:01 . 2014-10-21 18:01 79064 ----a-w- c:\windows\system32\drivers\snsr.sys
2014-10-21 17:08 . 2014-10-21 17:08 -------- d-----w- C:\found.001
2014-10-21 16:44 . 2014-10-21 17:50 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-21 16:37 . 2014-10-21 16:40 -------- d-----w- c:\users\uživatel\AppData\Roaming\Malwarebytes
2014-10-21 16:36 . 2014-10-21 16:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-10-21 16:30 . 2014-10-21 17:04 -------- d-----w- C:\AdwCleaner
2014-10-21 07:05 . 2014-10-14 19:59 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15D1BEFC-C408-4772-BE94-3AA497DB3971}\mpengine.dll
2014-10-20 19:50 . 2014-10-20 19:50 -------- d-----w- c:\users\uživatel\AppData\Roaming\Alien Isolation
2014-10-19 11:49 . 2014-10-19 11:49 -------- d-----w- C:\rsit
2014-10-19 11:49 . 2014-10-19 11:49 -------- d-----w- c:\program files\trend micro
2014-10-19 08:24 . 2014-10-19 08:24 -------- d-----w- C:\found.000
2014-10-16 17:57 . 2014-10-16 17:57 -------- d-----w- c:\users\uživatel\AppData\Local\PAYDAY
2014-10-16 16:43 . 2014-10-20 19:54 -------- d-----w- c:\users\uživatel\AppData\Local\PokerStars
2014-10-15 07:13 . 2014-07-07 02:06 1480192 ----a-w- c:\windows\system32\crypt32.dll
2014-10-15 07:12 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-11 19:44 . 2014-10-11 19:44 -------- d-----w- c:\users\uživatel\AppData\Roaming\HeroesAndGeneralsDesktop
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\users\uživatel\AppData\Roaming\WizardWars
2014-10-03 18:01 . 2014-10-03 17:59 175136 ----a-w- c:\windows\SysWow64\EasyAntiCheat.exe
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-10-03 18:01 . 2014-10-03 18:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-10-01 14:24 . 2014-10-01 14:24 -------- d-----w- c:\users\uživatel\AppData\Roaming\AMD
2014-10-01 08:53 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 08:53 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-30 15:55 . 2014-09-30 15:55 -------- d-----w- c:\programdata\ATI
2014-09-30 15:54 . 2014-09-30 15:54 -------- d-----w- c:\program files (x86)\AMD AVT
2014-09-27 00:16 . 2014-09-27 00:16 -------- d-----w- c:\users\uživatel\AppData\Local\The Witcher 2
2014-09-24 16:06 . 2014-09-30 15:45 -------- d-----w- C:\AMD
2014-09-24 07:06 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 07:06 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-16 01:01 . 2014-02-17 11:32 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-07 15:37 . 2013-11-24 15:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-07 15:37 . 2013-11-24 15:51 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-02 13:53 . 2013-11-20 17:29 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-15 22:32 . 2014-09-15 22:32 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-09-15 22:32 . 2014-06-21 05:26 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-09-15 22:32 . 2014-09-15 22:32 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-09-15 22:32 . 2014-09-15 22:32 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-09-15 22:31 . 2014-06-21 05:26 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-09-15 22:31 . 2014-06-21 05:26 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-09-15 22:31 . 2014-09-15 22:31 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-09-15 22:31 . 2014-06-21 05:26 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-09-15 22:31 . 2014-06-21 05:26 1335544 ----a-w- c:\windows\system32\aticfx64.dll
2014-09-15 22:31 . 2014-06-21 05:26 1113576 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-09-15 22:31 . 2014-06-21 05:25 10826488 ----a-w- c:\windows\system32\atidxx64.dll
2014-09-15 22:31 . 2014-06-21 05:25 9254184 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-09-15 22:31 . 2014-06-21 05:25 7207592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-09-15 22:31 . 2014-06-21 05:25 7028336 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-09-15 22:31 . 2014-09-15 22:31 8044976 ----a-w- c:\windows\system32\atiumd6a.dll
2014-09-15 22:31 . 2014-09-15 22:31 8296296 ----a-w- c:\windows\system32\atiumd64.dll
2014-09-15 22:29 . 2014-09-15 22:29 293088 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-09-15 22:26 . 2014-09-15 22:26 16750080 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-09-15 22:18 . 2014-09-15 22:18 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-09-15 22:18 . 2014-09-15 22:18 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-09-15 22:17 . 2014-09-15 22:17 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-09-15 22:17 . 2014-09-15 22:17 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-09-15 22:17 . 2014-09-15 22:17 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-09-15 22:17 . 2014-09-15 22:17 33867264 ----a-w- c:\windows\system32\amdocl64.dll
2014-09-15 22:17 . 2014-09-15 22:17 28770304 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-09-15 22:16 . 2014-09-15 22:16 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-09-15 22:16 . 2014-09-15 22:16 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-09-15 22:13 . 2014-09-15 22:13 27918336 ----a-w- c:\windows\system32\atio6axx.dll
2014-09-15 22:09 . 2014-09-15 22:09 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-09-15 22:09 . 2014-09-15 22:09 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-09-15 22:09 . 2014-09-15 22:09 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-09-15 22:09 . 2014-09-15 22:09 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-09-15 22:09 . 2014-09-15 22:09 5639168 ----a-w- c:\windows\system32\amdmantle64.dll
2014-09-15 22:08 . 2014-09-15 22:08 23375360 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-09-15 22:07 . 2014-09-15 22:07 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-09-15 22:07 . 2014-09-15 22:07 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-09-15 22:07 . 2014-09-15 22:07 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-09-15 22:07 . 2014-09-15 22:07 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-09-15 22:07 . 2014-09-15 22:07 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-09-15 22:07 . 2014-09-15 22:07 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-09-15 22:06 . 2014-09-15 22:06 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-09-15 22:05 . 2014-09-15 22:05 4480000 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-09-15 22:03 . 2014-09-15 22:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-09-15 22:03 . 2014-09-15 22:03 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-09-15 22:03 . 2014-09-15 22:03 619008 ----a-w- c:\windows\system32\atieclxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-09-15 22:03 . 2014-09-15 22:03 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-09-15 22:03 . 2014-09-15 22:03 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-09-15 22:03 . 2014-09-15 22:03 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-09-15 22:00 . 2014-09-15 22:00 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-09-15 22:00 . 2014-06-21 01:29 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-09-15 21:59 . 2014-09-15 21:59 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-09-15 21:59 . 2014-09-15 21:59 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-09-15 21:59 . 2014-09-15 21:59 827392 ----a-w- c:\windows\system32\coinst_14.30.dll
2014-09-15 21:59 . 2014-09-15 21:59 1210880 ----a-w- c:\windows\system32\atiadlxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 900608 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-09-15 21:59 . 2014-09-15 21:59 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-09-15 21:59 . 2014-09-15 21:59 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-09-15 21:59 . 2014-09-15 21:59 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-09-15 21:58 . 2014-09-15 21:58 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-09-15 16:21 . 2014-09-15 16:21 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-09-15 16:19 . 2014-09-15 16:19 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-09-03 16:24 . 2013-11-27 00:43 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2014-08-23 02:07 . 2014-08-28 08:58 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 08:58 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-19 15:34 . 2013-11-20 18:55 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-08-13 23:45 . 2013-11-20 18:55 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-08-07 00:17 . 2014-08-07 00:17 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-01 11:53 . 2014-09-10 07:39 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 07:39 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-10-17 55568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2014-04-08 1047536]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-09-15 767200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
c:\users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-7-4 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Live Update"=c:\program files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 MSISleep;MSISleep;c:\program files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe;c:\program files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-17 20:09 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-24 15:37]
.
2014-07-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17 01:46]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf907b4eccc5f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2014-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cfed383aba69c3.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2013-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19 14:06]
.
2014-02-28 c:\windows\Tasks\SidebarExecute.job
- c:\program files (x86)\Windows Sidebar\sidebar.exe [2013-11-21 12:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-17 01:46 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-888966768-835259863-1363282881-1000\Software\SecuROM\License information*]
"datasecu"=hex:9b,1f,1f,5d,70,41,b1,58,85,2c,e3,6a,f3,ff,38,af,80,2f,63,c3,c3,
67,c9,b2,cf,24,0c,28,77,5c,d1,1c,2b,cc,ab,15,1e,bf,1c,5d,04,4d,55,b5,c8,da,\
"rkeysecu"=hex:c2,ae,60,1b,e3,50,aa,ec,a7,a0,2d,4e,03,49,33,72
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="99AA8D4652C34C02FD41E34C19FC22FD93707F2D63C393A924D603F3388C2F8EE6608658E4033342BA0D2715837F9D25F01AA68B8B54D46C266D163772E4DD012ED71970E18B24AE1225B00878D4CF96917B9CA11A06AA88480F4572D8F817154D9E41BD5D4017807949DD2E74A4E2FB26A8BFF61865903312C490CB1ADB46A943563F22CF5A07E588D1CEC85869826CFE4D30C8EED28192AEAF371DCAF0D91334B015B515E072FD7D25E64BEAF5DE781227FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667A2D97226D213B555A6171C11EC38DE3D43EED2E1DC97BAAF01D0C8C687115F10E3C0BA22A28B1F99EDA691BA4774FDCFE7AAD21E095AF5DEF00699989022463E192634FEBB18479E9227BBC459CE5BA8F191CEE9EC426316F86FCFAA855FD00575393991A64937B6B4FCFCC9BB797E837AF07D489EA898B3153B0845AF8F4D9BF99E6F887E70178F73ED257AF8748820E14CF58F3A5ACDAD0646C405DCEB2E4BE43561E3DED3B0E6AFF0E75C20B53DD1C9D9356C60975E0F50266BD8DAA208F1BB8C7DF86B3071101136DA4A43A303039A041CDBB4964DF3BA21C30581D6950348E8967048B4EE73009EFB72F91A67AD7EE8ED315D7EBE0D51B2FBA0A61DB304984463C5A002DE0CAB3E29D4DEEA9862E55CD29308EFFA20678B2797A97F668F7BC9FCCB21311C68076026C70FD76CC782E4587D62F7EF868D0EB7A9697DD05388D963A57B4C24ABC6811A762F1AD994CC3BEE3DA19D2EAC1DD10A6B4A083F13178AF6CC64539C8EE55490DC645EFB14004F6AF67CD9EA16B2A3D84436059EA345A2800E98B84B5A22BB794E5AC314A7994303202F1AFD55AD02C7EF994F01EF739FA709D1639BF0FD5527703FDD06C35EECD60479BE659534205AFC64349AF5C7327D3555AD1B43BEEAD1BAC535D87054D8E3411E1C4214AA667BD00CF548482B3E73D86668FC59EF00157D2446B849C7430F4AE5FB5821C0EF78A288C9868C4A5CDF91CE55194E5EC96F5995807580C621A2679B9B90A2650C02FED65BF67D165A7CD05DABE9521D31C4C5D8C883D72516C8310FAB7811CB3EADC4F7C7616945B6685963170E2782D45D0A3076F929F97E12181451C17AEDBEF427EFA12C334E2726C6B5B5C7A528056245E25515E02169755E82263F80077835AFC6ECE750F1939B832F9A00386CC7E5683A25367DB717C8993636EBD7178BAFB80B2645CB2E9993D12CCDBF5EF0D7D9BA861BDE162280C8B70E82E3C9614B0A724C3B9B4249883CC58FC937AA9CA015D41ADEB75088CE96F36D81E633F03E4DE09E0CE2E74C6528C8BDFC394699C454A4CA8B0EE95461B663BD9ADB078EA068DA1CF03B0285694E16A1CBBB6A5599B66CF2B2"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-21 20:57:56
ComboFix-quarantined-files.txt 2014-10-21 18:57
.
Před spuštěním: Volných bajtů: 82 355 613 696
Po spuštění: Volných bajtů: 82 041 057 280
.
- - End Of File - - 5E9366500146C98515F7D08CE76EC204
A36C5E4F47E84449FF07ED3517B43A31

#10 Příspěvek od **Roli** » 22 říj 2014 17:57

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jaký je stav PC.

Chabadaj · #11 Příspěvek od **Chabadaj** » 24 říj 2014 19:25

Dobrý den,stále se mi občas ukáže ta "loading" ikonka u myši.
I když by nemělo nic nabíhat v ten moment. :/

#12 Příspěvek od **Roli** » 25 říj 2014 15:56

Chabadaj píše:.... ,stále se mi občas ukáže ta "loading" ikonka u myši

Šmejdem to není, RAM i místa na disku máš dostatek.

Nemáš na Ploše velké soubory (fotky, videa, .....) ?

Co ten TuneUp Utilities je dobře nastaven aby se nehádal se systémem a nebo je vůbec nutný ?

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu