Dobrý den, do počítače se mi dostal vir "Policie ČR" http://www.viry.cz/policie-cr-vas-sleduje/ , provedl jsem obnovu systému a PC zatím vypadá v pohodě, nicméně určitě tam ta havěť někde bude, tak přikládám log z RSIT. Děkuji za pomoc.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2014-01-10 20:01:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (12%) free of 278 GB
Total RAM: 6121 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:23, on 10.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\Radek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [msi LED Manager] C:\Program Files (x86)\msi\msi LED Manager\SLM.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12622 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000658
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\FSP\FspUip.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Radek/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe"
"C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe"
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
"C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe" /CFG="C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp"
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4596.14466200.412186094 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4596 "\\.\pipe\gecko-crash-server-pipe.4596" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash1740.5FC9B990.17622 --host-broker-channel=Flash1740.5FC9B990.26154 --host-pid=1740 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=4684.0017F768.1664757518 --proxy-stub-channel=Flash1740.5FC9B990.17622 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Radek\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-05 545224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-05 193480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-14 11777128]
"fspuip"=C:\Program Files\FSP\fspuip.exe [2010-06-07 3650048]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2009-10-15 17920]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"Akamai NetSession Interface"=C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"Voobly"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-11-05 2482176]
"Cinema ProII AP"=C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [2011-01-25 200192]
"Cinema ProII Controler"=C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [2010-06-25 1689600]
"NVIDIAOCAP"=C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [2010-10-20 83456]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-11-18 1351680]
"UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
"msi LED Manager"=C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2010-07-29 2795008]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-20 684600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0
"NoDriveTypeAutoRun"=145
"NoDrives"=8388608
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - C:\windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2014-01-10 19:52:04 ----D---- C:\rsit
2014-01-10 19:52:04 ----D---- C:\Program Files\trend micro
2014-01-04 14:19:51 ----D---- C:\Program Files (x86)\Panzers2
2014-01-04 14:05:18 ----D---- C:\Program Files (x86)\Panzers1
2013-12-20 18:53:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-14 00:33:58 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-14 00:33:58 ----A---- C:\windows\system32\wmploc.DLL
2013-12-14 00:33:57 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-14 00:33:56 ----A---- C:\windows\system32\wmp.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\iernonce.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-14 00:32:33 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\mshtml.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\iesetup.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-14 00:32:32 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\iertutil.dll
2013-12-14 00:32:30 ----A---- C:\windows\system32\ieframe.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-14 00:32:28 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-14 00:32:28 ----A---- C:\windows\system32\jscript9.dll
2013-12-13 15:48:08 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-13 15:48:08 ----A---- C:\windows\system32\msieftp.dll
2013-12-13 15:48:07 ----A---- C:\windows\system32\win32k.sys
2013-12-13 15:48:02 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-13 15:48:02 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-13 15:47:32 ----A---- C:\windows\system32\imagehlp.dll
2013-12-13 15:47:31 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-13 15:42:32 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-13 15:42:32 ----A---- C:\windows\system32\tzres.dll
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\system32\cscript.exe
======List of files/folders modified in the last 1 month======
2014-01-10 20:01:22 ----D---- C:\windows\Temp
2014-01-10 20:01:19 ----SHD---- C:\System Volume Information
2014-01-10 19:54:35 ----HD---- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
2014-01-10 19:54:34 ----D---- C:\windows\inf
2014-01-10 19:54:34 ----D---- C:\Windows
2014-01-10 19:54:34 ----D---- C:\Users\Radek\AppData\Roaming\TS3Client
2014-01-10 19:52:04 ----RD---- C:\Program Files
2014-01-10 19:51:16 ----D---- C:\windows\System32
2014-01-10 19:51:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-10 19:39:24 ----D---- C:\windows\system32\config
2014-01-10 19:22:56 ----D---- C:\windows\system32\wbem
2014-01-10 19:22:20 ----D---- C:\windows\Tasks
2014-01-10 19:22:20 ----D---- C:\windows\system32\wfp
2014-01-10 19:22:20 ----D---- C:\windows\system32\catroot2
2014-01-10 19:22:19 ----D---- C:\windows\registration
2014-01-10 17:48:10 ----D---- C:\Program Files (x86)\World_of_Tanks
2014-01-10 17:04:31 ----SHD---- C:\windows\Installer
2014-01-10 17:03:38 ----D---- C:\windows\SysWOW64
2014-01-10 11:18:20 ----A---- C:\windows\SYSWOW64\PnkBstrB.exe
2014-01-04 14:19:51 ----RD---- C:\Program Files (x86)
2014-01-03 15:24:37 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2013-12-30 22:22:03 ----D---- C:\Program Files (x86)\Steam
2013-12-30 22:22:02 ----HD---- C:\Users\Radek\AppData\Roaming\uTorrent
2013-12-30 22:22:02 ----D---- C:\windows\Panther
2013-12-30 22:22:02 ----D---- C:\windows\Logs
2013-12-30 22:22:02 ----D---- C:\windows\debug
2013-12-30 19:50:55 ----D---- C:\ProgramData\boost_interprocess
2013-12-22 12:33:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 18:09:01 ----D---- C:\windows\system32\catroot
2013-12-20 18:09:00 ----D---- C:\windows\system32\drivers
2013-12-15 12:15:31 ----D---- C:\windows\system32\MRT
2013-12-15 12:14:03 ----A---- C:\windows\system32\MRT.exe
2013-12-14 15:07:13 ----D---- C:\windows\winsxs
2013-12-14 15:03:43 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-14 15:03:41 ----D---- C:\Program Files\Windows Media Player
2013-12-14 15:03:39 ----D---- C:\Program Files\Internet Explorer
2013-12-14 15:03:39 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\sk-SK
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\lv-LV
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\lt-LT
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\hu-HU
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\et-EE
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\en-US
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-14 15:03:35 ----D---- C:\windows\SYSWOW64\bg-BG
2013-12-14 15:03:35 ----D---- C:\windows\system32\sk-SK
2013-12-14 15:03:35 ----D---- C:\windows\system32\lv-LV
2013-12-14 15:03:35 ----D---- C:\windows\system32\lt-LT
2013-12-14 15:03:35 ----D---- C:\windows\system32\cs-CZ
2013-12-14 15:03:35 ----D---- C:\windows\system32\bg-BG
2013-12-14 15:03:34 ----D---- C:\windows\system32\hu-HU
2013-12-14 15:03:34 ----D---- C:\windows\system32\et-EE
2013-12-14 15:03:34 ----D---- C:\windows\system32\en-US
2013-12-14 15:03:30 ----D---- C:\windows\system32\DriverStore
2013-12-14 00:33:19 ----D---- C:\ProgramData\Microsoft Help
2013-12-13 16:20:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-12-20 131576]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-23 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-12-20 108440]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\drivers\fspad_wlh64.sys [2010-06-07 52224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-02-15 2741736]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-07-04 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64; C:\windows\system32\drivers\fspad_xp64.sys [2010-06-07 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\drivers\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-29 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-20 440376]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSI Foundation Service;MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-17 12800]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-13 1007208]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2012-08-27 76888]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-28 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir "Policie ČR"
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Zdravím!
Dejte log ComboFix:
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
ComboFix 14-01-08.03 - Radek 10.01.2014 22:21:11.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4072 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-10 do 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-10 21:24 . 2014-01-10 21:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 21:09 . 2014-01-10 21:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\offreg.dll
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- c:\program files\trend micro
2014-01-10 18:29 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\mpengine.dll
2014-01-04 13:19 . 2014-01-04 13:21 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-04 13:06 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-10 22:26:35
ComboFix-quarantined-files.txt 2014-01-10 21:26
ComboFix2.txt 2014-01-10 21:17
.
Před spuštěním: Volných bajtů: 33 548 554 240
Po spuštění: Volných bajtů: 33 477 193 728
.
- - End Of File - - 6A4E61D7DF9393AB4A97BFF689BFEF7C
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4072 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-10 do 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-10 21:24 . 2014-01-10 21:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 21:09 . 2014-01-10 21:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\offreg.dll
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- c:\program files\trend micro
2014-01-10 18:29 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\mpengine.dll
2014-01-04 13:19 . 2014-01-04 13:21 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-04 13:06 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-10 22:26:35
ComboFix-quarantined-files.txt 2014-01-10 21:26
ComboFix2.txt 2014-01-10 21:17
.
Před spuštěním: Volných bajtů: 33 548 554 240
Po spuštění: Volných bajtů: 33 477 193 728
.
- - End Of File - - 6A4E61D7DF9393AB4A97BFF689BFEF7C
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\users\Radek\AppData\Local\Akamai\
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Regnull::
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
Tady je log, který vyhodil ComboFix:
ComboFix 14-01-08.03 - Radek 11.01.2014 1:27.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4498 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radek\Desktop\CFScript.TXT
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radek\AppData\Local\Akamai
c:\users\Radek\AppData\Local\Akamai\admintool.exe
c:\users\Radek\AppData\Local\Akamai\client.ini
c:\users\Radek\AppData\Local\Akamai\ControlPanel.exe
c:\users\Radek\AppData\Local\Akamai\CplTasks.xml
c:\users\Radek\AppData\Local\Akamai\euc_state.json
c:\users\Radek\AppData\Local\Akamai\extraroot.pem
c:\users\Radek\AppData\Local\Akamai\guid.ini
c:\users\Radek\AppData\Local\Akamai\installer.txt
c:\users\Radek\AppData\Local\Akamai\Languages\csy.dll
c:\users\Radek\AppData\Local\Akamai\Languages\dan.dll
c:\users\Radek\AppData\Local\Akamai\Languages\deu.dll
c:\users\Radek\AppData\Local\Akamai\Languages\esp.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fin.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fra.dll
c:\users\Radek\AppData\Local\Akamai\Languages\chs.dll
c:\users\Radek\AppData\Local\Akamai\Languages\cht.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ita.dll
c:\users\Radek\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Radek\AppData\Local\Akamai\Languages\kor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nld.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\plk.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Radek\AppData\Local\Akamai\Languages\rus.dll
c:\users\Radek\AppData\Local\Akamai\Languages\sve.dll
c:\users\Radek\AppData\Local\Akamai\Languages\trk.dll
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140104_001357.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140104_102042.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_003525.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_101613.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_102512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_105126.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_235305.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140106_103703.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140107_003405.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140107_085428.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_000409.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_085151.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_151027.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_151859.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152206.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152712.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152925.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140109_214445.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_011104.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_101407.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_125857.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_160130.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_181711.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_182455.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_205238.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_205737.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_213429.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_000832.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_001357.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_102116.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_112116.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_122117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_132117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_142117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_152118.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_162118.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_172119.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_182120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_192120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_202120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_212121.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_222122.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_232122.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_002123.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_003524.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_101641.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_102511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_105152.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_115152.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_125153.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_135153.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_145154.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_155155.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_165155.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_175156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_185156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_195156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_205157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_215158.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_225158.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_235159.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_235304.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_103722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_113722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_123722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_133723.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_143724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_153724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_163724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_173725.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_183725.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_193726.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_203727.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_213728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_223728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_233728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_003404.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_085510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_095510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_105511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_115512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_125512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_135513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_145513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_155513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_165514.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_175515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_185515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_195515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_205516.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_215517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_225517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_235517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_000408.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_085222.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_095223.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_105223.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_115224.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_125224.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_135225.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_145226.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_151026.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_151926.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152206.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152732.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152925.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_214501.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_224502.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_234502.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_004503.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_011104.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_101423.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_111424.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_121425.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_125856.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_160157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_170157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_180157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_181711.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_182510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_192511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_202511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_205237.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_205806.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_213443.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_223444.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_233444.sent
c:\users\Radek\AppData\Local\Akamai\netsession_installer.exe
c:\users\Radek\AppData\Local\Akamai\netsession_win.exe
c:\users\Radek\AppData\Local\Akamai\readme.txt
c:\users\Radek\AppData\Local\Akamai\root.pem
c:\users\Radek\AppData\Local\Akamai\rswinui.exe
c:\users\Radek\AppData\Local\Akamai\uninstall.exe
c:\users\Radek\AppData\Local\Akamai\user.dat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-04 13:21 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-04 13:06 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 03:28 . 2014-01-10 18:29 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\mpengine.dll
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Akamai - c:\users\Radek\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Celkový čas: 2014-01-11 11:08:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-11 10:08
ComboFix2.txt 2014-01-10 21:26
ComboFix3.txt 2014-01-10 21:17
.
Před spuštěním: Volných bajtů: 33 105 559 552
Po spuštění: Volných bajtů: 33 013 465 088
.
- - End Of File - - 277F79A985B1FD9A43DBCFE7E62513FB
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-01-08.03 - Radek 11.01.2014 1:27.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4498 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radek\Desktop\CFScript.TXT
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radek\AppData\Local\Akamai
c:\users\Radek\AppData\Local\Akamai\admintool.exe
c:\users\Radek\AppData\Local\Akamai\client.ini
c:\users\Radek\AppData\Local\Akamai\ControlPanel.exe
c:\users\Radek\AppData\Local\Akamai\CplTasks.xml
c:\users\Radek\AppData\Local\Akamai\euc_state.json
c:\users\Radek\AppData\Local\Akamai\extraroot.pem
c:\users\Radek\AppData\Local\Akamai\guid.ini
c:\users\Radek\AppData\Local\Akamai\installer.txt
c:\users\Radek\AppData\Local\Akamai\Languages\csy.dll
c:\users\Radek\AppData\Local\Akamai\Languages\dan.dll
c:\users\Radek\AppData\Local\Akamai\Languages\deu.dll
c:\users\Radek\AppData\Local\Akamai\Languages\esp.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fin.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fra.dll
c:\users\Radek\AppData\Local\Akamai\Languages\chs.dll
c:\users\Radek\AppData\Local\Akamai\Languages\cht.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ita.dll
c:\users\Radek\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Radek\AppData\Local\Akamai\Languages\kor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nld.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\plk.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Radek\AppData\Local\Akamai\Languages\rus.dll
c:\users\Radek\AppData\Local\Akamai\Languages\sve.dll
c:\users\Radek\AppData\Local\Akamai\Languages\trk.dll
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140104_001357.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140104_102042.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_003525.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_101613.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_102512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_105126.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140105_235305.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140106_103703.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140107_003405.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140107_085428.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_000409.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_085151.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_151027.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_151859.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152206.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152712.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140108_152925.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140109_214445.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_011104.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_101407.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_125857.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_160130.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_181711.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_182455.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_205238.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_205737.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140110_213429.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_000832.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_001357.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_102116.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_112116.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_122117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_132117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_142117.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_152118.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_162118.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_172119.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_182120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_192120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_202120.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_212121.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_222122.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140104_232122.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_002123.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_003524.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_101641.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_102511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_105152.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_115152.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_125153.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_135153.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_145154.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_155155.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_165155.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_175156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_185156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_195156.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_205157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_215158.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_225158.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_235159.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140105_235304.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_103722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_113722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_123722.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_133723.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_143724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_153724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_163724.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_173725.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_183725.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_193726.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_203727.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_213728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_223728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140106_233728.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_003404.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_085510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_095510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_105511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_115512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_125512.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_135513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_145513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_155513.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_165514.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_175515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_185515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_195515.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_205516.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_215517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_225517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140107_235517.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_000408.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_085222.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_095223.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_105223.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_115224.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_125224.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_135225.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_145226.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_151026.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_151926.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152206.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152732.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140108_152925.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_214501.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_224502.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140109_234502.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_004503.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_011104.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_101423.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_111424.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_121425.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_125856.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_160157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_170157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_180157.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_181711.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_182510.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_192511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_202511.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_205237.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_205806.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_213443.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_223444.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140110_233444.sent
c:\users\Radek\AppData\Local\Akamai\netsession_installer.exe
c:\users\Radek\AppData\Local\Akamai\netsession_win.exe
c:\users\Radek\AppData\Local\Akamai\readme.txt
c:\users\Radek\AppData\Local\Akamai\root.pem
c:\users\Radek\AppData\Local\Akamai\rswinui.exe
c:\users\Radek\AppData\Local\Akamai\uninstall.exe
c:\users\Radek\AppData\Local\Akamai\user.dat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-10 19:01 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-04 13:21 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-04 13:06 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 03:28 . 2014-01-10 18:29 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C02A59CB-FEC2-403F-85D8-9DF2A965B0A0}\mpengine.dll
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Akamai - c:\users\Radek\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Celkový čas: 2014-01-11 11:08:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-11 10:08
ComboFix2.txt 2014-01-10 21:26
ComboFix3.txt 2014-01-10 21:17
.
Před spuštěním: Volných bajtů: 33 105 559 552
Po spuštění: Volných bajtů: 33 013 465 088
.
- - End Of File - - 277F79A985B1FD9A43DBCFE7E62513FB
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Vše smazáno, log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
Tak vše vypadalo OK, nicméně opět na mě při prohlížení internetu vyskočilo opět to okno "Policie ČR" s tím že můj PC byl zablokován atd..., tak jsem zase provedl obnovu systému, dávám logy z RSIT a ComboFix:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2014-01-11 17:44:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (12%) free of 278 GB
Total RAM: 6121 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:44:12, on 11.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Radek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [msi LED Manager] C:\Program Files (x86)\msi\msi LED Manager\SLM.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12237 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000069c
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\FSP\FspUip.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe"
"C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe"
"C:/Users/Radek/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Radek\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-05 545224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-05 193480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-14 11777128]
"fspuip"=C:\Program Files\FSP\fspuip.exe [2010-06-07 3650048]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2009-10-15 17920]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"Akamai NetSession Interface"=C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"Voobly"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-11-05 2482176]
"Cinema ProII AP"=C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [2011-01-25 200192]
"Cinema ProII Controler"=C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [2010-06-25 1689600]
"NVIDIAOCAP"=C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [2010-10-20 83456]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-11-18 1351680]
"UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
"msi LED Manager"=C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2010-07-29 2795008]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-20 684600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0
"NoDriveTypeAutoRun"=145
"NoDrives"=8388608
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - C:\windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2014-01-11 17:44:06 ----D---- C:\rsit
2014-01-11 01:34:41 ----D---- C:\windows\temp
2014-01-10 22:00:22 ----D---- C:\Qoobox
2014-01-10 19:52:04 ----D---- C:\Program Files\trend micro
2014-01-04 14:19:51 ----D---- C:\Program Files (x86)\Panzers2
2014-01-04 14:05:18 ----D---- C:\Program Files (x86)\Panzers1
2013-12-20 18:53:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-14 00:33:58 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-14 00:33:58 ----A---- C:\windows\system32\wmploc.DLL
2013-12-14 00:33:57 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-14 00:33:56 ----A---- C:\windows\system32\wmp.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\iernonce.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-14 00:32:33 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\mshtml.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\iesetup.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-14 00:32:32 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\iertutil.dll
2013-12-14 00:32:30 ----A---- C:\windows\system32\ieframe.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-14 00:32:28 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-14 00:32:28 ----A---- C:\windows\system32\jscript9.dll
2013-12-13 15:48:08 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-13 15:48:08 ----A---- C:\windows\system32\msieftp.dll
2013-12-13 15:48:07 ----A---- C:\windows\system32\win32k.sys
2013-12-13 15:48:02 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-13 15:48:02 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-13 15:47:32 ----A---- C:\windows\system32\imagehlp.dll
2013-12-13 15:47:31 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-13 15:42:32 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-13 15:42:32 ----A---- C:\windows\system32\tzres.dll
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\system32\cscript.exe
======List of files/folders modified in the last 1 month======
2014-01-11 17:44:12 ----D---- C:\windows\Prefetch
2014-01-11 17:43:16 ----D---- C:\windows\system32\config
2014-01-11 17:20:11 ----D---- C:\windows\system32\wbem
2014-01-11 17:20:11 ----D---- C:\Windows
2014-01-11 17:18:21 ----SHD---- C:\windows\Installer
2014-01-11 17:18:21 ----RSD---- C:\windows\Fonts
2014-01-11 17:18:21 ----D---- C:\windows\Tasks
2014-01-11 17:18:21 ----D---- C:\windows\TAPI
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\sda
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\RTCOM
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\Recovery
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-01-11 17:18:21 ----D---- C:\windows\SysWOW64
2014-01-11 17:18:21 ----D---- C:\windows\system32\wfp
2014-01-11 17:18:21 ----D---- C:\windows\system32\Msdtc
2014-01-11 17:18:21 ----D---- C:\windows\system32\DriverStore
2014-01-11 17:18:21 ----D---- C:\windows\system32\drivers\etc
2014-01-11 17:18:21 ----D---- C:\windows\system32\drivers
2014-01-11 17:18:21 ----D---- C:\windows\system32\catroot2
2014-01-11 17:18:21 ----D---- C:\windows\System32
2014-01-11 17:18:21 ----D---- C:\windows\inf
2014-01-11 17:18:21 ----D---- C:\Program Files\FSP
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\WinRAR 3.61 Multi
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\System Control Manager
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\Stone Giant
2014-01-11 17:18:20 ----D---- C:\Program Files\Windows Sidebar
2014-01-11 17:18:20 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-11 17:18:20 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-01-11 17:18:19 ----D---- C:\windows\The Operational Art of War III
2014-01-11 17:18:19 ----D---- C:\windows\SYSWOW64\wbem
2014-01-11 17:18:18 ----D---- C:\windows\SYSWOW64\en-US
2014-01-11 17:18:17 ----D---- C:\windows\SYSWOW64\directx
2014-01-11 17:18:17 ----D---- C:\windows\SYSWOW64\Adobe
2014-01-11 17:18:17 ----D---- C:\windows\system32\Tasks
2014-01-11 17:18:16 ----D---- C:\windows\system32\sysprep
2014-01-11 17:18:16 ----D---- C:\windows\system32\oobe
2014-01-11 17:18:16 ----D---- C:\windows\system32\NDF
2014-01-11 17:18:15 ----D---- C:\windows\system32\en-US
2014-01-11 17:18:14 ----D---- C:\windows\system32\cs-CZ
2014-01-11 17:18:14 ----D---- C:\windows\system32\CodeIntegrity
2014-01-11 17:18:13 ----D---- C:\windows\SymActive
2014-01-11 17:18:13 ----D---- C:\windows\ShellNew
2014-01-11 17:18:13 ----D---- C:\windows\Setup
2014-01-11 17:18:13 ----D---- C:\windows\security
2014-01-11 17:18:13 ----D---- C:\windows\RE_DRIVE
2014-01-11 17:18:13 ----D---- C:\windows\Microsoft.NET
2014-01-11 17:18:00 ----D---- C:\windows\Help
2014-01-11 17:17:56 ----D---- C:\windows\ehome
2014-01-11 17:17:56 ----D---- C:\windows\Downloaded Program Files
2014-01-11 17:17:55 ----RSD---- C:\windows\assembly
2014-01-11 17:17:44 ----SD---- C:\Users\Radek\AppData\Roaming\Microsoft
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\uTorrent
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\Soldat
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\PSpad
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\Dev-Cpp
2014-01-11 17:17:44 ----D---- C:\windows\AppCompat
2014-01-11 17:17:44 ----D---- C:\Utility
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\poclbm
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\MultiBit
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\HyperLobby
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\dvdcss
2014-01-11 17:17:39 ----HD---- C:\Users\Radek\AppData\Roaming\.minecraft
2014-01-11 17:17:39 ----D---- C:\Users\Radek\AppData\Roaming\Audacity
2014-01-11 17:17:35 ----HD---- C:\ProgramData
2014-01-11 17:17:35 ----D---- C:\ProgramData\Microsoft Help
2014-01-11 17:17:35 ----D---- C:\ProgramData\FLEXnet
2014-01-11 17:17:35 ----D---- C:\ProgramData\DivX
2014-01-11 17:17:35 ----D---- C:\ProgramData\Ask
2014-01-11 17:17:35 ----D---- C:\ProgramData\Apple Computer
2014-01-11 17:17:35 ----D---- C:\ProgramData\Apple
2014-01-11 17:17:35 ----D---- C:\ProgramData\Activ Software
2014-01-11 17:17:34 ----RD---- C:\Program Files
2014-01-11 17:17:34 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-01-11 17:17:34 ----D---- C:\Program Files\Realtek
2014-01-11 17:17:34 ----D---- C:\Program Files\Microsoft Silverlight
2014-01-11 17:17:29 ----D---- C:\Program Files\Microsoft Games
2014-01-11 17:17:29 ----D---- C:\Program Files\Internet Explorer
2014-01-11 17:17:28 ----D---- C:\Program Files\DivX
2014-01-11 17:17:27 ----D---- C:\Program Files\Corel
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\System
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\DESIGNER
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files
2014-01-11 17:17:26 ----D---- C:\Program Files\CCleaner
2014-01-11 17:17:13 ----D---- C:\Program Files (x86)\World_of_Tanks
2014-01-11 17:17:13 ----D---- C:\Program Files (x86)\WinSCP
2014-01-11 17:17:12 ----RD---- C:\Program Files (x86)
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\Windows Live
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\WiFiFileSender
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\Voobly
2014-01-11 17:17:11 ----D---- C:\Program Files (x86)\Valve
2014-01-11 17:17:11 ----D---- C:\Program Files (x86)\uTorrent
2014-01-11 17:17:02 ----D---- C:\Program Files (x86)\Steam
2014-01-11 17:17:00 ----D---- C:\Program Files (x86)\Renesas Electronics
2014-01-11 17:16:59 ----D---- C:\Program Files (x86)\Realtek
2014-01-11 17:16:59 ----D---- C:\Program Files (x86)\QuickTime
2014-01-11 17:16:55 ----D---- C:\Program Files (x86)\PSPad editor
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\OpenAL
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\MultiBit-0.5.13
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\MSI
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\MSBuild
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-01-11 17:16:52 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2014-01-11 17:16:50 ----D---- C:\Program Files (x86)\Lame For Audacity
2014-01-11 17:16:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-11 17:16:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\HyperLobby client
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\GamePark
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\FlatOut2
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\ffdshow
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\Far Cry 3
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\Falcon BMS 4.32
2014-01-11 17:16:45 ----D---- C:\Program Files (x86)\DWG TrueView 2014
2014-01-11 17:16:45 ----D---- C:\Program Files (x86)\DivX
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\Counter-Strike Source
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\Common Files
2014-01-11 17:16:41 ----D---- C:\Program Files (x86)\Codemasters
2014-01-11 17:16:41 ----D---- C:\Program Files (x86)\Calibre2
2014-01-11 17:16:40 ----D---- C:\Program Files (x86)\BRS
2014-01-11 17:16:40 ----D---- C:\Program Files (x86)\Age Of Empires II
2014-01-11 17:16:39 ----D---- C:\Program Files (x86)\Adobe Media Player
2014-01-11 17:16:21 ----SHD---- C:\$RECYCLE.BIN
2014-01-11 17:13:22 ----D---- C:\windows\registration
2014-01-11 17:13:19 ----D---- C:\windows\Web
2014-01-11 17:13:19 ----D---- C:\windows\Vss
2014-01-11 17:13:18 ----D---- C:\windows\SYSWOW64\XPSViewer
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\winrm
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\WindowsPowerShell
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\wdi
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\WCN
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\spp
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\Speech
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\slmgr
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\sk-SK
2014-01-11 17:13:14 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts
2014-01-11 17:13:13 ----D---- C:\windows\SYSWOW64\NetworkList
2014-01-11 17:13:13 ----D---- C:\windows\SYSWOW64\MUI
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\Msdtc
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\migwiz
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\migration
2014-01-11 17:13:10 ----D---- C:\windows\SYSWOW64\Macromed
2014-01-11 17:13:10 ----D---- C:\windows\SYSWOW64\lv-LV
2014-01-11 17:13:09 ----D---- C:\windows\SYSWOW64\lt-LT
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\InstallShield
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\IME
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\hu-HU
2014-01-11 17:13:07 ----D---- C:\windows\SYSWOW64\et-EE
2014-01-11 17:13:06 ----D---- C:\windows\SYSWOW64\drivers
2014-01-11 17:13:06 ----D---- C:\windows\SYSWOW64\Dism
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\config
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\com
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\bg-BG
2014-01-11 17:12:58 ----D---- C:\windows\system32\winrm
2014-01-11 17:12:58 ----D---- C:\windows\system32\WindowsPowerShell
2014-01-11 17:12:58 ----D---- C:\windows\system32\WinBioPlugIns
2014-01-11 17:12:58 ----D---- C:\windows\system32\wdi
2014-01-11 17:12:57 ----D---- C:\windows\system32\WCN
2014-01-11 17:12:52 ----D---- C:\windows\system32\spp
2014-01-11 17:12:52 ----D---- C:\windows\system32\spool
2014-01-11 17:12:47 ----D---- C:\windows\system32\Speech
2014-01-11 17:12:47 ----D---- C:\windows\system32\SMI
2014-01-11 17:12:47 ----D---- C:\windows\system32\slmgr
2014-01-11 17:12:46 ----D---- C:\windows\system32\sk-SK
2014-01-11 17:12:46 ----D---- C:\windows\system32\Printing_Admin_Scripts
2014-01-11 17:12:39 ----D---- C:\windows\system32\NetworkList
2014-01-11 17:12:39 ----D---- C:\windows\system32\MUI
2014-01-11 17:12:37 ----D---- C:\windows\system32\migwiz
2014-01-11 17:12:37 ----D---- C:\windows\system32\migration
2014-01-11 17:12:36 ----D---- C:\windows\system32\Macromed
2014-01-11 17:12:35 ----D---- C:\windows\system32\lv-LV
2014-01-11 17:12:35 ----D---- C:\windows\system32\lt-LT
2014-01-11 17:12:34 ----D---- C:\windows\system32\IME
2014-01-11 17:12:34 ----D---- C:\windows\system32\hu-HU
2014-01-11 17:12:32 ----D---- C:\windows\system32\et-EE
2014-01-11 17:12:31 ----D---- C:\windows\system32\drivers\UMDF
2014-01-11 17:12:28 ----D---- C:\windows\system32\Dism
2014-01-11 17:12:25 ----D---- C:\windows\system32\com
2014-01-11 17:11:59 ----D---- C:\windows\system32\catroot
2014-01-11 17:11:57 ----D---- C:\windows\system32\bg-BG
2014-01-11 17:11:56 ----D---- C:\windows\Speech
2014-01-11 17:11:55 ----D---- C:\windows\schemas
2014-01-11 17:11:55 ----D---- C:\windows\ServiceProfiles
2014-01-11 17:11:55 ----D---- C:\windows\Resources
2014-01-11 17:11:51 ----D---- C:\windows\PolicyDefinitions
2014-01-11 17:11:51 ----D---- C:\windows\PLA
2014-01-11 17:11:50 ----D---- C:\windows\Performance
2014-01-11 17:06:55 ----D---- C:\windows\IME
2014-01-11 17:06:53 ----D---- C:\windows\Globalization
2014-01-11 17:06:30 ----D---- C:\windows\Branding
2014-01-11 17:04:28 ----D---- C:\windows\AppPatch
2014-01-11 17:04:19 ----HD---- C:\Users\Radek\AppData\Roaming\wargaming.net
2014-01-11 17:04:18 ----HD---- C:\Users\Radek\AppData\Roaming\SoftGrid Client
2014-01-11 17:04:18 ----D---- C:\Users\Radek\AppData\Roaming\Music Recognition
2014-01-11 17:04:18 ----D---- C:\Users\Radek\AppData\Roaming\Mozilla
2014-01-11 17:04:13 ----D---- C:\Users\Radek\AppData\Roaming\GameRanger
2014-01-11 17:04:11 ----HD---- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
2014-01-11 17:04:10 ----HD---- C:\Users\Radek\AppData\Roaming\Bradsoft.com
2014-01-11 17:04:09 ----HD---- C:\Users\Radek\AppData\Roaming\Adobe
2014-01-11 17:04:09 ----D---- C:\Users\Radek\AppData\Roaming\Autodesk
2014-01-11 17:04:08 ----HD---- C:\Users\Radek\AppData\Roaming\ACTIV Software
2014-01-11 17:03:55 ----RD---- C:\Users
2014-01-11 17:03:48 ----D---- C:\ProgramData\Orbit
2014-01-11 17:03:36 ----D---- C:\ProgramData\Avira
2014-01-11 17:03:35 ----D---- C:\ProgramData\Autodesk
2014-01-11 17:03:35 ----D---- C:\ProgramData\Adobe
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Photo Viewer
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows NT
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Media Player
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Mail
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Journal
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Defender
2014-01-11 17:03:30 ----D---- C:\Program Files\Ubisoft
2014-01-11 17:03:22 ----D---- C:\Program Files\Reference Assemblies
2014-01-11 17:03:19 ----D---- C:\Program Files\MSBuild
2014-01-11 17:03:19 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-01-11 17:03:19 ----D---- C:\Program Files\Microsoft Sync Framework
2014-01-11 17:03:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-11 17:02:36 ----D---- C:\Program Files\Microsoft Office
2014-01-11 17:02:35 ----D---- C:\Program Files\Microsoft Help Viewer
2014-01-11 17:02:29 ----D---- C:\Program Files\Microsoft Analysis Services
2014-01-11 17:02:23 ----D---- C:\Program Files\Java
2014-01-11 17:02:11 ----D---- C:\Program Files\Eagle Dynamics
2014-01-11 17:02:11 ----D---- C:\Program Files\DVD Maker
2014-01-11 17:02:09 ----D---- C:\Program Files\Common Files\SpeechEngines
2014-01-11 17:01:57 ----D---- C:\Program Files\Common Files\Macrovision Shared
2014-01-11 16:59:48 ----D---- C:\Program Files\Autodesk
2014-01-11 16:59:08 ----D---- C:\Program Files\Adobe
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows NT
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Media Player
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Mail
2014-01-11 16:59:04 ----D---- C:\Program Files (x86)\Windows Defender
2014-01-11 16:58:47 ----D---- C:\Program Files (x86)\VideoLAN
2014-01-11 16:57:45 ----D---- C:\Program Files (x86)\Ubisoft
2014-01-11 16:56:49 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-01-11 16:56:39 ----D---- C:\Program Files (x86)\ParetoLogic
2014-01-11 16:56:35 ----D---- C:\Program Files (x86)\Oracle
2014-01-11 16:56:35 ----D---- C:\Program Files (x86)\Oovee
2014-01-11 16:56:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 16:56:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-11 16:56:27 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-11 16:56:16 ----D---- C:\Program Files (x86)\Microsoft Office
2014-01-11 16:56:16 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-01-11 16:56:11 ----D---- C:\Program Files (x86)\MicroProse
2014-01-11 16:56:07 ----D---- C:\Program Files (x86)\Java
2014-01-11 16:56:06 ----D---- C:\Program Files (x86)\Intel
2014-01-11 16:55:51 ----D---- C:\Program Files (x86)\Google
2014-01-11 16:55:35 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-11 16:55:24 ----D---- C:\Program Files (x86)\EA SPORTS
2014-01-11 16:55:16 ----D---- C:\Program Files (x86)\Creative
2014-01-11 16:54:14 ----D---- C:\Program Files (x86)\Avira
2014-01-11 16:54:08 ----D---- C:\Program Files (x86)\Autodesk
2014-01-11 16:53:44 ----D---- C:\Program Files (x86)\Adobe
2014-01-11 16:53:39 ----D---- C:\Program Files (x86)\Abbequerque Inc
2014-01-11 16:53:18 ----RHD---- C:\MSOCache
2014-01-11 16:53:11 ----SHD---- C:\Boot
2014-01-11 16:53:11 ----D---- C:\Matrix Games
2014-01-11 16:50:00 ----D---- C:\Autodesk
2014-01-11 16:47:46 ----SHD---- C:\System Volume Information
2014-01-11 15:58:56 ----D---- C:\Users\Radek\AppData\Roaming\TS3Client
2014-01-10 11:18:20 ----A---- C:\windows\SYSWOW64\PnkBstrB.exe
2014-01-09 22:41:56 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-12-30 22:22:02 ----D---- C:\windows\Panther
2013-12-30 22:22:02 ----D---- C:\windows\Logs
2013-12-30 22:22:02 ----D---- C:\windows\debug
2013-12-30 19:50:55 ----D---- C:\ProgramData\boost_interprocess
2013-12-15 12:15:31 ----D---- C:\windows\system32\MRT
2013-12-15 12:14:03 ----A---- C:\windows\system32\MRT.exe
2013-12-14 15:07:13 ----D---- C:\windows\winsxs
2013-12-13 16:20:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-12-20 131576]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-23 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-12-20 108440]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\drivers\fspad_wlh64.sys [2010-06-07 52224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-02-15 2741736]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-07-04 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64; C:\windows\system32\drivers\fspad_xp64.sys [2010-06-07 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\drivers\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-29 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-20 440376]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSI Foundation Service;MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-17 12800]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-13 1007208]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2012-08-27 76888]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-28 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
ComboFix 14-01-08.03 - Radek 11.01.2014 17:55:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4230 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radek\AppData\Roaming\poclbm
c:\users\Radek\AppData\Roaming\poclbm\poclbm.ini
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\SysWow64\Config.ini
c:\windows\SysWow64\tmpE644.tmp
c:\windows\SysWow64\tmpE645.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 17:02 . 2014-01-11 17:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Voobly - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-11 18:09:35
ComboFix-quarantined-files.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 34 648 961 024
Po spuštění: Volných bajtů: 34 343 936 000
.
- - End Of File - - F6C2C2D95700478741B914033F313C7D
A36C5E4F47E84449FF07ED3517B43A31
Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2014-01-11 17:44:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (12%) free of 278 GB
Total RAM: 6121 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:44:12, on 11.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe
C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Radek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
O4 - HKLM\..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
O4 - HKLM\..\Run: [NVIDIAOCAP] C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE
O4 - HKLM\..\Run: [msi LED Manager] C:\Program Files (x86)\msi\msi LED Manager\SLM.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12237 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000069c
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\FSP\FspUip.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\rundll32.exe" C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe"
"C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe"
"C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\MSI\msi LED Manager\SLM.exe"
"C:/Users/Radek/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Radek\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-05 545224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-05 193480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-14 11777128]
"fspuip"=C:\Program Files\FSP\fspuip.exe [2010-06-07 3650048]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"THXCfg64"=C:\windows\system32\THXCfg64.dll [2009-10-15 17920]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"Akamai NetSession Interface"=C:\Users\Radek\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]
"Voobly"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-13 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2010-11-05 2482176]
"Cinema ProII AP"=C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe [2011-01-25 200192]
"Cinema ProII Controler"=C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe [2010-06-25 1689600]
"NVIDIAOCAP"=C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [2010-10-20 83456]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-11-18 1351680]
"UpdReg"=C:\windows\UpdReg.EXE [2000-05-11 90112]
"msi LED Manager"=C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2010-07-29 2795008]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-12-20 684600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0
"NoDriveTypeAutoRun"=145
"NoDrives"=8388608
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - C:\windows\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2014-01-11 17:44:06 ----D---- C:\rsit
2014-01-11 01:34:41 ----D---- C:\windows\temp
2014-01-10 22:00:22 ----D---- C:\Qoobox
2014-01-10 19:52:04 ----D---- C:\Program Files\trend micro
2014-01-04 14:19:51 ----D---- C:\Program Files (x86)\Panzers2
2014-01-04 14:05:18 ----D---- C:\Program Files (x86)\Panzers1
2013-12-20 18:53:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-14 00:33:58 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2013-12-14 00:33:58 ----A---- C:\windows\system32\wmploc.DLL
2013-12-14 00:33:57 ----A---- C:\windows\SYSWOW64\wmp.dll
2013-12-14 00:33:56 ----A---- C:\windows\system32\wmp.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\jsproxy.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieui.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\iernonce.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-14 00:32:34 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-14 00:32:33 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\mshtml.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\iesetup.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-14 00:32:33 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-14 00:32:32 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\wininet.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\urlmon.dll
2013-12-14 00:32:31 ----A---- C:\windows\system32\iertutil.dll
2013-12-14 00:32:30 ----A---- C:\windows\system32\ieframe.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-14 00:32:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-14 00:32:28 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-14 00:32:28 ----A---- C:\windows\system32\jscript9.dll
2013-12-13 15:48:08 ----A---- C:\windows\SYSWOW64\msieftp.dll
2013-12-13 15:48:08 ----A---- C:\windows\system32\msieftp.dll
2013-12-13 15:48:07 ----A---- C:\windows\system32\win32k.sys
2013-12-13 15:48:02 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-12-13 15:48:02 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-13 15:47:32 ----A---- C:\windows\system32\imagehlp.dll
2013-12-13 15:47:31 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2013-12-13 15:42:32 ----A---- C:\windows\SYSWOW64\tzres.dll
2013-12-13 15:42:32 ----A---- C:\windows\system32\tzres.dll
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-13 15:42:28 ----A---- C:\windows\system32\drivers\drmk.sys
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\SYSWOW64\cscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\wscript.exe
2013-12-13 15:42:26 ----A---- C:\windows\system32\scrrun.dll
2013-12-13 15:42:26 ----A---- C:\windows\system32\cscript.exe
======List of files/folders modified in the last 1 month======
2014-01-11 17:44:12 ----D---- C:\windows\Prefetch
2014-01-11 17:43:16 ----D---- C:\windows\system32\config
2014-01-11 17:20:11 ----D---- C:\windows\system32\wbem
2014-01-11 17:20:11 ----D---- C:\Windows
2014-01-11 17:18:21 ----SHD---- C:\windows\Installer
2014-01-11 17:18:21 ----RSD---- C:\windows\Fonts
2014-01-11 17:18:21 ----D---- C:\windows\Tasks
2014-01-11 17:18:21 ----D---- C:\windows\TAPI
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\sda
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\RTCOM
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\Recovery
2014-01-11 17:18:21 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-01-11 17:18:21 ----D---- C:\windows\SysWOW64
2014-01-11 17:18:21 ----D---- C:\windows\system32\wfp
2014-01-11 17:18:21 ----D---- C:\windows\system32\Msdtc
2014-01-11 17:18:21 ----D---- C:\windows\system32\DriverStore
2014-01-11 17:18:21 ----D---- C:\windows\system32\drivers\etc
2014-01-11 17:18:21 ----D---- C:\windows\system32\drivers
2014-01-11 17:18:21 ----D---- C:\windows\system32\catroot2
2014-01-11 17:18:21 ----D---- C:\windows\System32
2014-01-11 17:18:21 ----D---- C:\windows\inf
2014-01-11 17:18:21 ----D---- C:\Program Files\FSP
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\WinRAR 3.61 Multi
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\System Control Manager
2014-01-11 17:18:21 ----D---- C:\Program Files (x86)\Stone Giant
2014-01-11 17:18:20 ----D---- C:\Program Files\Windows Sidebar
2014-01-11 17:18:20 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-11 17:18:20 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-01-11 17:18:19 ----D---- C:\windows\The Operational Art of War III
2014-01-11 17:18:19 ----D---- C:\windows\SYSWOW64\wbem
2014-01-11 17:18:18 ----D---- C:\windows\SYSWOW64\en-US
2014-01-11 17:18:17 ----D---- C:\windows\SYSWOW64\directx
2014-01-11 17:18:17 ----D---- C:\windows\SYSWOW64\Adobe
2014-01-11 17:18:17 ----D---- C:\windows\system32\Tasks
2014-01-11 17:18:16 ----D---- C:\windows\system32\sysprep
2014-01-11 17:18:16 ----D---- C:\windows\system32\oobe
2014-01-11 17:18:16 ----D---- C:\windows\system32\NDF
2014-01-11 17:18:15 ----D---- C:\windows\system32\en-US
2014-01-11 17:18:14 ----D---- C:\windows\system32\cs-CZ
2014-01-11 17:18:14 ----D---- C:\windows\system32\CodeIntegrity
2014-01-11 17:18:13 ----D---- C:\windows\SymActive
2014-01-11 17:18:13 ----D---- C:\windows\ShellNew
2014-01-11 17:18:13 ----D---- C:\windows\Setup
2014-01-11 17:18:13 ----D---- C:\windows\security
2014-01-11 17:18:13 ----D---- C:\windows\RE_DRIVE
2014-01-11 17:18:13 ----D---- C:\windows\Microsoft.NET
2014-01-11 17:18:00 ----D---- C:\windows\Help
2014-01-11 17:17:56 ----D---- C:\windows\ehome
2014-01-11 17:17:56 ----D---- C:\windows\Downloaded Program Files
2014-01-11 17:17:55 ----RSD---- C:\windows\assembly
2014-01-11 17:17:44 ----SD---- C:\Users\Radek\AppData\Roaming\Microsoft
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\uTorrent
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\Soldat
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\PSpad
2014-01-11 17:17:44 ----HD---- C:\Users\Radek\AppData\Roaming\Dev-Cpp
2014-01-11 17:17:44 ----D---- C:\windows\AppCompat
2014-01-11 17:17:44 ----D---- C:\Utility
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\poclbm
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\MultiBit
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\HyperLobby
2014-01-11 17:17:44 ----D---- C:\Users\Radek\AppData\Roaming\dvdcss
2014-01-11 17:17:39 ----HD---- C:\Users\Radek\AppData\Roaming\.minecraft
2014-01-11 17:17:39 ----D---- C:\Users\Radek\AppData\Roaming\Audacity
2014-01-11 17:17:35 ----HD---- C:\ProgramData
2014-01-11 17:17:35 ----D---- C:\ProgramData\Microsoft Help
2014-01-11 17:17:35 ----D---- C:\ProgramData\FLEXnet
2014-01-11 17:17:35 ----D---- C:\ProgramData\DivX
2014-01-11 17:17:35 ----D---- C:\ProgramData\Ask
2014-01-11 17:17:35 ----D---- C:\ProgramData\Apple Computer
2014-01-11 17:17:35 ----D---- C:\ProgramData\Apple
2014-01-11 17:17:35 ----D---- C:\ProgramData\Activ Software
2014-01-11 17:17:34 ----RD---- C:\Program Files
2014-01-11 17:17:34 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-01-11 17:17:34 ----D---- C:\Program Files\Realtek
2014-01-11 17:17:34 ----D---- C:\Program Files\Microsoft Silverlight
2014-01-11 17:17:29 ----D---- C:\Program Files\Microsoft Games
2014-01-11 17:17:29 ----D---- C:\Program Files\Internet Explorer
2014-01-11 17:17:28 ----D---- C:\Program Files\DivX
2014-01-11 17:17:27 ----D---- C:\Program Files\Corel
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\System
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\DESIGNER
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-01-11 17:17:27 ----D---- C:\Program Files\Common Files
2014-01-11 17:17:26 ----D---- C:\Program Files\CCleaner
2014-01-11 17:17:13 ----D---- C:\Program Files (x86)\World_of_Tanks
2014-01-11 17:17:13 ----D---- C:\Program Files (x86)\WinSCP
2014-01-11 17:17:12 ----RD---- C:\Program Files (x86)
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\Windows Live
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\WiFiFileSender
2014-01-11 17:17:12 ----D---- C:\Program Files (x86)\Voobly
2014-01-11 17:17:11 ----D---- C:\Program Files (x86)\Valve
2014-01-11 17:17:11 ----D---- C:\Program Files (x86)\uTorrent
2014-01-11 17:17:02 ----D---- C:\Program Files (x86)\Steam
2014-01-11 17:17:00 ----D---- C:\Program Files (x86)\Renesas Electronics
2014-01-11 17:16:59 ----D---- C:\Program Files (x86)\Realtek
2014-01-11 17:16:59 ----D---- C:\Program Files (x86)\QuickTime
2014-01-11 17:16:55 ----D---- C:\Program Files (x86)\PSPad editor
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\OpenAL
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\MultiBit-0.5.13
2014-01-11 17:16:54 ----D---- C:\Program Files (x86)\MSI
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\MSBuild
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-11 17:16:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-01-11 17:16:52 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2014-01-11 17:16:50 ----D---- C:\Program Files (x86)\Lame For Audacity
2014-01-11 17:16:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-11 17:16:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\HyperLobby client
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\GamePark
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\FlatOut2
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\ffdshow
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\Far Cry 3
2014-01-11 17:16:48 ----D---- C:\Program Files (x86)\Falcon BMS 4.32
2014-01-11 17:16:45 ----D---- C:\Program Files (x86)\DWG TrueView 2014
2014-01-11 17:16:45 ----D---- C:\Program Files (x86)\DivX
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\Counter-Strike Source
2014-01-11 17:16:44 ----D---- C:\Program Files (x86)\Common Files
2014-01-11 17:16:41 ----D---- C:\Program Files (x86)\Codemasters
2014-01-11 17:16:41 ----D---- C:\Program Files (x86)\Calibre2
2014-01-11 17:16:40 ----D---- C:\Program Files (x86)\BRS
2014-01-11 17:16:40 ----D---- C:\Program Files (x86)\Age Of Empires II
2014-01-11 17:16:39 ----D---- C:\Program Files (x86)\Adobe Media Player
2014-01-11 17:16:21 ----SHD---- C:\$RECYCLE.BIN
2014-01-11 17:13:22 ----D---- C:\windows\registration
2014-01-11 17:13:19 ----D---- C:\windows\Web
2014-01-11 17:13:19 ----D---- C:\windows\Vss
2014-01-11 17:13:18 ----D---- C:\windows\SYSWOW64\XPSViewer
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\winrm
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\WindowsPowerShell
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\wdi
2014-01-11 17:13:17 ----D---- C:\windows\SYSWOW64\WCN
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\spp
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\Speech
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\slmgr
2014-01-11 17:13:16 ----D---- C:\windows\SYSWOW64\sk-SK
2014-01-11 17:13:14 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts
2014-01-11 17:13:13 ----D---- C:\windows\SYSWOW64\NetworkList
2014-01-11 17:13:13 ----D---- C:\windows\SYSWOW64\MUI
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\Msdtc
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\migwiz
2014-01-11 17:13:12 ----D---- C:\windows\SYSWOW64\migration
2014-01-11 17:13:10 ----D---- C:\windows\SYSWOW64\Macromed
2014-01-11 17:13:10 ----D---- C:\windows\SYSWOW64\lv-LV
2014-01-11 17:13:09 ----D---- C:\windows\SYSWOW64\lt-LT
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\InstallShield
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\IME
2014-01-11 17:13:08 ----D---- C:\windows\SYSWOW64\hu-HU
2014-01-11 17:13:07 ----D---- C:\windows\SYSWOW64\et-EE
2014-01-11 17:13:06 ----D---- C:\windows\SYSWOW64\drivers
2014-01-11 17:13:06 ----D---- C:\windows\SYSWOW64\Dism
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\config
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\com
2014-01-11 17:13:01 ----D---- C:\windows\SYSWOW64\bg-BG
2014-01-11 17:12:58 ----D---- C:\windows\system32\winrm
2014-01-11 17:12:58 ----D---- C:\windows\system32\WindowsPowerShell
2014-01-11 17:12:58 ----D---- C:\windows\system32\WinBioPlugIns
2014-01-11 17:12:58 ----D---- C:\windows\system32\wdi
2014-01-11 17:12:57 ----D---- C:\windows\system32\WCN
2014-01-11 17:12:52 ----D---- C:\windows\system32\spp
2014-01-11 17:12:52 ----D---- C:\windows\system32\spool
2014-01-11 17:12:47 ----D---- C:\windows\system32\Speech
2014-01-11 17:12:47 ----D---- C:\windows\system32\SMI
2014-01-11 17:12:47 ----D---- C:\windows\system32\slmgr
2014-01-11 17:12:46 ----D---- C:\windows\system32\sk-SK
2014-01-11 17:12:46 ----D---- C:\windows\system32\Printing_Admin_Scripts
2014-01-11 17:12:39 ----D---- C:\windows\system32\NetworkList
2014-01-11 17:12:39 ----D---- C:\windows\system32\MUI
2014-01-11 17:12:37 ----D---- C:\windows\system32\migwiz
2014-01-11 17:12:37 ----D---- C:\windows\system32\migration
2014-01-11 17:12:36 ----D---- C:\windows\system32\Macromed
2014-01-11 17:12:35 ----D---- C:\windows\system32\lv-LV
2014-01-11 17:12:35 ----D---- C:\windows\system32\lt-LT
2014-01-11 17:12:34 ----D---- C:\windows\system32\IME
2014-01-11 17:12:34 ----D---- C:\windows\system32\hu-HU
2014-01-11 17:12:32 ----D---- C:\windows\system32\et-EE
2014-01-11 17:12:31 ----D---- C:\windows\system32\drivers\UMDF
2014-01-11 17:12:28 ----D---- C:\windows\system32\Dism
2014-01-11 17:12:25 ----D---- C:\windows\system32\com
2014-01-11 17:11:59 ----D---- C:\windows\system32\catroot
2014-01-11 17:11:57 ----D---- C:\windows\system32\bg-BG
2014-01-11 17:11:56 ----D---- C:\windows\Speech
2014-01-11 17:11:55 ----D---- C:\windows\schemas
2014-01-11 17:11:55 ----D---- C:\windows\ServiceProfiles
2014-01-11 17:11:55 ----D---- C:\windows\Resources
2014-01-11 17:11:51 ----D---- C:\windows\PolicyDefinitions
2014-01-11 17:11:51 ----D---- C:\windows\PLA
2014-01-11 17:11:50 ----D---- C:\windows\Performance
2014-01-11 17:06:55 ----D---- C:\windows\IME
2014-01-11 17:06:53 ----D---- C:\windows\Globalization
2014-01-11 17:06:30 ----D---- C:\windows\Branding
2014-01-11 17:04:28 ----D---- C:\windows\AppPatch
2014-01-11 17:04:19 ----HD---- C:\Users\Radek\AppData\Roaming\wargaming.net
2014-01-11 17:04:18 ----HD---- C:\Users\Radek\AppData\Roaming\SoftGrid Client
2014-01-11 17:04:18 ----D---- C:\Users\Radek\AppData\Roaming\Music Recognition
2014-01-11 17:04:18 ----D---- C:\Users\Radek\AppData\Roaming\Mozilla
2014-01-11 17:04:13 ----D---- C:\Users\Radek\AppData\Roaming\GameRanger
2014-01-11 17:04:11 ----HD---- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
2014-01-11 17:04:10 ----HD---- C:\Users\Radek\AppData\Roaming\Bradsoft.com
2014-01-11 17:04:09 ----HD---- C:\Users\Radek\AppData\Roaming\Adobe
2014-01-11 17:04:09 ----D---- C:\Users\Radek\AppData\Roaming\Autodesk
2014-01-11 17:04:08 ----HD---- C:\Users\Radek\AppData\Roaming\ACTIV Software
2014-01-11 17:03:55 ----RD---- C:\Users
2014-01-11 17:03:48 ----D---- C:\ProgramData\Orbit
2014-01-11 17:03:36 ----D---- C:\ProgramData\Avira
2014-01-11 17:03:35 ----D---- C:\ProgramData\Autodesk
2014-01-11 17:03:35 ----D---- C:\ProgramData\Adobe
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Photo Viewer
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows NT
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Media Player
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Mail
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Journal
2014-01-11 17:03:32 ----D---- C:\Program Files\Windows Defender
2014-01-11 17:03:30 ----D---- C:\Program Files\Ubisoft
2014-01-11 17:03:22 ----D---- C:\Program Files\Reference Assemblies
2014-01-11 17:03:19 ----D---- C:\Program Files\MSBuild
2014-01-11 17:03:19 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-01-11 17:03:19 ----D---- C:\Program Files\Microsoft Sync Framework
2014-01-11 17:03:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-11 17:02:36 ----D---- C:\Program Files\Microsoft Office
2014-01-11 17:02:35 ----D---- C:\Program Files\Microsoft Help Viewer
2014-01-11 17:02:29 ----D---- C:\Program Files\Microsoft Analysis Services
2014-01-11 17:02:23 ----D---- C:\Program Files\Java
2014-01-11 17:02:11 ----D---- C:\Program Files\Eagle Dynamics
2014-01-11 17:02:11 ----D---- C:\Program Files\DVD Maker
2014-01-11 17:02:09 ----D---- C:\Program Files\Common Files\SpeechEngines
2014-01-11 17:01:57 ----D---- C:\Program Files\Common Files\Macrovision Shared
2014-01-11 16:59:48 ----D---- C:\Program Files\Autodesk
2014-01-11 16:59:08 ----D---- C:\Program Files\Adobe
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows NT
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Media Player
2014-01-11 16:59:05 ----D---- C:\Program Files (x86)\Windows Mail
2014-01-11 16:59:04 ----D---- C:\Program Files (x86)\Windows Defender
2014-01-11 16:58:47 ----D---- C:\Program Files (x86)\VideoLAN
2014-01-11 16:57:45 ----D---- C:\Program Files (x86)\Ubisoft
2014-01-11 16:56:49 ----D---- C:\Program Files (x86)\Reference Assemblies
2014-01-11 16:56:39 ----D---- C:\Program Files (x86)\ParetoLogic
2014-01-11 16:56:35 ----D---- C:\Program Files (x86)\Oracle
2014-01-11 16:56:35 ----D---- C:\Program Files (x86)\Oovee
2014-01-11 16:56:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 16:56:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-11 16:56:27 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-11 16:56:16 ----D---- C:\Program Files (x86)\Microsoft Office
2014-01-11 16:56:16 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-01-11 16:56:11 ----D---- C:\Program Files (x86)\MicroProse
2014-01-11 16:56:07 ----D---- C:\Program Files (x86)\Java
2014-01-11 16:56:06 ----D---- C:\Program Files (x86)\Intel
2014-01-11 16:55:51 ----D---- C:\Program Files (x86)\Google
2014-01-11 16:55:35 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-11 16:55:24 ----D---- C:\Program Files (x86)\EA SPORTS
2014-01-11 16:55:16 ----D---- C:\Program Files (x86)\Creative
2014-01-11 16:54:14 ----D---- C:\Program Files (x86)\Avira
2014-01-11 16:54:08 ----D---- C:\Program Files (x86)\Autodesk
2014-01-11 16:53:44 ----D---- C:\Program Files (x86)\Adobe
2014-01-11 16:53:39 ----D---- C:\Program Files (x86)\Abbequerque Inc
2014-01-11 16:53:18 ----RHD---- C:\MSOCache
2014-01-11 16:53:11 ----SHD---- C:\Boot
2014-01-11 16:53:11 ----D---- C:\Matrix Games
2014-01-11 16:50:00 ----D---- C:\Autodesk
2014-01-11 16:47:46 ----SHD---- C:\System Volume Information
2014-01-11 15:58:56 ----D---- C:\Users\Radek\AppData\Roaming\TS3Client
2014-01-10 11:18:20 ----A---- C:\windows\SYSWOW64\PnkBstrB.exe
2014-01-09 22:41:56 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-12-30 22:22:02 ----D---- C:\windows\Panther
2013-12-30 22:22:02 ----D---- C:\windows\Logs
2013-12-30 22:22:02 ----D---- C:\windows\debug
2013-12-30 19:50:55 ----D---- C:\ProgramData\boost_interprocess
2013-12-15 12:15:31 ----D---- C:\windows\system32\MRT
2013-12-15 12:14:03 ----A---- C:\windows\system32\MRT.exe
2013-12-14 15:07:13 ----D---- C:\windows\winsxs
2013-12-13 16:20:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-12-20 131576]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-11-29 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-23 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-12-20 108440]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\windows\system32\drivers\fspad_wlh64.sys [2010-06-07 52224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-02-15 2741736]
R3 MBfilt;MBfilt; C:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-07-04 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64; C:\windows\system32\drivers\fspad_xp64.sys [2010-06-07 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 MGHwCtrl;MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\windows\system32\drivers\WSDScan.sys [2009-07-14 25088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-29 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-12-20 440376]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSI Foundation Service;MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-17 12800]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-13 1007208]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2012-08-27 76888]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-09-28 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
ComboFix 14-01-08.03 - Radek 11.01.2014 17:55:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4230 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radek\AppData\Roaming\poclbm
c:\users\Radek\AppData\Roaming\poclbm\poclbm.ini
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\SysWow64\Config.ini
c:\windows\SysWow64\tmpE644.tmp
c:\windows\SysWow64\tmpE645.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 17:02 . 2014-01-11 17:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Voobly - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-11 18:09:35
ComboFix-quarantined-files.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 34 648 961 024
Po spuštění: Volných bajtů: 34 343 936 000
.
- - End Of File - - F6C2C2D95700478741B914033F313C7D
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Dejte ještě jeden log z ComboFix.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
ComboFix 14-01-08.03 - Radek 11.01.2014 23:02:32.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4556 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 22:10 . 2014-01-11 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-11 16:45 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D821A67-EC9E-4386-B841-D2087BDA73D6}\mpengine.dll
2014-01-11 16:44 . 2014-01-11 16:44 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-11 23:13:09
ComboFix-quarantined-files.txt 2014-01-11 22:13
ComboFix2.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 33 633 837 056
Po spuštění: Volných bajtů: 33 090 908 160
.
- - End Of File - - 7BF446CDD333A2E771B9387E6B175536
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4556 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 22:10 . 2014-01-11 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-11 16:45 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D821A67-EC9E-4386-B841-D2087BDA73D6}\mpengine.dll
2014-01-11 16:44 . 2014-01-11 16:44 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-13 14:48 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 14:48 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 14:48 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 14:48 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-13 14:48 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 14:47 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-13 14:47 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-13 14:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-13 14:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-13 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-13 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-13 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-13 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"Akamai NetSession Interface"="c:\users\Radek\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-11 23:13:09
ComboFix-quarantined-files.txt 2014-01-11 22:13
ComboFix2.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 33 633 837 056
Po spuštění: Volných bajtů: 33 090 908 160
.
- - End Of File - - 7BF446CDD333A2E771B9387E6B175536
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\users\Default\AppData\Local\temp
c:\users\Radek\AppData\Local\Akamai
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Regnull::
[HKEY_USERS\S-1-5-21-4069789403-2013840182-3696591646-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
Log z CF:
ComboFix 14-01-08.03 - Radek 12.01.2014 16:52:32.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4571 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radek\Desktop\CFScript.txt.TXT
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Default\AppData\Local\temp
c:\users\Radek\AppData\Local\Akamai
c:\users\Radek\AppData\Local\Akamai\admintool.exe
c:\users\Radek\AppData\Local\Akamai\client.ini
c:\users\Radek\AppData\Local\Akamai\ControlPanel.exe
c:\users\Radek\AppData\Local\Akamai\euc_state.json
c:\users\Radek\AppData\Local\Akamai\extraroot.pem
c:\users\Radek\AppData\Local\Akamai\guid.ini
c:\users\Radek\AppData\Local\Akamai\Languages\csy.dll
c:\users\Radek\AppData\Local\Akamai\Languages\dan.dll
c:\users\Radek\AppData\Local\Akamai\Languages\deu.dll
c:\users\Radek\AppData\Local\Akamai\Languages\esp.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fin.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fra.dll
c:\users\Radek\AppData\Local\Akamai\Languages\chs.dll
c:\users\Radek\AppData\Local\Akamai\Languages\cht.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ita.dll
c:\users\Radek\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Radek\AppData\Local\Akamai\Languages\kor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nld.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\plk.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Radek\AppData\Local\Akamai\Languages\rus.dll
c:\users\Radek\AppData\Local\Akamai\Languages\sve.dll
c:\users\Radek\AppData\Local\Akamai\Languages\trk.dll
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_163326.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_173203.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_221630.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_234024.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140112_102600.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_163336.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_173228.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_183228.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_193229.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_203229.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_213230.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_221703.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_231704.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_234023.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_102636.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_112637.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_122638.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_132638.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_142639.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_152639.sent
c:\users\Radek\AppData\Local\Akamai\netsession_installer.exe
c:\users\Radek\AppData\Local\Akamai\netsession_win.exe
c:\users\Radek\AppData\Local\Akamai\readme.txt
c:\users\Radek\AppData\Local\Akamai\root.pem
c:\users\Radek\AppData\Local\Akamai\rswinui.exe
c:\users\Radek\AppData\Local\Akamai\uninstall.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-11 16:45 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D821A67-EC9E-4386-B841-D2087BDA73D6}\mpengine.dll
2014-01-11 16:44 . 2014-01-11 16:44 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-23 18:26 . 2013-12-13 14:48 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-13 14:48 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-13 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-13 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-13 14:48 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-13 14:48 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-10-30 01:24 . 2013-12-13 14:48 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-10-19 02:18 . 2013-12-13 14:47 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-19 01:36 . 2013-12-13 14:47 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Akamai - c:\users\Radek\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 17:18:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 16:18
ComboFix2.txt 2014-01-11 22:13
ComboFix3.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 31 919 869 952
Po spuštění: Volných bajtů: 32 810 090 496
.
- - End Of File - - C71AD5EA69F9B35FFB42A4336BB8098D
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-01-08.03 - Radek 12.01.2014 16:52:32.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6121.4571 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radek\Desktop\CFScript.txt.TXT
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Default\AppData\Local\temp
c:\users\Radek\AppData\Local\Akamai
c:\users\Radek\AppData\Local\Akamai\admintool.exe
c:\users\Radek\AppData\Local\Akamai\client.ini
c:\users\Radek\AppData\Local\Akamai\ControlPanel.exe
c:\users\Radek\AppData\Local\Akamai\euc_state.json
c:\users\Radek\AppData\Local\Akamai\extraroot.pem
c:\users\Radek\AppData\Local\Akamai\guid.ini
c:\users\Radek\AppData\Local\Akamai\Languages\csy.dll
c:\users\Radek\AppData\Local\Akamai\Languages\dan.dll
c:\users\Radek\AppData\Local\Akamai\Languages\deu.dll
c:\users\Radek\AppData\Local\Akamai\Languages\esp.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fin.dll
c:\users\Radek\AppData\Local\Akamai\Languages\fra.dll
c:\users\Radek\AppData\Local\Akamai\Languages\chs.dll
c:\users\Radek\AppData\Local\Akamai\Languages\cht.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ita.dll
c:\users\Radek\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Radek\AppData\Local\Akamai\Languages\kor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nld.dll
c:\users\Radek\AppData\Local\Akamai\Languages\nor.dll
c:\users\Radek\AppData\Local\Akamai\Languages\plk.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Radek\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Radek\AppData\Local\Akamai\Languages\rus.dll
c:\users\Radek\AppData\Local\Akamai\Languages\sve.dll
c:\users\Radek\AppData\Local\Akamai\Languages\trk.dll
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_163326.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_173203.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_221630.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140111_234024.sent
c:\users\Radek\AppData\Local\Akamai\Logs\daemon.debug.log.140112_102600.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_163336.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_173228.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_183228.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_193229.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_203229.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_213230.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_221703.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_231704.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140111_234023.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_102636.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_112637.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_122638.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_132638.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_142639.sent
c:\users\Radek\AppData\Local\Akamai\Logs\debug.log.140112_152639.sent
c:\users\Radek\AppData\Local\Akamai\netsession_installer.exe
c:\users\Radek\AppData\Local\Akamai\netsession_win.exe
c:\users\Radek\AppData\Local\Akamai\readme.txt
c:\users\Radek\AppData\Local\Akamai\root.pem
c:\users\Radek\AppData\Local\Akamai\rswinui.exe
c:\users\Radek\AppData\Local\Akamai\uninstall.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-11 16:45 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D821A67-EC9E-4386-B841-D2087BDA73D6}\mpengine.dll
2014-01-11 16:44 . 2014-01-11 16:44 -------- d-----w- C:\rsit
2014-01-10 18:52 . 2014-01-11 16:44 -------- d-----w- c:\program files\trend micro
2014-01-04 13:19 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers2
2014-01-04 13:05 . 2014-01-11 16:16 -------- d-----w- c:\program files (x86)\Panzers1
2013-12-13 23:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 23:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 23:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:18 . 2012-02-15 19:55 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-01-10 10:18 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 21:46 . 2012-02-15 19:30 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 17:08 . 2013-05-06 08:08 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-20 17:08 . 2013-03-29 18:19 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-20 17:08 . 2013-03-29 18:19 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-15 11:14 . 2012-02-19 10:54 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 15:20 . 2012-11-13 21:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-13 15:20 . 2012-02-16 17:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-29 16:10 . 2013-03-29 18:19 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-28 23:03 . 2013-11-28 23:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 23:03 . 2013-11-28 23:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 23:03 . 2013-11-28 23:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 23:03 . 2013-11-28 23:03 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 23:03 . 2013-11-28 23:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 23:03 . 2013-11-28 23:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 23:03 . 2013-11-28 23:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 23:03 . 2013-11-28 23:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 23:03 . 2013-11-28 23:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 23:03 . 2013-11-28 23:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 23:03 . 2013-11-28 23:03 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 23:03 . 2013-11-28 23:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 23:03 . 2013-11-28 23:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 23:03 . 2013-11-28 23:03 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 23:03 . 2013-11-28 23:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 23:03 . 2013-11-28 23:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 23:03 . 2013-11-28 23:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 23:03 . 2013-11-28 23:03 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 23:03 . 2013-11-28 23:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 23:03 . 2013-11-28 23:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 23:03 . 2013-11-28 23:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 23:03 . 2013-11-28 23:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 23:03 . 2013-11-28 23:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 23:03 . 2013-11-28 23:03 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 23:03 . 2013-11-28 23:03 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 23:03 . 2013-11-28 23:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 23:03 . 2013-11-28 23:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 23:03 . 2013-11-28 23:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 23:03 . 2013-11-28 23:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 23:03 . 2013-11-28 23:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 23:03 . 2013-11-28 23:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 23:03 . 2013-11-28 23:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 23:03 . 2013-11-28 23:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 23:03 . 2013-11-28 23:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-28 23:03 . 2013-11-28 23:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 23:03 . 2013-11-28 23:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-23 18:26 . 2013-12-13 14:48 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-13 14:48 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-13 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-13 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-10-30 02:32 . 2013-12-13 14:48 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-13 14:48 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-10-30 01:24 . 2013-12-13 14:48 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-10-19 02:18 . 2013-12-13 14:47 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-19 01:36 . 2013-12-13 14:47 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-10-14 17:00 . 2013-11-28 23:14 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-11-05 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"NVIDIAOCAP"="c:\program files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe" [2010-10-20 83456]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"msi LED Manager"="c:\program files (x86)\msi\msi LED Manager\SLM.exe" [2010-07-29 2795008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-13 15:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"fspuip"="c:\program files (x86)\FSP\fspuip.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.226.240.126 192.168.0.254
TCP: Interfaces\{16D02F39-E1CC-458B-81A9-397747FF1924}: NameServer = 10.193.2.1,213.180.32.2
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\zhb1tkfe.default-1374080479806\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Akamai - c:\users\Radek\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 17:18:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 16:18
ComboFix2.txt 2014-01-11 22:13
ComboFix3.txt 2014-01-11 17:09
.
Před spuštěním: Volných bajtů: 31 919 869 952
Po spuštění: Volných bajtů: 32 810 090 496
.
- - End Of File - - C71AD5EA69F9B35FFB42A4336BB8098D
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Smazáno, PC je již čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vir "Policie ČR"
Mnohokrát děkuji za Váši pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vir "Policie ČR"
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?