Logfile of random's system information tool 1.09 (written by random/random)
Run by Dave at 2013-11-13 01:59:48
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 46 GB (39%) free of 120 GB
Total RAM: 4093 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:59:54, on 13.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedadssvc.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dave.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedadssvc.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 10361 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
taskeng.exe {D0C55CCD-E5B3-423E-84B7-77367DFB531A}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\PeerBlock\peerblock.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\vsnp2std.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedadssvc.exe"
KHALMNPR.EXE /API
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0bf100ed-b55f-473d-9d75-91c997c5ea2b -SystemEventPortName:HostProcess-7a5ae0e1-6f8c-4353-a951-bc2ee502abd3 -IoCancelEventPortName:HostProcess-3aa18411-fe7b-419e-b31a-012db8f5b831 -NonStateChangingEventPortName:HostProcess-cd8ac9f5-cca2-4103-bbc6-41d2882b3344 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e9e6eafa-0b93-4944-9fdb-00b63da65161 -DeviceGroupId:WpdFsGroup
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\TrueCrypt\TrueCrypt.exe"
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
"C:\Windows\system32\NOTEPAD.EXE" K:\nová hesla.txt
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7160.0.1526417881\457557409" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,24,26 --gpu-vendor-id=0x1002 --gpu-device-id=0x9490 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="7160.1.1074431639\1095280158" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.2.1002447373\847118532" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.3.295912008\772265157" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.4.317120605\280639956" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.5.153411442\2050772328" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.6.1915815728\225585656" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.7.1878859127\737651601" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.8.2141660554\893062000" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.9.1527029386\403330699" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.10.860667347\1853165529" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.11.1219572744\1476179725" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.12.1879726332\919916098" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.13.2049816228\778364788" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.14.427591735\1089916235" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.15.145596029\255783685" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.16.284726028\93708268" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.18.1954863478\267242273" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.19.1119302211\1926410020" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7160.21.1896870755\792790087" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.22.931135561\546298960" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.27.1641364581\548715987" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.29.2138054308\1602360034" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.30.1591269169\270169627" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.31.2055804282\431639689" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.37.588644947\1159627908" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.39.749484479\1061148921" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7160.40.1306946038\158433322" /prefetch:673131151
"D:\Downloads\nesetříděno\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll [2013-10-21 806568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04 366904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll [2013-10-21 717480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-11-26 6325936]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-20 13260944]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2012-11-04 2419512]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-11-11 1612504]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe [2013-01-16 699400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2012-07-24 943344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D3DOverrider]
C:\Program Files\D3DOverrider\D3DOverriderWrapper.exe [2009-08-22 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock]
C:\Program Files\PeerBlock\peerblock.exe [2010-11-06 2646128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2012-09-24 404280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\Windows\vsnp2std.exe [2006-09-15 675840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2012-09-24 6036056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"PrivDogService"=C:\Program Files (x86)\AdTrustMedia\PrivDog\1.7.0.12\trustedadssvc.exe [2013-10-21 515240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2012-10-01 68408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-11-13 01:59:48 ----D---- C:\rsit
2013-11-12 19:29:01 ----D---- C:\Program Files\AdTrustMedia
2013-11-12 19:29:01 ----D---- C:\Program Files (x86)\AdTrustMedia
2013-11-12 19:28:59 ----D---- C:\ProgramData\Adtrustmedia
2013-11-05 22:05:20 ----D---- C:\ProgramData\Oracle
2013-11-05 22:00:41 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-11-05 22:00:34 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-05 22:00:34 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-11-05 22:00:34 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-17 22:25:37 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
======List of files/folders modified in the last 1 month======
2013-11-13 01:59:55 ----D---- C:\Windows\Prefetch
2013-11-13 01:59:54 ----D---- C:\Program Files\trend micro
2013-11-13 01:59:45 ----D---- C:\Program Files\PeerBlock
2013-11-13 01:58:39 ----D---- C:\Windows\temp
2013-11-13 01:56:32 ----D---- C:\Users\Dave\AppData\Roaming\uTorrent
2013-11-13 01:54:57 ----D---- C:\Users\Dave\AppData\Roaming\Skype
2013-11-13 01:31:29 ----RD---- C:\Program Files (x86)
2013-11-13 01:14:24 ----HD---- C:\VTRoot
2013-11-13 00:50:34 ----D---- C:\Users\Dave\AppData\Roaming\Media Player Classic
2013-11-13 00:50:22 ----D---- C:\Windows\Panther
2013-11-13 00:50:22 ----D---- C:\Windows\inf
2013-11-13 00:50:22 ----D---- C:\Windows\debug
2013-11-13 00:50:22 ----D---- C:\Windows
2013-11-13 00:38:24 ----SHD---- C:\Windows\Installer
2013-11-13 00:38:19 ----D---- C:\ProgramData\ABBYY
2013-11-13 00:38:03 ----D---- C:\Windows\System32
2013-11-13 00:16:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-12 22:06:41 ----D---- C:\Windows\system32\config
2013-11-12 19:29:18 ----D---- C:\Windows\system32\Tasks
2013-11-12 19:29:01 ----RD---- C:\Program Files
2013-11-12 19:28:59 ----D---- C:\ProgramData
2013-11-09 22:53:48 ----D---- C:\Users\Dave\AppData\Roaming\.Torrent Stream
2013-11-09 19:51:45 ----SHD---- C:\System Volume Information
2013-11-05 22:00:46 ----D---- C:\Program Files (x86)\Common Files
2013-11-05 22:00:41 ----D---- C:\Windows\SysWOW64
2013-11-05 22:00:33 ----D---- C:\Program Files (x86)\Java
2013-11-05 20:10:36 ----D---- C:\Program Files\Common Files\Adobe
2013-11-05 20:09:12 ----D---- C:\Program Files (x86)\Adobe
2013-10-31 10:42:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-27 18:59:35 ----D---- C:\TorrentStream
2013-10-24 15:56:03 ----D---- C:\ProgramData\Skype
2013-10-24 15:56:01 ----RD---- C:\Program Files (x86)\Skype
2013-10-20 15:54:47 ----D---- C:\Windows\system32\catroot2
2013-10-14 10:48:52 ----D---- C:\Windows\winsxs
2013-10-14 00:38:31 ----D---- C:\Windows\system32\DriverStore
2013-10-14 00:38:31 ----D---- C:\Windows\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-01-08 155272]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-05-23 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-01-08 340104]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-01-08 1340040]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-01-08 1093256]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-01-08 228488]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-01-08 166024]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-09-24 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2012-12-20 231376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-10-08 138744]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-11-21 4213904]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2012-09-18 75064]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2012-09-18 61240]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [2010-11-06 24176]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-03-30 12333568]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-01-08 367200]
S3 arusb_win7x;Service For TP-LINK Wireless N Adapter; C:\Windows\system32\DRIVERS\arusb_win7x.sys [2010-06-01 769024]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2012-09-24 1127840]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2011-03-01 27648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-09-14 7024712]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2011-03-01 27648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2012-10-01 359224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-30 119408]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2011-03-01 27648]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2011-03-01 27648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-20 1255736]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S4 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-01-08 3692536]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, padá prohlížeč
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu, padá prohlížeč
Zdravím, přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
NMIndexingService
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Plánovači úkolů zakaž Google Update bude to tam několikrát.
Koukám, že tam máš Mbam našel něco
Ovladače od grafiky jsou aktuální
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
NMIndexingService
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Plánovači úkolů zakaž Google Update bude to tam několikrát.
Koukám, že tam máš Mbam našel něco
Ovladače od grafiky jsou aktuální
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.
Re: Prosím o kontrolu, padá prohlížeč
Zdravim, tak se zdá, že je vše v pořádku, chyba byla mezi monitorem a židlí:-) Ten google update sem vypnul, jak si doporučil. Jestli si teda nic nenašel, tak díky za pomoc.
Re: Prosím o kontrolu, padá prohlížeč
Mbam nic nenašel.
# AdwCleaner v3.012 - Report created 16/11/2013 at 01:21:38
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dave - DAVE-PC
# Running from : C:\Users\Dave\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\Program Files (x86)\driver-soft
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1662 octets] - [16/11/2013 01:21:38]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1722 octets] ##########
Díky moc.
# AdwCleaner v3.012 - Report created 16/11/2013 at 01:21:38
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dave - DAVE-PC
# Running from : C:\Users\Dave\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\Program Files (x86)\driver-soft
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1662 octets] - [16/11/2013 01:21:38]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1722 octets] ##########
Díky moc.
Re: Prosím o kontrolu, padá prohlížeč
Znovu spusť AdwCleaner ale tentokrát klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
Re: Prosím o kontrolu, padá prohlížeč
Ty záznamy v registru, to byl malware, nebo jen zbytky po infekci?
# AdwCleaner v3.012 - Report created 18/11/2013 at 19:41:05
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dave - DAVE-PC
# Running from : C:\Users\Dave\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1818 octets] - [16/11/2013 01:21:38]
AdwCleaner[R2].txt - [1878 octets] - [17/11/2013 22:55:56]
AdwCleaner[R3].txt - [981 octets] - [18/11/2013 18:02:41]
AdwCleaner[R4].txt - [793 octets] - [18/11/2013 19:41:05]
AdwCleaner[S0].txt - [1966 octets] - [17/11/2013 22:57:28]
AdwCleaner[S1].txt - [1045 octets] - [18/11/2013 18:04:12]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [972 octets] ##########
# AdwCleaner v3.012 - Report created 18/11/2013 at 19:41:05
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Dave - DAVE-PC
# Running from : C:\Users\Dave\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1818 octets] - [16/11/2013 01:21:38]
AdwCleaner[R2].txt - [1878 octets] - [17/11/2013 22:55:56]
AdwCleaner[R3].txt - [981 octets] - [18/11/2013 18:02:41]
AdwCleaner[R4].txt - [793 octets] - [18/11/2013 19:41:05]
AdwCleaner[S0].txt - [1966 octets] - [17/11/2013 22:57:28]
AdwCleaner[S1].txt - [1045 octets] - [18/11/2013 18:04:12]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [972 octets] ##########
Re: Prosím o kontrolu, padá prohlížeč
Tys použil opět Scan.Roli píše:Znovu spusť AdwCleaner ale tentokrát klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
Bordel v prohlížeči.detor píše:Ty záznamy v registru, to byl malware, nebo jen zbytky po infekci?
Re: Prosím o kontrolu, padá prohlížeč
Jj, sorry, psalo to option: clean.Tys použil opět Scan.
Dík za vysvětlení.Bordel v prohlížeči.
Re: Prosím o kontrolu, padá prohlížeč
PC je teď už kompletně čistý? Jestli ano, tak díky moc!
Re: Prosím o kontrolu, padá prohlížeč
Přes Odebrat programy odinstaluj Malwarebytes (Mbam)detor píše:PC je teď už kompletně čistý?
Ještě použijem větší kalibr, tak že pozorně čti, protože tenhle softík netoleruje chyby.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosím o kontrolu, padá prohlížeč
Log z combofixu:
ComboFix 13-11-19.01 - Dave 21.11.2013 19:09:25.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2904 [GMT 1:00]
Spuštěný z: c:\users\Dave\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-21 do 2013-11-21 )))))))))))))))))))))))))))))))
.
.
2013-11-21 18:23 . 2013-11-21 18:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-21 18:23 . 2013-11-21 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-16 02:50 . 2013-11-16 02:50 -------- d-----w- c:\programdata\IObit
2013-11-16 02:50 . 2013-11-16 02:50 -------- d-----w- c:\program files (x86)\IObit
2013-11-16 00:21 . 2013-11-20 00:53 -------- d-----w- C:\AdwCleaner
2013-11-15 13:25 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{667D6EC8-E2BB-4BC1-9191-429B4BB7F7EE}\mpengine.dll
2013-11-14 20:02 . 2013-11-15 15:30 -------- d-----w- c:\program files (x86)\Pro Evolution Soccer 2014
2013-11-14 19:17 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-14 19:11 . 2013-11-14 19:11 999936 ----a-w- c:\program files (x86)\Internet Explorer\networkinspection.dll
2013-11-13 19:36 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 19:36 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- C:\_acestream_cache_
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- c:\users\Dave\AppData\Roaming\.ACEStream
2013-11-13 18:49 . 2013-11-13 18:51 -------- d-----w- c:\users\Dave\AppData\Roaming\ACEStream
2013-11-13 01:11 . 2013-11-13 01:52 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-13 00:59 . 2013-11-13 01:00 -------- d-----w- C:\rsit
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files\AdTrustMedia
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-11-12 18:28 . 2013-11-12 18:28 -------- d-----w- c:\programdata\Adtrustmedia
2013-11-05 21:05 . 2013-11-05 21:05 -------- d-----w- c:\programdata\Oracle
2013-11-05 21:00 . 2013-11-05 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 21:00 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-16 00:59 . 2012-12-28 23:52 393216 ----a-w- c:\users\Dave\AppData\Roaming\pohoda.sys
2013-11-14 19:03 . 2012-12-20 15:50 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-14 11:38 . 2013-01-16 18:51 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-01-24 21:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-13 15:09 . 2013-01-16 21:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 15:09 . 2013-01-16 21:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-26 07:29 . 2012-12-23 01:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-25 02:22 . 2013-11-13 19:35 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 19:35 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 10:54 . 2013-01-16 18:51 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-01-16 18:51 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-01-16 18:51 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:43 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-01-24 21:42 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-01-24 21:42 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-08 02:30 . 2013-10-11 17:10 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 17:10 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 17:10 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-13 22:13 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-13 22:13 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-13 22:13 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-13 22:13 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-13 22:13 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-13 22:13 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-13 22:13 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2012-12-20 02:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-11 17:10 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 17:10 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 17:10 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 17:10 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 17:10 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 17:10 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 17:10 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 17:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 17:10 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 17:10 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 17:10 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 17:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-11 17:10 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-11 17:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 17:10 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 17:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 17:10 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 17:10 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 17:10 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys;c:\windows\SYSNATIVE\DRIVERS\arusb_win7x.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 16:25 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-19 13260944]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{76F36765-334D-428F-9E87-C637AB288DBC}: NameServer = 160.218.161.54,194.228.41.65
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-CZ SK IPTV v2.0.4 - c:\windows\CZ SK IPTV v2.0.4
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
AddRemove-Google Chrome - c:\users\Dave\AppData\Local\Google\Chrome\Application\27.0.1453.116\Installer\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-11-21 19:33:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-21 18:33
.
Před spuštěním: Volných bajtů: 41 370 607 616
Po spuštění: Volných bajtů: 41 437 913 088
.
- - End Of File - - D29D8647DF29100818D1D8D332537029
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-11-19.01 - Dave 21.11.2013 19:09:25.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2904 [GMT 1:00]
Spuštěný z: c:\users\Dave\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-21 do 2013-11-21 )))))))))))))))))))))))))))))))
.
.
2013-11-21 18:23 . 2013-11-21 18:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-21 18:23 . 2013-11-21 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-16 02:50 . 2013-11-16 02:50 -------- d-----w- c:\programdata\IObit
2013-11-16 02:50 . 2013-11-16 02:50 -------- d-----w- c:\program files (x86)\IObit
2013-11-16 00:21 . 2013-11-20 00:53 -------- d-----w- C:\AdwCleaner
2013-11-15 13:25 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{667D6EC8-E2BB-4BC1-9191-429B4BB7F7EE}\mpengine.dll
2013-11-14 20:02 . 2013-11-15 15:30 -------- d-----w- c:\program files (x86)\Pro Evolution Soccer 2014
2013-11-14 19:17 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-14 19:11 . 2013-11-14 19:11 999936 ----a-w- c:\program files (x86)\Internet Explorer\networkinspection.dll
2013-11-13 19:36 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 19:36 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- C:\_acestream_cache_
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- c:\users\Dave\AppData\Roaming\.ACEStream
2013-11-13 18:49 . 2013-11-13 18:51 -------- d-----w- c:\users\Dave\AppData\Roaming\ACEStream
2013-11-13 01:11 . 2013-11-13 01:52 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-13 00:59 . 2013-11-13 01:00 -------- d-----w- C:\rsit
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files\AdTrustMedia
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-11-12 18:28 . 2013-11-12 18:28 -------- d-----w- c:\programdata\Adtrustmedia
2013-11-05 21:05 . 2013-11-05 21:05 -------- d-----w- c:\programdata\Oracle
2013-11-05 21:00 . 2013-11-05 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 21:00 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-16 00:59 . 2012-12-28 23:52 393216 ----a-w- c:\users\Dave\AppData\Roaming\pohoda.sys
2013-11-14 19:03 . 2012-12-20 15:50 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-14 11:38 . 2013-01-16 18:51 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-01-24 21:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-13 15:09 . 2013-01-16 21:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 15:09 . 2013-01-16 21:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-26 07:29 . 2012-12-23 01:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-25 02:22 . 2013-11-13 19:35 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 19:35 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 10:54 . 2013-01-16 18:51 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-01-16 18:51 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-01-16 18:51 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:43 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-01-24 21:42 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-01-24 21:42 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-08 02:30 . 2013-10-11 17:10 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 17:10 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 17:10 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-13 22:13 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-13 22:13 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-13 22:13 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-13 22:13 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-13 22:13 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-13 22:13 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-13 22:13 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2012-12-20 02:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-11 17:10 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 17:10 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 17:10 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 17:10 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 17:10 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 17:10 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 17:10 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 17:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 17:10 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 17:10 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 17:10 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 17:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-11 17:10 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-11 17:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 17:10 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 17:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 17:10 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 17:10 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 17:10 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys;c:\windows\SYSNATIVE\DRIVERS\arusb_win7x.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 16:25 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-19 13260944]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{76F36765-334D-428F-9E87-C637AB288DBC}: NameServer = 160.218.161.54,194.228.41.65
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-CZ SK IPTV v2.0.4 - c:\windows\CZ SK IPTV v2.0.4
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
AddRemove-Google Chrome - c:\users\Dave\AppData\Local\Google\Chrome\Application\27.0.1453.116\Installer\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-11-21 19:33:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-21 18:33
.
Před spuštěním: Volných bajtů: 41 370 607 616
Po spuštění: Volných bajtů: 41 437 913 088
.
- - End Of File - - D29D8647DF29100818D1D8D332537029
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím o kontrolu, padá prohlížeč
Přes Odebrat programy odintaluj vše od IObit
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Prosím o kontrolu, padá prohlížeč
Log z Combofixu:
ComboFix 13-11-19.01 - Dave 25.11.2013 21:47:47.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2706 [GMT 1:00]
Spuštěný z: c:\users\Dave\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dave\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 21:01 . 2013-11-25 21:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-25 21:01 . 2013-11-25 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-22 13:49 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1B2074C-F871-48AF-8FC9-8A3E181B33B6}\mpengine.dll
2013-11-16 00:21 . 2013-11-20 00:53 -------- d-----w- C:\AdwCleaner
2013-11-14 20:02 . 2013-11-15 15:30 -------- d-----w- c:\program files (x86)\Pro Evolution Soccer 2014
2013-11-14 19:17 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-14 19:11 . 2013-11-14 19:11 999936 ----a-w- c:\program files (x86)\Internet Explorer\networkinspection.dll
2013-11-13 19:36 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 19:36 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- C:\_acestream_cache_
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- c:\users\Dave\AppData\Roaming\.ACEStream
2013-11-13 18:49 . 2013-11-13 18:51 -------- d-----w- c:\users\Dave\AppData\Roaming\ACEStream
2013-11-13 01:11 . 2013-11-13 01:52 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-13 00:59 . 2013-11-13 01:00 -------- d-----w- C:\rsit
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files\AdTrustMedia
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-11-12 18:28 . 2013-11-12 18:28 -------- d-----w- c:\programdata\Adtrustmedia
2013-11-05 21:05 . 2013-11-05 21:05 -------- d-----w- c:\programdata\Oracle
2013-11-05 21:00 . 2013-11-05 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 21:00 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-16 00:59 . 2012-12-28 23:52 393216 ----a-w- c:\users\Dave\AppData\Roaming\pohoda.sys
2013-11-14 19:03 . 2012-12-20 15:50 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-14 11:38 . 2013-01-16 18:51 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-01-24 21:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-13 15:09 . 2013-01-16 21:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 15:09 . 2013-01-16 21:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-11 04:50 . 2012-12-20 02:49 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-26 07:29 . 2012-12-23 01:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-25 02:22 . 2013-11-13 19:35 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 19:35 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 10:54 . 2013-01-16 18:51 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-01-16 18:51 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-01-16 18:51 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:43 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-01-24 21:42 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-01-24 21:42 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-08 02:30 . 2013-10-11 17:10 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 17:10 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 17:10 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-13 22:13 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-13 22:13 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-13 22:13 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-13 22:13 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-13 22:13 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-13 22:13 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-13 22:13 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-11 17:10 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 17:10 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 17:10 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 17:10 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 17:10 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 17:10 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 17:10 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 17:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 17:10 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 17:10 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 17:10 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 17:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-11 17:10 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-11 17:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 17:10 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 17:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 17:10 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 17:10 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 17:10 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys;c:\windows\SYSNATIVE\DRIVERS\arusb_win7x.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 16:25 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-19 13260944]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{76F36765-334D-428F-9E87-C637AB288DBC}: NameServer = 160.218.161.54,194.228.41.65
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CZ SK IPTV v2.0.4 - c:\windows\CZ SK IPTV v2.0.4
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-25 22:09:07
ComboFix-quarantined-files.txt 2013-11-25 21:09
ComboFix2.txt 2013-11-21 18:33
.
Před spuštěním: Volných bajtů: 45 571 637 248
Po spuštění: Volných bajtů: 45 245 345 792
.
- - End Of File - - 33CC276297F3FFE3404ECB8600E33548
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-11-19.01 - Dave 25.11.2013 21:47:47.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2706 [GMT 1:00]
Spuštěný z: c:\users\Dave\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dave\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-25 do 2013-11-25 )))))))))))))))))))))))))))))))
.
.
2013-11-25 21:01 . 2013-11-25 21:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-25 21:01 . 2013-11-25 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-22 13:49 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1B2074C-F871-48AF-8FC9-8A3E181B33B6}\mpengine.dll
2013-11-16 00:21 . 2013-11-20 00:53 -------- d-----w- C:\AdwCleaner
2013-11-14 20:02 . 2013-11-15 15:30 -------- d-----w- c:\program files (x86)\Pro Evolution Soccer 2014
2013-11-14 19:17 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-14 19:11 . 2013-11-14 19:11 999936 ----a-w- c:\program files (x86)\Internet Explorer\networkinspection.dll
2013-11-13 19:36 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 19:36 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- C:\_acestream_cache_
2013-11-13 18:50 . 2013-11-17 19:54 -------- d-----w- c:\users\Dave\AppData\Roaming\.ACEStream
2013-11-13 18:49 . 2013-11-13 18:51 -------- d-----w- c:\users\Dave\AppData\Roaming\ACEStream
2013-11-13 01:11 . 2013-11-13 01:52 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-11-13 00:59 . 2013-11-13 01:00 -------- d-----w- C:\rsit
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files\AdTrustMedia
2013-11-12 18:29 . 2013-11-12 18:29 -------- d-----w- c:\program files (x86)\AdTrustMedia
2013-11-12 18:28 . 2013-11-12 18:28 -------- d-----w- c:\programdata\Adtrustmedia
2013-11-05 21:05 . 2013-11-05 21:05 -------- d-----w- c:\programdata\Oracle
2013-11-05 21:00 . 2013-11-05 21:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 21:00 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-16 00:59 . 2012-12-28 23:52 393216 ----a-w- c:\users\Dave\AppData\Roaming\pohoda.sys
2013-11-14 19:03 . 2012-12-20 15:50 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-14 11:38 . 2013-01-16 18:51 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-11-14 11:38 . 2013-01-24 21:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-11-13 15:09 . 2013-01-16 21:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 15:09 . 2013-01-16 21:18 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-11 04:50 . 2012-12-20 02:49 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-26 07:29 . 2012-12-23 01:06 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-25 02:22 . 2013-11-13 19:35 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 19:35 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-24 10:54 . 2013-01-16 18:51 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-01-16 18:51 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-01-16 18:51 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-01-24 21:43 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-01-24 21:43 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-01-24 21:42 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-01-24 21:42 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-01-24 21:42 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-01-24 21:42 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-08 02:30 . 2013-10-11 17:10 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-11 17:10 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-11 17:10 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-13 22:13 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-13 22:13 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-13 22:13 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-13 22:13 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-13 22:13 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-13 22:13 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-13 22:13 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-11 17:10 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-11 17:10 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-11 17:10 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-11 17:10 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-11 17:10 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-11 17:10 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 17:10 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 17:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-11 17:10 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-11 17:10 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-11 17:10 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-11 17:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-11 17:10 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-11 17:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-11 17:10 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-11 17:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-11 17:10 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-11 17:10 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-11 17:10 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys;c:\windows\SYSNATIVE\DRIVERS\arusb_win7x.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 16:25 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2012-09-24 16:43 2737888 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-19 13260944]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-11-11 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{76F36765-334D-428F-9E87-C637AB288DBC}: NameServer = 160.218.161.54,194.228.41.65
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CZ SK IPTV v2.0.4 - c:\windows\CZ SK IPTV v2.0.4
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-25 22:09:07
ComboFix-quarantined-files.txt 2013-11-25 21:09
ComboFix2.txt 2013-11-21 18:33
.
Před spuštěním: Volných bajtů: 45 571 637 248
Po spuštění: Volných bajtů: 45 245 345 792
.
- - End Of File - - 33CC276297F3FFE3404ECB8600E33548
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím o kontrolu, padá prohlížeč
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
No a tím by bylo definitivně uklizeno
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
No a tím by bylo definitivně uklizeno
Přispějete na provoz fóra?