Prosím o kontrolu, nejsem si jistý...

[Kronos]

Logfile of random's system information tool 1.09 (written by random/random)
Run by pc at 2014-04-27 11:44:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 18 GB (15%) free of 122 GB
Total RAM: 16333 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:52, on 27.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files (x86)\Webteh\BSplayerPro\bsplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: savEa net - {3C14FF33-CEDA-048A-8587-C62221D1EC97} - C:\Program Files (x86)\savEa net\R.dll
O2 - BHO: SNT - {42442BEC-E384-2F1C-6023-A8056055F663} - C:\Program Files (x86)\SNT\yR.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: YoutubeAdblocker - {C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE} - C:\Program Files (x86)\YoutubeAdblocker\lGKA6F7G8G.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [ControlCenterII] \BootStartControlCenter.exe
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D3DB505-3915-4CA9-AF1F-C9FBE23EEE46}: NameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D3DB505-3915-4CA9-AF1F-C9FBE23EEE46}: NameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D3DB505-3915-4CA9-AF1F-C9FBE23EEE46}: NameServer = 192.168.1.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\SysWOW64\xmesrv.exe

--
End of file - 13164 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe"
C:\Windows\SysWOW64\xmesrv.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"taskhost.exe"
\??\C:\Windows\system32\conhost.exe "-2080553367255744602-18590484021261207413-1661556700-607952930-1353613458636809178
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1fae4656-8812-48ae-ba62-9052e6feaaad -SystemEventPortName:HostProcess-dedff5f8-83c8-4b89-8c1e-70cb314d3961 -IoCancelEventPortName:HostProcess-7fb4e17d-d4ee-41a3-acf7-c42c026f8efb -NonStateChangingEventPortName:HostProcess-501f088c-96d4-4d5f-8697-05dd161c9ca5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ae726af2-6f0a-4771-a7ea-91fa7ca4033b -DeviceGroupId:
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Webteh\BSplayerPro\bsplayer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2320.0.857241533\1651924297" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28,34 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.2.1200288151\1702410495" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.3.2006190522\622962315" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.4.607286881\541610290" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.5.971970118\899585127" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.6.2105816685\1308183800" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.7.1493370016\916299926" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.8.899402062\1541499447" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.9.1430516272\1444126998" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.10.1250299610\51394999" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.11.303970294\1621266968" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.12.2117352574\342550815" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.13.452037692\1670541143" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.15.949754272\1168379798" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2320.16.1466992208\253509492" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Default/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.43.1364059714\945111802" /prefetch:673131151
"C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/EnableZeroSuggest_R7_Stable_MostVisitedControl/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group14 pct:1e stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Default/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_52/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="2320.49.1599786072\951533043" /prefetch:673131151
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\pc\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverToolkit Autorun.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}]
savEa net - C:\Program Files (x86)\savEa net\R.x64.dll [2014-04-20 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42442BEC-E384-2F1C-6023-A8056055F663}]
SNT - C:\Program Files (x86)\SNT\yR.x64.dll [2013-04-20 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}]
YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\lGKA6F7G8G.x64.dll [2013-04-20 472064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}]
savEa net - C:\Program Files (x86)\savEa net\R.dll [2014-04-20 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42442BEC-E384-2F1C-6023-A8056055F663}]
SNT - C:\Program Files (x86)\SNT\yR.dll [2013-04-20 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-17 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}]
YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\lGKA6F7G8G.dll [2014-04-20 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-17 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-02-05 1179576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-07-27 495616]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]
"ControlCenterII"=\BootStartControlCenter.exe []
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]

C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PdaNet Desktop.lnk - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-27 11:41:59 ----D---- C:\rsit
2014-04-27 11:41:59 ----D---- C:\Program Files\trend micro
2014-04-23 18:45:08 ----D---- C:\Program Files (x86)\ClockworkMod
2014-04-23 18:02:48 ----SD---- C:\Windows\system32\CompatTel
2014-04-23 18:02:43 ----A---- C:\Windows\system32\aepdu.dll
2014-04-23 18:02:43 ----A---- C:\Windows\system32\aeinv.dll
2014-04-21 11:55:26 ----D---- C:\Program Files (x86)\TeamViewer
2014-04-20 19:23:57 ----A---- C:\Users\pc\AppData\Roaming\regsvr32.exe_log.txt
2014-04-20 19:23:57 ----A---- C:\Users\pc\AppData\Roaming\LiveSupport.exe_log.txt
2014-04-20 19:23:56 ----D---- C:\Users\pc\AppData\Roaming\SkypEmoticons
2014-04-20 19:23:53 ----D---- C:\ProgramData\SNT
2014-04-20 19:23:52 ----D---- C:\Program Files (x86)\SNT
2014-04-20 19:23:34 ----D---- C:\ProgramData\Rightapp software
2014-04-20 19:23:17 ----D---- C:\ProgramData\YoutubeAdblocker
2014-04-20 19:23:16 ----D---- C:\Program Files (x86)\YoutubeAdblocker
2014-04-20 19:23:13 ----D---- C:\ProgramData\save net
2014-04-20 19:23:12 ----D---- C:\Program Files (x86)\save net
2014-04-20 19:23:10 ----D---- C:\ProgramData\savEa net
2014-04-20 19:23:10 ----D---- C:\ProgramData\e34533b38fc3c2d7
2014-04-20 19:23:10 ----D---- C:\Program Files (x86)\savEa net
2014-04-20 19:22:12 ----D---- C:\ProgramData\InstallMate
2014-04-19 18:14:43 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-04-19 16:47:36 ----A---- C:\Windows\SYSWOW64\drivers\MoborobAssDriver64.sys
2014-04-19 16:47:28 ----D---- C:\ProgramData\Moborobo
2014-04-19 16:47:28 ----A---- C:\ProgramData\ISTask.dll
2014-04-19 16:47:27 ----D---- C:\Program Files (x86)\Moborobo
2014-04-19 16:43:30 ----A---- C:\Windows\system32\drivers\pneteth.sys
2014-04-19 16:43:29 ----D---- C:\Program Files (x86)\PdaNet for Android
2014-04-18 19:20:22 ----D---- C:\Program Files (x86)\DriverToolkit
2014-04-12 13:04:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-12 13:04:29 ----A---- C:\Windows\system32\ieui.dll
2014-04-12 13:04:28 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-12 13:04:28 ----A---- C:\Windows\system32\vbscript.dll
2014-04-12 13:04:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 13:04:26 ----A---- C:\Windows\system32\iernonce.dll
2014-04-12 13:04:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 13:04:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-12 13:04:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-12 13:04:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-12 13:04:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-12 13:04:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-12 13:04:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\msrating.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-12 13:04:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-12 13:04:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-12 13:04:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-12 13:04:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-12 13:04:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-12 13:04:24 ----A---- C:\Windows\system32\mshtml.dll
2014-04-12 13:04:24 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-12 13:04:24 ----A---- C:\Windows\system32\iesetup.dll
2014-04-12 13:04:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-12 13:04:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-12 13:04:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-12 13:04:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-12 13:04:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-12 13:04:23 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-12 13:04:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-12 13:04:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-12 13:04:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-12 13:04:22 ----A---- C:\Windows\system32\wininet.dll
2014-04-12 13:04:22 ----A---- C:\Windows\system32\urlmon.dll
2014-04-12 13:04:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 13:04:22 ----A---- C:\Windows\system32\iertutil.dll
2014-04-12 13:04:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-12 13:04:21 ----A---- C:\Windows\system32\ieframe.dll
2014-04-12 13:04:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-12 13:04:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-12 13:04:20 ----A---- C:\Windows\system32\jscript9.dll
2014-04-09 18:23:58 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-09 18:23:58 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 18:23:58 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 18:23:58 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 18:23:58 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 18:23:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-09 18:23:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-09 18:23:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-09 18:23:57 ----A---- C:\Windows\system32\wow64win.dll
2014-04-09 18:23:57 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-09 18:23:57 ----A---- C:\Windows\system32\wow64.dll
2014-04-09 18:23:57 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-09 18:23:57 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 18:23:56 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-09 18:23:56 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-09 18:23:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-09 18:23:50 ----A---- C:\Windows\system32\drivers\ntfs.sys

======List of files/folders modified in the last 1 month======

2014-04-27 11:42:48 ----D---- C:\Windows\system32\config
2014-04-27 11:41:59 ----RD---- C:\Program Files
2014-04-27 11:35:32 ----D---- C:\Windows\Temp
2014-04-27 11:07:59 ----SHD---- C:\System Volume Information
2014-04-27 09:42:35 ----D---- C:\Windows\System32
2014-04-27 09:42:35 ----D---- C:\Windows\inf
2014-04-27 09:42:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-27 09:37:42 ----A---- C:\Windows\SYSWOW64\log.txt
2014-04-27 09:35:55 ----D---- C:\Windows\system32\Tasks
2014-04-27 09:35:39 ----D---- C:\ProgramData\NVIDIA
2014-04-24 18:10:56 ----D---- C:\Windows
2014-04-23 18:58:51 ----RD---- C:\Program Files (x86)
2014-04-23 18:58:32 ----D---- C:\Windows\system32\catroot2
2014-04-23 18:52:55 ----D---- C:\Windows\system32\DriverStore
2014-04-23 18:52:55 ----D---- C:\Windows\system32\drivers
2014-04-23 18:45:08 ----SHD---- C:\Windows\Installer
2014-04-23 18:02:49 ----D---- C:\Windows\winsxs
2014-04-23 18:02:38 ----D---- C:\Windows\system32\catroot
2014-04-21 11:55:28 ----RSD---- C:\Windows\Fonts
2014-04-20 19:35:20 ----D---- C:\Windows\Tasks
2014-04-20 19:33:29 ----HD---- C:\ProgramData
2014-04-20 19:23:04 ----RD---- C:\Users
2014-04-19 16:47:36 ----D---- C:\Windows\SYSWOW64\drivers
2014-04-18 19:39:37 ----D---- C:\Users\pc\AppData\Roaming\KeePass
2014-04-18 19:14:47 ----D---- C:\Windows\SysWOW64
2014-04-18 19:10:01 ----D---- C:\Windows\system32\drivers\UMDF
2014-04-15 11:40:47 ----D---- C:\Program Files (x86)\FS Recorder for FSX
2014-04-15 09:24:14 ----A---- C:\Windows\rfindpln.ini
2014-04-15 09:19:08 ----A---- C:\AS2012_Log.txt
2014-04-13 10:53:40 ----D---- C:\Windows\rescache
2014-04-12 17:59:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-12 13:19:42 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-12 13:19:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-12 13:19:42 ----D---- C:\Program Files\Internet Explorer
2014-04-12 13:19:41 ----D---- C:\Windows\system32\en-US
2014-04-12 13:19:41 ----D---- C:\Windows\system32\cs-CZ
2014-04-12 13:19:41 ----D---- C:\Windows\PolicyDefinitions
2014-04-12 13:19:41 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-09 20:50:24 ----D---- C:\Windows\AppPatch
2014-04-09 18:25:52 ----D---- C:\ProgramData\Microsoft Help
2014-04-09 18:25:29 ----D---- C:\Windows\system32\MRT
2014-04-09 18:24:34 ----A---- C:\Windows\system32\MRT.exe
2014-04-07 15:29:15 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2014-04-07 15:29:14 ----SD---- C:\ProgramData\Microsoft
2014-04-06 09:38:03 ----D---- C:\Users\pc\AppData\Roaming\TS3Client
2014-04-05 18:15:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-10-09 229408]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-03-22 564824]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2012-10-09 593952]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-10-09 711712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-23 283200]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-10-21 43168]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2012-10-09 81952]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-24 261120]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-10-27 312480]
S3 cpuz130;cpuz130; \??\C:\Users\ZBYN [2012-10-12 2404]
S3 GemCCID;GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [2013-01-29 126848]
S3 MSICDSetup;MSICDSetup; \??\H:\CDriver64.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-02-14 13328]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\H:\NTIOLib_X64.sys []
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 SaiK0836;SaiK0836; C:\Windows\system32\DRIVERS\SaiK0836.sys [2010-07-08 172040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-10-13 140672]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 599320]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-29 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-29 277784]
R2 MoboroboDeviceService;Moborobo Device Service; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [2014-03-28 70952]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-06-29 136704]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-25 76888]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-11-26 659040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-29 363800]
R2 xmengine service;CryptoPlus XME Engine Service; C:\Windows\SysWOW64\xmesrv.exe [2013-01-29 34696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-12 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-12 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-11-26 1225312]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Roli]

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.


Pak použij Mbam z mého podpisu a dej mi sem z něj také log, předem nic nemazat !

[Kronos]

# AdwCleaner v3.204 - Report created 27/04/2014 at 18:49:46
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pc - I53570K
# Running from : C:\Users\pc\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\pc\AppData\Roaming\LiveSupport.exe_log.txt
File Found : C:\Users\pc\AppData\Roaming\regsvr32.exe_log.txt
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Program Files (x86)\save net
Folder Found : C:\Program Files (x86)\savEa net
Folder Found : C:\Program Files (x86)\SNT
Folder Found : C:\Program Files (x86)\YoutubeAdblocker
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\pc\.android
Folder Found : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Found : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Found : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Found : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
Folder Found : C:\Users\pc\AppData\Local\torch
Folder Found : C:\Users\pc\AppData\Roaming\SkypEmoticons

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-937180986
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/20&hid=8798020744573499418&lg=EN&cc=CZ&unqvl=51
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/20&hid=8798020744573499418&lg=EN&cc=CZ&unqvl=51

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : egdnlfobibjjfjdehnikmjghjebjajlf
Found [Extension] : bcfcaodbidgpnbedklbaaolijkefgmkc
Found [Extension] : kapkgefnkdllmnjmnlkkohpaegmempgc
Found [Extension] : doedjocifgodkgenhbdlaliccnekilbh

[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/20&hid=8798020744573499418&lg=EN&cc=CZ&unqvl=51
Found [Extension] : bcfcaodbidgpnbedklbaaolijkefgmkc
Found [Extension] : doedjocifgodkgenhbdlaliccnekilbh
Found [Extension] : egdnlfobibjjfjdehnikmjghjebjajlf
Found [Extension] : kapkgefnkdllmnjmnlkkohpaegmempgc

*************************

AdwCleaner[R0].txt - [6769 octets] - [27/04/2014 18:49:46]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6829 octets] ##########

[Roli]

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


Pak nezapomeň na ten Mbam

[Kronos]

# AdwCleaner v3.204 - Report created 29/04/2014 at 12:29:29
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pc - I53570K
# Running from : C:\Users\pc\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\SNT
Folder Deleted : C:\Program Files (x86)\save net
Folder Deleted : C:\Program Files (x86)\savEa net
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\pc\.android
Folder Deleted : C:\Users\pc\AppData\Local\torch
Folder Deleted : C:\Users\pc\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfcaodbidgpnbedklbaaolijkefgmkc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\doedjocifgodkgenhbdlaliccnekilbh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdnlfobibjjfjdehnikmjghjebjajlf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
Folder Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapkgefnkdllmnjmnlkkohpaegmempgc
File Deleted : C:\Users\pc\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\pc\AppData\Roaming\regsvr32.exe_log.txt

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-937180986
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C14FF33-CEDA-048A-8587-C62221D1EC97}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C292CB10-B3A1-AB55-E8E9-2B5F7A2FC7AE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : egdnlfobibjjfjdehnikmjghjebjajlf
Deleted [Extension] : bcfcaodbidgpnbedklbaaolijkefgmkc
Deleted [Extension] : kapkgefnkdllmnjmnlkkohpaegmempgc
Deleted [Extension] : doedjocifgodkgenhbdlaliccnekilbh

[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/20&hid=8798020744573499418&lg=EN&cc=CZ&unqvl=51
Deleted [Extension] : bcfcaodbidgpnbedklbaaolijkefgmkc
Deleted [Extension] : doedjocifgodkgenhbdlaliccnekilbh
Deleted [Extension] : egdnlfobibjjfjdehnikmjghjebjajlf
Deleted [Extension] : kapkgefnkdllmnjmnlkkohpaegmempgc

*************************

AdwCleaner[R0].txt - [6941 octets] - [27/04/2014 18:49:46]
AdwCleaner[R1].txt - [6848 octets] - [29/04/2014 12:29:08]
AdwCleaner[S0].txt - [6606 octets] - [29/04/2014 12:29:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6666 octets] ##########


MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29.4.2014
Scan Time: 12:36:48
Logfile: MBAM_log.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.29.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: pc

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352400
Time Elapsed: 3 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.Linkey.A, HKU\S-1-5-21-3477444024-1752975296-2887903143-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [33e3240c671468cefea8c952b84a25db],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, , [20f6111f4f2c9e9827d0ceab27dbb54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{42442BEC-E384-2F1C-6023-A8056055F663}, , [34e2121e1c5f4ee881711e197f8540c0],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [9581e8483942a0963bbeb4b42fd34ab6],
PUP.Optional.MultiPlug.A, C:\ProgramData\save net, , [1bfb7cb4f18a95a105bd83eef0126f91],

Files: 1
PUP.Optional.MultiPlug.A, C:\ProgramData\savEa net\br.exe, , [0016be720378bd7923842620877ae31d],

Physical Sectors: 0
(No malicious items detected)


(end)

[Roli]

To co Mbam našel nech smazat.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[Kronos]

Co našel MBAM, jsem smazal.

ComboFix 14-04-30.01 - pc 30.04.2014 9:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16333.14524 [GMT 2:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\pc\unrar.dll
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
G:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-30 )))))))))))))))))))))))))))))))
.
.
2014-04-29 10:41 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{84A847E0-0AB1-4BDB-A439-A2E1D5E0A8AC}\mpengine.dll
2014-04-29 10:32 . 2014-04-30 07:25 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-29 10:32 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-29 10:32 . 2014-04-29 10:32 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-29 10:32 . 2014-04-29 10:32 -------- d-----w- c:\programdata\Malwarebytes
2014-04-29 10:32 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-29 10:32 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-28 08:00 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-27 16:49 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-04-27 16:49 . 2014-04-29 10:29 -------- d-----w- C:\AdwCleaner
2014-04-27 16:48 . 2014-04-27 16:48 -------- d-----w- c:\users\pc\AppData\Roaming\VS Revo Group
2014-04-27 09:41 . 2014-04-27 09:44 -------- d-----w- c:\program files\trend micro
2014-04-27 09:41 . 2014-04-27 09:42 -------- d-----w- C:\rsit
2014-04-23 16:45 . 2014-04-23 16:45 -------- d-----w- c:\program files (x86)\ClockworkMod
2014-04-23 16:02 . 2014-04-23 16:02 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-23 16:02 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-04-23 16:02 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-21 09:55 . 2014-04-21 09:55 -------- d-----w- c:\program files (x86)\TeamViewer
2014-04-20 17:23 . 2014-04-20 17:39 -------- d-----w- c:\programdata\SNT
2014-04-20 17:23 . 2014-04-20 17:24 -------- d-----w- c:\programdata\Rightapp software
2014-04-20 17:23 . 2014-04-20 17:23 -------- d-----w- c:\users\pc\AppData\Local\Comodo
2014-04-20 17:23 . 2014-04-20 17:23 -------- d-----w- c:\users\Administrator\AppData\Local\Comodo
2014-04-20 17:23 . 2014-04-30 07:18 -------- d-----w- c:\programdata\savEa net
2014-04-20 17:23 . 2014-04-20 17:38 -------- d-----w- c:\programdata\e34533b38fc3c2d7
2014-04-20 17:23 . 2014-04-20 17:23 -------- d-----w- c:\users\pc\AppData\Local\Packages
2014-04-20 17:23 . 2014-04-20 17:23 -------- d-----w- c:\users\Guest
2014-04-20 17:22 . 2014-04-20 17:24 -------- d-----w- c:\programdata\InstallMate
2014-04-19 16:14 . 2014-04-19 16:14 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-04-19 14:52 . 2014-02-20 08:24 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{041300C5-8C8D-4BE3-9AAF-4D3BCF4F8AB0}\gapaengine.dll
2014-04-19 14:47 . 2014-03-28 16:15 12072 ----a-w- c:\windows\SysWow64\drivers\MoborobAssDriver64.sys
2014-04-19 14:47 . 2014-04-27 07:37 -------- d-----w- c:\programdata\Moborobo
2014-04-19 14:47 . 2013-10-23 08:25 67584 ----a-w- c:\programdata\ISTask.dll
2014-04-19 14:47 . 2014-04-27 07:37 -------- d-----w- c:\program files (x86)\Moborobo
2014-04-19 14:43 . 2011-11-24 23:25 15360 ----a-w- c:\windows\system32\drivers\pneteth.sys
2014-04-19 14:43 . 2014-04-23 16:47 -------- d-----w- c:\program files (x86)\PdaNet for Android
2014-04-18 17:20 . 2014-04-18 17:20 -------- d-----w- c:\users\pc\AppData\Local\DriverToolkit
2014-04-18 17:20 . 2014-04-18 21:56 -------- d-----w- c:\program files (x86)\DriverToolkit
2014-04-12 11:20 . 2014-04-12 11:20 -------- d-sh--w- c:\users\pc\AppData\Local\EmieUserList
2014-04-12 11:20 . 2014-04-12 11:20 -------- d-sh--w- c:\users\pc\AppData\Local\EmieSiteList
2014-04-09 16:23 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-05 16:15 . 2014-04-05 16:15 1 ----a-w- c:\windows\SysWow64\SI.bin
2014-04-05 16:15 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-04-05 16:15 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-04-05 16:15 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-04-05 16:15 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-30 07:16 . 2012-10-09 09:08 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 07:16 . 2012-10-09 09:08 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-09 16:24 . 2012-11-15 08:35 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-17 07:44 . 2012-11-12 19:45 286720 ----a-w- c:\windows\iun506.exe
2014-03-11 08:52 . 2012-08-30 21:03 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:17 . 2014-04-09 16:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-02-20 08:24 . 2013-03-12 07:16 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-08 18:34 . 2014-02-19 08:36 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-02-08 18:34 . 2014-02-19 08:36 892192 ----a-w- c:\windows\system32\NvIFR64.dll
2014-02-08 18:34 . 2014-02-19 08:36 875296 ----a-w- c:\windows\system32\NvFBC64.dll
2014-02-08 18:34 . 2014-02-19 08:36 863520 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-02-08 18:34 . 2014-02-19 08:36 844576 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-02-08 18:34 . 2014-02-19 08:36 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2014-02-19 08:36 483104 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-02-08 18:34 . 2014-02-19 08:36 408352 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-02-08 18:34 . 2014-02-19 08:36 378656 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-02-08 18:34 . 2014-02-19 08:36 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-02-08 18:34 . 2014-02-19 08:36 333600 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-02-08 18:34 . 2014-02-19 08:36 31432480 ----a-w- c:\windows\system32\nvoglv64.dll
2014-02-08 18:34 . 2014-02-19 08:36 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-02-08 18:34 . 2014-02-19 08:36 23683360 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-02-08 18:34 . 2014-02-19 08:36 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-08 18:34 . 2014-02-19 08:36 18257576 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-02-08 18:34 . 2014-02-19 08:36 17715784 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-02-08 18:34 . 2014-02-19 08:36 174296 ----a-w- c:\windows\system32\nvinitx.dll
2014-02-08 18:34 . 2014-02-19 08:36 15740232 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2014-02-19 08:36 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-08 18:34 . 2014-02-19 08:36 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 18:34 . 2014-02-19 08:36 12324640 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-02-08 18:34 . 2014-02-19 08:36 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-02-08 18:34 . 2014-02-19 08:36 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-02-08 18:34 . 2014-02-19 08:36 3142432 ----a-w- c:\windows\system32\nvcuvid.dll
2014-02-08 18:34 . 2014-02-19 08:36 2956576 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-02-08 18:34 . 2014-02-19 08:36 2782496 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-02-08 18:34 . 2014-02-19 08:36 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-02-08 18:34 . 2014-02-19 08:36 2410784 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-02-08 18:34 . 2014-02-19 08:36 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-02-08 18:34 . 2014-02-19 08:36 11636176 ----a-w- c:\windows\system32\nvcuda.dll
2014-02-08 18:34 . 2012-10-09 09:16 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2012-10-09 09:16 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2012-10-09 09:16 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2012-10-09 09:16 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2012-10-09 09:16 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-10-09 09:16 14669032 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-02-08 17:42 . 2012-10-09 09:17 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-10-09 09:17 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-10-09 09:17 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-10-09 09:17 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-10-09 09:17 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-10-09 09:17 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-08 16:18 . 2014-02-19 09:08 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-02-07 01:23 . 2014-03-12 19:43 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 17:52 . 2012-10-09 09:17 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-05 09:31 . 2013-11-08 16:28 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2013-11-08 16:28 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-02-04 02:32 . 2014-03-12 19:43 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 19:43 624128 ----a-w- c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 19:43 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 19:43 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-07-27 495616]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 2615624]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz130;cpuz130;c:\users\ZBYNKU~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\ZBYNKU~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\DRIVERS\GemCCID.sys;c:\windows\SYSNATIVE\DRIVERS\GemCCID.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MSICDSetup;MSICDSetup;h:\cdriver64.sys;h:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;h:\ntiolib_x64.sys;h:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SaiK0836;SaiK0836;c:\windows\system32\DRIVERS\SaiK0836.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0836.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MoboroboDeviceService;Moborobo Device Service;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe;c:\program files (x86)\Moborobo\MoboroboDeviceService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 xmengine service;CryptoPlus XME Engine Service;c:\windows\SysWOW64\xmesrv.exe;c:\windows\SysWOW64\xmesrv.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-26 14:12 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 07:16]
.
2014-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 17:21]
.
2014-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 17:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: business24.cz\www
Trusted Zone: servis24.cz\www
TCP: Interfaces\{0D3DB505-3915-4CA9-AF1F-C9FBE23EEE46}: NameServer = 192.168.1.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-ControlCenterII - \BootStartControlCenter.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-The Navigation CD-ROM - d:\aviation tutorials\Navcd\Uninst.isu
AddRemove-FS_Real_Time - c:\windows\iun6002.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files (x86)\GreenTree Applications\YTD Video Downloader\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-30 09:31:52
ComboFix-quarantined-files.txt 2014-04-30 07:31
.
Před spuštěním: Volných bajtů: 20 402 679 808
Po spuštění: Volných bajtů: 20 052 692 992
.
- - End Of File - - 245B2265FB138A7C758E2A41FEE29335
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

[Kronos]

Vše jsem provedl dle návodu, PC budu monitorovat. Zatím se mi zdá vše v pořádku.
Děkuji moc za Vaši pomoc a vstřícnost,
hezký den.

[Roli]

......., PC budu monitorovat.

Tak pak dej vědět abych v případě že bude vše v pořádku to tady zamknul.

[Kronos]

Zdá se, že je vše v pořádku, můžete to zamknout, díky.

[Roli]

Není zač a