prosím o kontrolu logu

Zpráva

Pavouk1 · #1 Příspěvek od **Pavouk1** » 25 dub 2014 16:19

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2014-04-25 17:15:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 162 GB (34%) free of 477 GB
Total RAM: 4044 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:55, on 25.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AtuZi - {21c3c001-576e-4193-8e6a-b76f1fdd79ce} - C:\Program Files (x86)\AtuZi\AtuZibho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\updateAtuZi.exe
O23 - Service: Util AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9023 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AtuZi\updateAtuZi.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2424
"C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-04-14 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-09 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-04-14 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-14 2333400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21c3c001-576e-4193-8e6a-b76f1fdd79ce}]
AtuZi - C:\Program Files (x86)\AtuZi\AtuZibho.dll [2014-04-24 249624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-09 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-04-14 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-09 3854640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-25 17:15:51 ----D---- C:\rsit
2014-04-25 15:57:14 ----D---- C:\Windows\system32\appmgmt
2014-04-25 15:54:34 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2014-04-25 13:19:24 ----D---- C:\ProgramData\McAfee
2014-04-24 19:55:04 ----D---- C:\Program Files (x86)\Photo Story 3 for Windows
2014-04-24 18:14:59 ----D---- C:\Windows\WindowsMobile
2014-04-24 14:34:46 ----D---- C:\Program Files (x86)\AtuZi
2014-04-24 14:31:33 ----D---- C:\The KMPlayer
2014-04-24 14:14:30 ----D---- C:\Program Files (x86)\TPlayer
2014-04-24 13:15:51 ----D---- C:\ProgramData\firebird
2014-04-24 13:14:21 ----D---- C:\Program Files (x86)\Firebird
2014-04-24 13:14:11 ----D---- C:\Program Files (x86)\SpacialAudio
2014-04-22 17:35:52 ----D---- C:\11
2014-04-20 18:03:22 ----D---- C:\10
2014-04-16 14:39:39 ----D---- C:\Users\uzivatel\AppData\Roaming\BSplayer Pro
2014-04-16 14:39:39 ----D---- C:\Users\uzivatel\AppData\Roaming\BSplayer
2014-04-16 14:39:38 ----D---- C:\Program Files (x86)\Webteh
2014-04-15 13:31:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-04-15 13:31:42 ----A---- C:\Windows\system32\wmploc.DLL
2014-04-15 13:31:41 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-04-15 13:31:39 ----A---- C:\Windows\system32\wmp.dll
2014-04-15 13:24:01 ----D---- C:\Windows\Migration
2014-04-15 13:19:51 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-15 13:19:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-15 13:19:47 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-15 13:19:47 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-04-15 13:19:46 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-04-15 13:19:46 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-04-15 13:19:46 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-04-15 13:19:46 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-04-15 13:19:46 ----A---- C:\Windows\system32\wksprtPS.dll
2014-04-15 13:19:46 ----A---- C:\Windows\system32\wksprt.exe
2014-04-15 13:19:46 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-04-15 13:19:46 ----A---- C:\Windows\system32\tsgqec.dll
2014-04-15 13:19:46 ----A---- C:\Windows\system32\mstsc.exe
2014-04-15 13:19:46 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-04-15 13:19:45 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-04-15 13:19:45 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-04-15 13:19:45 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-04-15 13:19:45 ----A---- C:\Windows\system32\mstscax.dll
2014-04-15 13:18:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-15 13:18:28 ----A---- C:\Windows\system32\ieui.dll
2014-04-15 13:18:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-15 13:18:22 ----A---- C:\Windows\system32\vbscript.dll
2014-04-15 13:18:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 13:18:15 ----A---- C:\Windows\system32\iernonce.dll
2014-04-15 13:18:15 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 13:18:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-15 13:18:13 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-15 13:18:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-15 13:18:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-15 13:18:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-15 13:18:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\msrating.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-15 13:18:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-15 13:18:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-15 13:18:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-15 13:18:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-15 13:18:12 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-15 13:18:12 ----A---- C:\Windows\system32\iesetup.dll
2014-04-15 13:18:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-15 13:18:11 ----A---- C:\Windows\system32\mshtml.dll
2014-04-15 13:18:09 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-15 13:18:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-15 13:18:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-15 13:18:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 13:18:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-15 13:18:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-15 13:18:08 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-15 13:18:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-15 13:18:07 ----A---- C:\Windows\system32\iertutil.dll
2014-04-15 13:18:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-15 13:18:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-15 13:18:06 ----A---- C:\Windows\system32\wininet.dll
2014-04-15 13:18:06 ----A---- C:\Windows\system32\urlmon.dll
2014-04-15 13:18:05 ----A---- C:\Windows\system32\ieframe.dll
2014-04-15 13:18:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-15 13:18:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-04-15 13:18:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-15 13:18:02 ----A---- C:\Windows\system32\jscript9.dll
2014-04-15 13:16:40 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-04-15 13:16:38 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2014-04-15 13:16:38 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-04-15 13:16:35 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2014-04-15 13:16:35 ----A---- C:\Windows\system32\rdpudd.dll
2014-04-15 13:16:35 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-04-15 13:16:34 ----A---- C:\Windows\system32\rdpcorets.dll
2014-04-15 13:14:57 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-04-15 13:14:57 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-04-15 13:14:56 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-04-15 13:14:56 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-04-15 13:14:55 ----A---- C:\Windows\system32\WUDFx.dll
2014-04-15 13:14:55 ----A---- C:\Windows\system32\WUDFHost.exe
2014-04-15 13:14:55 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-04-15 13:12:45 ----A---- C:\Windows\system32\wwansvc.dll
2014-04-15 13:12:44 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-04-15 13:12:41 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-04-15 13:12:41 ----A---- C:\Windows\system32\qdvd.dll
2014-04-15 13:12:38 ----A---- C:\Windows\system32\fsutil.exe
2014-04-15 13:12:38 ----A---- C:\Windows\system32\esent.dll
2014-04-15 13:12:38 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-04-15 13:12:37 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-04-15 13:12:37 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-04-15 13:12:37 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-04-15 13:12:37 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-04-15 13:12:37 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-04-15 13:12:37 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-04-15 13:12:37 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-04-15 13:12:27 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-04-15 13:12:27 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-04-15 13:12:27 ----A---- C:\Windows\system32\RMActivate.exe
2014-04-15 13:12:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-04-15 13:12:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-04-15 13:12:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-04-15 13:12:26 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-15 13:12:26 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-04-15 13:12:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-04-15 13:12:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-04-15 13:12:25 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-04-15 13:12:25 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-04-15 13:12:25 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-04-15 13:12:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-04-15 13:12:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-04-15 13:12:25 ----A---- C:\Windows\system32\secproc_isv.dll
2014-04-15 13:12:25 ----A---- C:\Windows\system32\secproc.dll
2014-04-15 13:12:25 ----A---- C:\Windows\system32\msdrm.dll
2014-04-15 13:12:21 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-04-15 13:12:21 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-04-15 13:12:09 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-04-15 13:12:06 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-04-15 13:12:06 ----A---- C:\Windows\system32\WMPhoto.dll
2014-04-15 13:12:03 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-15 13:12:03 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-15 13:12:03 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-15 13:12:02 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-04-15 13:12:02 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-15 13:12:00 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-15 13:09:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-04-15 13:09:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-04-15 12:54:44 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-04-15 12:50:39 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-04-15 12:50:39 ----A---- C:\Windows\system32\qedit.dll
2014-04-15 12:50:37 ----A---- C:\Windows\system32\win32k.sys
2014-04-15 12:50:19 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-04-15 12:50:19 ----A---- C:\Windows\system32\wer.dll
2014-04-15 12:49:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-04-15 12:49:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-04-15 12:49:17 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-04-15 12:49:17 ----A---- C:\Windows\system32\wow64win.dll
2014-04-15 12:49:17 ----A---- C:\Windows\system32\wow64cpu.dll
2014-04-15 12:49:17 ----A---- C:\Windows\system32\wow64.dll
2014-04-15 12:49:17 ----A---- C:\Windows\system32\ntvdm64.dll
2014-04-15 12:49:17 ----A---- C:\Windows\system32\kernel32.dll
2014-04-15 12:49:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-04-15 12:49:16 ----A---- C:\Windows\SYSWOW64\user.exe
2014-04-15 12:49:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-04-15 12:42:13 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-04-15 12:40:45 ----D---- C:\Windows\SYSWOW64\Wat
2014-04-15 12:40:45 ----D---- C:\Windows\system32\Wat
2014-04-15 11:35:50 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2014-04-15 11:35:50 ----A---- C:\Windows\system32\uxtuneup.dll
2014-04-15 11:34:54 ----A---- C:\Windows\system32\TURegOpt.exe
2014-04-15 11:34:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-04-15 11:34:53 ----A---- C:\Windows\system32\authuitu.dll
2014-04-15 11:34:31 ----D---- C:\Users\uzivatel\AppData\Roaming\AVG
2014-04-15 11:33:25 ----D---- C:\Program Files (x86)\AVG
2014-04-15 11:30:42 ----D---- C:\ProgramData\AVG
2014-04-15 11:30:27 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-15 11:30:27 ----HD---- C:\ProgramData\Common Files
2014-04-14 14:12:34 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2014-04-14 14:12:20 ----D---- C:\ProgramData\Microsoft OneDrive
2014-04-14 14:05:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-04-14 14:01:36 ----D---- C:\Program Files\Microsoft Office 15
2014-04-09 20:46:51 ----D---- C:\Users\uzivatel\AppData\Roaming\HP
2014-04-09 20:41:21 ----D---- C:\ProgramData\HP Product Assistant
2014-04-09 20:40:56 ----D---- C:\Windows\SYSWOW64\spool
2014-04-09 20:38:15 ----D---- C:\Program Files (x86)\HP
2014-04-09 20:38:14 ----HD---- C:\Config.Msi
2014-04-09 20:37:05 ----D---- C:\Program Files\HP
2014-04-09 20:36:15 ----N---- C:\Windows\hpomdl19.dat
2014-04-09 20:36:15 ----A---- C:\Windows\hpoins19.dat
2014-04-09 20:36:05 ----D---- C:\ProgramData\HP
2014-04-09 16:12:20 ----A---- C:\Windows\avastSS.scr
2014-04-08 18:03:20 ----D---- C:\Users\uzivatel\AppData\Roaming\Acoustica
2014-04-08 18:02:52 ----D---- C:\Program Files (x86)\Acoustica CD Label Maker
2014-04-08 18:02:40 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-04-07 16:41:00 ----D---- C:\ceské 2
2014-04-04 12:40:14 ----D---- C:\české 1
2014-04-02 18:47:50 ----D---- C:\9
2014-04-02 09:20:04 ----D---- C:\8
2014-04-02 08:15:55 ----D---- C:\7
2014-03-31 15:48:21 ----D---- C:\české
2014-03-31 11:49:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-03-30 20:19:37 ----D---- C:\5
2014-03-30 20:16:18 ----D---- C:\4
2014-03-30 06:17:18 ----A---- C:\Windows\system32\msvcr100.dll
2014-03-30 06:17:18 ----A---- C:\Windows\system32\msvcp100.dll
2014-03-26 19:45:49 ----A---- C:\Windows\SYSWOW64\FODBCLib.dll
2014-03-26 19:45:47 ----D---- C:\ProgramData\Microsoft NT Ident
2014-03-26 19:45:47 ----D---- C:\ProgramData\Formix
2014-03-26 19:45:47 ----D---- C:\Program Files (x86)\Formix SE

======List of files/folders modified in the last 1 month======

2014-04-25 17:15:55 ----D---- C:\Windows\Prefetch
2014-04-25 17:15:54 ----D---- C:\Windows\Temp
2014-04-25 17:15:54 ----D---- C:\Program Files\trend micro
2014-04-25 17:05:21 ----D---- C:\Windows\system32\config
2014-04-25 17:04:07 ----D---- C:\Windows\System32
2014-04-25 15:59:06 ----D---- C:\Program Files (x86)\MC-TVConverter
2014-04-25 15:58:45 ----RD---- C:\Program Files (x86)
2014-04-25 15:58:45 ----D---- C:\Windows\SysWOW64
2014-04-25 15:58:10 ----D---- C:\Program Files\FileViewPro
2014-04-25 15:57:14 ----SHD---- C:\Windows\Installer
2014-04-25 15:57:00 ----SHD---- C:\System Volume Information
2014-04-25 15:55:03 ----HD---- C:\ProgramData
2014-04-25 13:19:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-24 20:18:32 ----D---- C:\1
2014-04-24 18:18:38 ----D---- C:\Windows\inf
2014-04-24 18:18:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-24 18:16:46 ----D---- C:\Windows\system32\drivers
2014-04-24 18:16:45 ----D---- C:\Windows\system32\LogFiles
2014-04-24 18:16:39 ----D---- C:\Windows\system32\drivers\UMDF
2014-04-24 18:16:38 ----D---- C:\Windows\system32\DriverStore
2014-04-24 18:16:38 ----D---- C:\Windows\system32\catroot
2014-04-24 18:14:59 ----D---- C:\Windows
2014-04-24 13:14:33 ----D---- C:\Windows\winsxs
2014-04-24 13:07:46 ----D---- C:\3
2014-04-22 18:03:23 ----D---- C:\Windows\Microsoft.NET
2014-04-21 11:09:27 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-04-17 12:08:31 ----AD---- C:\BT
2014-04-16 14:44:46 ----D---- C:\Windows\system32\Tasks
2014-04-15 19:38:11 ----D---- C:\Windows\system32\catroot2
2014-04-15 18:11:21 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2014-04-15 14:40:33 ----D---- C:\Windows\rescache
2014-04-15 13:54:32 ----D---- C:\Program Files\Windows Media Player
2014-04-15 13:54:32 ----D---- C:\Program Files (x86)\Windows Media Player
2014-04-15 13:54:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-15 13:54:26 ----D---- C:\Windows\SYSWOW64\wbem
2014-04-15 13:54:26 ----D---- C:\Windows\system32\wbem
2014-04-15 13:54:26 ----D---- C:\Windows\system32\drivers\en-US
2014-04-15 13:54:26 ----D---- C:\Windows\system32\cs-CZ
2014-04-15 13:54:26 ----D---- C:\Windows\AppPatch
2014-04-15 13:54:26 ----D---- C:\Program Files\Internet Explorer
2014-04-15 13:54:25 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-15 13:54:25 ----D---- C:\Windows\system32\en-US
2014-04-15 13:54:25 ----D---- C:\Windows\PolicyDefinitions
2014-04-15 13:54:24 ----RSD---- C:\Windows\Fonts
2014-04-15 13:54:24 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-04-15 13:54:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-15 13:54:22 ----D---- C:\Windows\SYSWOW64\migration
2014-04-15 13:54:22 ----D---- C:\Windows\system32\migration
2014-04-15 13:27:43 ----RSD---- C:\Windows\assembly
2014-04-15 13:24:01 ----SD---- C:\ProgramData\Microsoft
2014-04-15 12:53:43 ----D---- C:\Windows\system32\MRT
2014-04-15 12:52:02 ----D---- C:\Windows\debug
2014-04-15 12:11:47 ----D---- C:\Windows\Panther
2014-04-15 12:11:47 ----D---- C:\Windows\Logs
2014-04-15 10:48:02 ----D---- C:\Windows\Tasks
2014-04-14 14:11:38 ----D---- C:\Program Files (x86)\Common Files
2014-04-14 14:11:34 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-04-14 14:05:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-04-14 14:05:39 ----D---- C:\Program Files (x86)\Microsoft Office
2014-04-14 14:01:36 ----RD---- C:\Program Files
2014-04-09 20:39:56 ----D---- C:\Windows\twain_32
2014-04-09 16:12:21 ----A---- C:\Windows\system32\aswBoot.exe
2014-04-03 19:09:26 ----RD---- C:\Users
2014-04-01 13:03:55 ----D---- C:\david
2014-04-01 09:41:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-31 09:35:08 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-31 03:51:02 ----A---- C:\Windows\system32\MRT.exe
2014-03-27 17:02:37 ----D---- C:\Windows\system32\wdi
2014-03-27 11:56:54 ----D---- C:\Users\uzivatel\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-09 208928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-09 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-09 423240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-09 79184]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-08-18 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-08-17 310272]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-09 84816]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-01 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-14 43832]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-02-10 14112]
S3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [2009-06-10 292224]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-08-17 204288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-09 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-03-30 2211000]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-02-25 108032]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-03-31 2183992]
R2 Update AtuZi;Update AtuZi; C:\Program Files (x86)\AtuZi\updateAtuZi.exe [2014-04-24 350488]
R2 Util AtuZi;Util AtuZi; C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe [2014-04-24 350488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-25 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -s DefaultInstance []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-31 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-30 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-03-30 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2014-04-25 17:15:58

======Uninstall list======

64 Bit HP CIO Components Installer-->MsiExec.exe /I{55D55008-E5F6-47D6-B16F-B2A40D4D145F}
Acoustica CD/DVD Label Maker-->C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe UNINSTALL
Adobe Flash Player 13 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_ActiveX.exe -maintain activex
Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_182_Plugin.exe -maintain plugin
Adobe Reader X (10.1.9) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Ashampoo Burning Studio 6 FREE v.6.84-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\unins001.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
AVG PC TuneUp 2014-->C:\Program Files (x86)\AVG\AVG PC TuneUp\TUInstallHelper.exe --Trigger-Uninstall
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe"
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Centrum zařízení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
Formix SE - formuláře kanceláře-->"C:\Program Files (x86)\Formix SE\unins000.exe"
Freemake Video Converter verze 4.1.3-->"C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe"
GIMP 2.8.6-->"C:\Program Files\GIMP 2\uninst\unins000.exe"
HP Customer Participation Program 13.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.5-->C:\Program Files (x86)\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B-->C:\Program Files (x86)\HP\Digital Imaging\{B61ED343-0B14-4241-999C-490CB1A20DA4}\setup\hpzscr40.exe -datfile hposcr19.dat -onestop -forcereboot
HP Smart Web Printing 4.51-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Java 7 Update 51-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217051FF}
K-Lite Mega Codec Pack 10.4.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Office 365 - cs-cz-->"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4605.1003 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 28.0 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSI to redistribute MS VS2005 CRT libraries-->MsiExec.exe /I{A8D93648-9F7F-407D-915C-62044644C3DA}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
OCR Software by I.R.I.S. 13.0-->C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Office 15 Click-to-Run Extensibility Component-->MsiExec.exe /X{90150000-008C-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Licensing Component-->MsiExec.exe /I{90150000-008F-0000-1000-0000000FF1CE}
Office 15 Click-to-Run Localization Component-->MsiExec.exe /X{90150000-008C-0405-0000-0000000FF1CE}
OpenOffice 4.0.1-->MsiExec.exe /I{220C463A-2890-4C7F-B97C-C49FE175B849}
Photo Story 3 pro Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Synaptics TouchPad Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The KMPlayer (remove only)-->"C:\The KMPlayer\uninstall.exe"
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Zoner Photo Studio 10-->"C:\Program Files (x86)\Zoner\Photo Studio 10\unins000.exe" /SILENT /SILENT

======System event log======

Computer Name: uzivatel-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 12128
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153749.341637-000
Event Type: Informace
User: uzivatel-PC\uzivatel

Computer Name: uzivatel-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Media Center.
Record Number: 12127
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153749.201237-000
Event Type: Informace
User: uzivatel-PC\uzivatel

Computer Name: uzivatel-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Key Management Service.
Record Number: 12126
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153749.029636-000
Event Type: Informace
User: uzivatel-PC\uzivatel

Computer Name: uzivatel-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Internet Explorer.
Record Number: 12125
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153748.858036-000
Event Type: Informace
User: uzivatel-PC\uzivatel

Computer Name: uzivatel-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 12124
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153748.655236-000
Event Type: Informace
User: uzivatel-PC\uzivatel

=====Application event log=====

Computer Name: uzivatel-PC
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2843
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140321154157.940830-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: uzivatel-PC
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2842
Source Name: Microsoft-Windows-EventSystem
Time Written: 20140321154157.000000-000
Event Type: Informace
User:

Computer Name: uzivatel-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.

Record Number: 2841
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140321154118.920994-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: uzivatel-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 2840
Source Name: Microsoft-Windows-Winlogon
Time Written: 20140321154117.000000-000
Event Type: Informace
User:

Computer Name: uzivatel-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 2839
Source Name: Desktop Window Manager
Time Written: 20140321154117.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: uzivatel-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3919
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140321154156.271627-000
Event Type: Úspěšný audit
User:

Computer Name: uzivatel-PC
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 3918
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140321154156.271627-000
Event Type: Úspěšný audit
User:

Computer Name: uzivatel-PC
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:

Předmět:
ID zabezpečení: S-1-5-21-1179131461-2123647519-3716675352-1001
Název účtu: uzivatel
Doména účtu: uzivatel-PC
ID přihlášení: 0x1797e

Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 3917
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140321154117.095791-000
Event Type: Úspěšný audit
User:

Computer Name: uzivatel-PC
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 3916
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321154118.936594-000
Event Type: Úspěšný audit
User:

Computer Name: uzivatel-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1179131461-2123647519-3716675352-1001
Název účtu: uzivatel
Název domény: uzivatel-PC
ID přihlášení: 0x1797e
Record Number: 3915
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140321153748.218435-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 26 dub 2014 08:35

Zdravim

Pozor na pouzivani TuneUp, dokaze to v pc nadelat peknou paseku.

Vidim tam smejda

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Pavouk1 · #3 Příspěvek od **Pavouk1** » 27 dub 2014 12:06

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.04.27.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17041
uzivatel :: UZIVATEL-PC [administrátor]

Ochrana: Povolena

27.4.2014 12:18:43
MBAM-log-2014-04-27 (13-03-19).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 354750
Uplynulý čas: 44 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Users\uzivatel\AppData\Local\Temp\CT1750559 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 5
C:\BT\Ondra100\FreemakeVideoConverterSetup.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\BT\Ondra100\14\Brothersoft_downloader_For_Dune_II.exe (PUP.Optional.BSDownloader) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDZLKYMA\Offercast2802_PTV_[1].exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\Downloads\bsplayer_2.66.1075.exe (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Users\uzivatel\Downloads\sam_broadcaster_cs.exe (PUP.Optional.InstallCore) -> Nebyla provedena žádná instrukce.

(konec)

#4 Příspěvek od **Márty84** » 27 dub 2014 12:54

Nalezy nechte odstranit, pak MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Pavouk1 · #5 Příspěvek od **Pavouk1** » 27 dub 2014 18:45

# AdwCleaner v3.204 - Report created 27/04/2014 at 19:42:21
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : uzivatel - UZIVATEL-PC
# Running from : C:\Users\uzivatel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\prefs.js ]

*************************

AdwCleaner[R1].txt - [1398 octets] - [27/04/2014 19:40:29]
AdwCleaner[S1].txt - [1237 octets] - [27/04/2014 19:42:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1297 octets] ##########

#6 Příspěvek od **Márty84** » 27 dub 2014 18:46

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Pavouk1 · #7 Příspěvek od **Pavouk1** » 27 dub 2014 18:51

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 04/27/2014 19:50:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @firefox.exe (DllMain) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\napinsp.dll @ 0x715716E4)
[Address] EAT @firefox.exe (NSPStartup) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\napinsp.dll @ 0x71571D20)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 302729fe394d81b4b60fcfaca5164f95
[BSP] b9c89de23a2c3c9da0ac549d792ad6ef : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 476738 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04272014_195054.txt >>

#8 Příspěvek od **Márty84** » 28 dub 2014 02:15

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Pavouk1 · #9 Příspěvek od **Pavouk1** » 28 dub 2014 09:53

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 04/28/2014 10:53:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
[Address] EAT @firefox.exe (DllMain) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\napinsp.dll @ 0x715716E4)
[Address] EAT @firefox.exe (NSPStartup) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\napinsp.dll @ 0x71571D20)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 302729fe394d81b4b60fcfaca5164f95
[BSP] b9c89de23a2c3c9da0ac549d792ad6ef : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 476738 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04282014_105311.txt >>
RKreport[0]_D_04282014_105034.txt;RKreport[0]_S_04272014_195054.txt

Pavouk1 · #10 Příspěvek od **Pavouk1** » 28 dub 2014 09:55

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/28/2014 10:54:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_04282014_105417.txt >>
RKreport[0]_D_04282014_105034.txt;RKreport[0]_S_04272014_195054.txt;RKreport[0]_S_04282014_105311.txt

#11 Příspěvek od **Márty84** » 28 dub 2014 17:01

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Pavouk1 · #12 Příspěvek od **Pavouk1** » 29 dub 2014 11:51

ComboFix 14-04-29.01 - uzivatel 29.04.2014 12:42:51.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4044.2678 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-29 )))))))))))))))))))))))))))))))
.
.
2014-04-29 10:48 . 2014-04-29 10:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-28 12:05 . 2014-04-28 12:05 -------- d-----w- c:\program files\Microsoft Silverlight
2014-04-28 12:05 . 2014-04-28 12:05 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-04-28 09:01 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1ED8B736-0032-4333-8669-DD3D1D28AF0A}\mpengine.dll
2014-04-27 17:40 . 2014-04-27 17:42 -------- d-----w- C:\AdwCleaner
2014-04-27 10:17 . 2014-04-27 10:17 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2014-04-27 10:17 . 2014-04-27 10:17 -------- d-----w- c:\programdata\Malwarebytes
2014-04-25 15:15 . 2014-04-25 15:15 -------- d-----w- C:\rsit
2014-04-25 13:57 . 2014-04-25 13:57 -------- d-----w- c:\windows\system32\appmgmt
2014-04-25 13:54 . 2014-04-25 13:54 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-04-25 11:19 . 2014-04-25 11:19 -------- d-----w- c:\programdata\McAfee
2014-04-24 17:55 . 2014-04-24 17:55 -------- d-----w- c:\program files (x86)\Photo Story 3 for Windows
2014-04-24 16:14 . 2014-04-24 16:16 -------- d-----w- c:\windows\WindowsMobile
2014-04-24 12:34 . 2014-04-25 13:54 -------- d-----w- c:\program files (x86)\AtuZi
2014-04-24 12:32 . 2014-04-24 12:32 -------- d-----w- c:\users\uzivatel\AppData\Local\Comodo
2014-04-24 12:31 . 2014-04-28 10:19 -------- d-----w- C:\The KMPlayer
2014-04-24 12:14 . 2014-04-25 13:56 -------- d-----w- c:\program files (x86)\TPlayer
2014-04-24 11:15 . 2014-04-24 12:43 -------- d-----w- c:\users\uzivatel\AppData\Local\SpacialAudio
2014-04-24 11:15 . 2014-04-24 12:43 -------- d-----w- c:\programdata\firebird
2014-04-24 11:14 . 2014-04-24 11:14 -------- d-----w- c:\program files (x86)\Firebird
2014-04-24 11:14 . 2014-04-24 11:14 -------- d-----w- c:\program files (x86)\SpacialAudio
2014-04-22 15:35 . 2014-04-24 11:06 -------- d-----w- C:\11
2014-04-20 16:03 . 2014-04-20 16:11 -------- d-----w- C:\10
2014-04-16 12:39 . 2014-04-17 08:27 -------- d-----w- c:\users\uzivatel\AppData\Roaming\BSplayer
2014-04-16 12:39 . 2014-04-16 12:39 -------- d-----w- c:\users\uzivatel\AppData\Roaming\BSplayer Pro
2014-04-16 12:39 . 2014-04-17 08:36 -------- d-----w- c:\program files (x86)\Webteh
2014-04-15 11:31 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-15 11:31 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-04-15 11:31 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-15 11:31 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-04-15 11:31 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-04-15 11:24 . 2014-04-15 11:24 -------- d-----w- c:\windows\Migration
2014-04-15 11:18 . 2014-03-06 06:00 359936 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-15 11:17 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-04-15 11:16 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-15 11:16 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-04-15 11:16 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-04-15 11:16 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-04-15 11:16 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-04-15 11:16 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-04-15 11:16 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-04-15 11:14 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-15 11:14 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-15 11:14 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-15 11:14 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-15 11:14 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-15 11:14 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-15 11:14 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-15 11:09 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-04-15 11:09 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-04-15 10:54 . 2014-04-15 10:54 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-04-15 10:50 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-04-15 10:50 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-04-15 10:50 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-04-15 10:50 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-04-15 10:50 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-04-15 10:49 . 2014-03-04 09:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-15 10:49 . 2014-03-04 09:44 243712 ----a-w- c:\windows\system32\wow64.dll
2014-04-15 10:49 . 2014-03-04 09:44 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-04-15 10:49 . 2014-03-04 09:44 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-04-15 10:49 . 2014-03-04 09:44 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-04-15 10:49 . 2014-03-04 09:17 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-04-15 10:49 . 2014-03-04 09:16 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-04-15 10:49 . 2014-03-04 09:16 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-04-15 10:49 . 2014-03-04 08:09 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-04-15 10:49 . 2014-03-04 08:09 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-04-15 10:40 . 2014-04-15 10:40 -------- d-----w- c:\windows\SysWow64\Wat
2014-04-15 10:40 . 2014-04-15 10:40 -------- d-----w- c:\windows\system32\Wat
2014-04-15 09:34 . 2014-04-15 09:34 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AVG
2014-04-15 09:34 . 2014-04-15 09:34 -------- d-----w- c:\users\uzivatel\AppData\Local\AVG
2014-04-15 09:30 . 2014-04-15 09:36 -------- d-----w- c:\programdata\AVG
2014-04-15 09:30 . 2014-04-15 09:42 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-15 09:30 . 2014-04-15 09:30 -------- d--h--w- c:\programdata\Common Files
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----r- c:\users\uzivatel\OneDrive
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----w- c:\programdata\Microsoft OneDrive
2014-04-14 12:06 . 2014-04-14 12:05 578256 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-04-14 12:05 . 2014-04-14 12:11 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-04-14 12:01 . 2014-04-14 12:01 -------- d-----w- c:\program files\Microsoft Office 15
2014-04-09 18:46 . 2014-04-09 18:46 -------- d-----w- c:\users\uzivatel\AppData\Roaming\HP
2014-04-09 18:41 . 2014-04-09 18:41 -------- d-----w- c:\programdata\HP Product Assistant
2014-04-09 18:40 . 2014-04-09 18:40 -------- d-----w- c:\windows\SysWow64\spool
2014-04-09 18:39 . 2014-04-09 18:39 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2014-04-09 18:39 . 2014-04-09 18:39 -------- d-----w- c:\program files (x86)\Common Files\HP
2014-04-09 18:38 . 2014-04-09 18:41 -------- d-----w- c:\program files (x86)\HP
2014-04-09 18:37 . 2014-04-09 18:37 -------- d-----w- c:\program files\HP
2014-04-09 18:36 . 2014-04-09 18:41 -------- d-----w- c:\programdata\HP
2014-04-09 14:12 . 2014-04-09 14:12 43152 ----a-w- c:\windows\avastSS.scr
2014-04-08 16:03 . 2014-04-08 16:03 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Acoustica
2014-04-08 16:02 . 2014-04-08 16:04 -------- d-----w- c:\program files (x86)\Acoustica CD Label Maker
2014-04-08 16:02 . 2007-12-21 15:07 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-04-07 14:41 . 2014-04-07 14:48 -------- d-----w- C:\ceské 2
2014-04-04 10:40 . 2014-04-08 15:45 -------- d-----w- C:\české 1
2014-04-02 16:47 . 2014-04-08 13:28 -------- d-----w- C:\9
2014-04-02 07:20 . 2014-04-02 07:54 -------- d-----w- C:\8
2014-04-02 06:15 . 2014-04-02 06:17 -------- d-----w- C:\7
2014-03-31 13:48 . 2014-04-04 10:04 -------- d-----w- C:\české
2014-03-30 18:19 . 2014-03-30 18:30 -------- d-----w- C:\5
2014-03-30 18:16 . 2014-03-30 18:25 -------- d-----w- C:\4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-25 11:19 . 2014-02-18 09:17 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-25 11:19 . 2012-05-25 14:09 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-09 14:12 . 2014-02-13 09:21 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-09 14:12 . 2014-02-13 09:21 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-09 14:12 . 2014-02-13 09:21 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 14:12 . 2014-02-13 09:21 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-09 14:12 . 2014-02-13 09:21 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 14:12 . 2014-02-13 09:21 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-09 14:12 . 2014-02-13 09:21 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-09 14:12 . 2014-02-13 09:21 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-31 01:51 . 2014-02-06 10:13 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-30 04:17 . 2014-03-30 04:17 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-03-30 04:17 . 2014-03-30 04:17 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-03-24 18:00 . 2014-03-25 10:05 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2014-03-24 18:00 . 2014-03-25 10:04 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-03-24 15:41 . 2014-03-24 15:41 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-03-24 15:40 . 2014-03-24 15:40 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-03-24 15:40 . 2014-03-24 15:40 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-03-24 15:40 . 2014-03-24 15:40 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-03-24 15:40 . 2014-03-24 15:40 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-03-24 15:40 . 2014-03-24 15:40 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-24 15:40 . 2014-03-24 15:40 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-24 15:40 . 2014-03-24 15:40 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-03-24 15:40 . 2014-03-24 15:40 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-03-24 15:40 . 2014-03-24 15:40 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-03-24 15:40 . 2014-03-24 15:40 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-03-24 15:40 . 2014-03-24 15:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-03-24 15:40 . 2014-03-24 15:40 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-03-24 15:40 . 2014-03-24 15:40 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-03-24 15:40 . 2014-03-24 15:40 247808 ----a-w- c:\windows\system32\msls31.dll
2014-03-24 15:40 . 2014-03-24 15:40 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-03-24 15:40 . 2014-03-24 15:40 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-03-24 15:40 . 2014-03-24 15:40 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-03-24 15:40 . 2014-03-24 15:40 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-03-24 15:40 . 2014-03-24 15:40 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-03-24 15:40 . 2014-03-24 15:40 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-03-24 15:40 . 2014-03-24 15:40 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-03-24 15:40 . 2014-03-24 15:40 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-03-24 15:40 . 2014-03-24 15:40 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-03-24 15:40 . 2014-03-24 15:40 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-03-24 15:40 . 2014-03-24 15:40 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-03-24 15:40 . 2014-03-24 15:40 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-03-24 15:40 . 2014-03-24 15:40 81408 ----a-w- c:\windows\system32\icardie.dll
2014-03-24 15:40 . 2014-03-24 15:40 774144 ----a-w- c:\windows\system32\jscript.dll
2014-03-24 15:40 . 2014-03-24 15:40 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-03-24 15:40 . 2014-03-24 15:40 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-03-24 15:40 . 2014-03-24 15:40 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-03-24 15:40 . 2014-03-24 15:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-03-24 15:40 . 2014-03-24 15:40 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-03-24 15:40 . 2014-03-24 15:40 413696 ----a-w- c:\windows\system32\html.iec
2014-03-24 15:40 . 2014-03-24 15:40 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-24 15:40 . 2014-03-24 15:40 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-03-24 15:40 . 2014-03-24 15:40 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-03-24 15:40 . 2014-03-24 15:40 235520 ----a-w- c:\windows\system32\url.dll
2014-03-24 15:40 . 2014-03-24 15:40 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-03-24 15:40 . 2014-03-24 15:40 147968 ----a-w- c:\windows\system32\occache.dll
2014-03-24 15:40 . 2014-03-24 15:40 143872 ----a-w- c:\windows\system32\wextract.exe
2014-03-24 15:40 . 2014-03-24 15:40 13824 ----a-w- c:\windows\system32\mshta.exe
2014-03-24 15:40 . 2014-03-24 15:40 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-03-24 15:40 . 2014-03-24 15:40 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-03-24 15:40 . 2014-03-24 15:40 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-03-24 15:40 . 2014-03-24 15:40 101376 ----a-w- c:\windows\system32\inseng.dll
2014-03-24 15:38 . 2014-03-24 15:38 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-03-24 15:38 . 2014-03-24 15:38 859648 ----a-w- c:\windows\system32\tdh.dll
2014-03-24 15:38 . 2014-03-24 15:38 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-03-24 15:38 . 2014-03-24 15:38 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-03-24 15:38 . 2014-03-24 15:38 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-24 15:38 . 2014-03-24 15:38 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-03-24 15:38 . 2014-03-24 15:38 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-03-24 15:38 . 2014-03-24 15:38 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-03-24 15:38 . 2014-03-24 15:38 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-03-24 15:37 . 2014-03-24 15:37 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-03-24 15:37 . 2014-03-24 15:37 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-03-24 15:37 . 2014-03-24 15:37 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-11 10:14 . 2014-03-11 10:14 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-04 09:17 . 2014-04-15 10:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-03 17:33 . 2014-03-03 17:33 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-03-03 17:33 . 2014-03-03 17:33 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-03-03 17:33 . 2014-03-03 17:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-03-03 17:33 . 2014-03-03 17:33 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-03-03 17:33 . 2014-03-03 17:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-03-03 17:33 . 2014-03-03 17:33 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-03-03 17:33 . 2014-03-03 17:33 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{21c3c001-576e-4193-8e6a-b76f1fdd79ce}]
2014-04-24 09:32 249624 ----a-w- c:\program files (x86)\AtuZi\AtuZiBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-09 3854640]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"="c:\program files\AVAST Software\Avast\setup\emupdate\523a6997-f3e3-42a4-95c0-8fa1df15d491.exe" [2014-04-29 181136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys;c:\windows\SYSNATIVE\drivers\AVerFx2hbtv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 Update AtuZi;Update AtuZi;c:\program files (x86)\AtuZi\updateAtuZi.exe;c:\program files (x86)\AtuZi\updateAtuZi.exe [x]
S2 Util AtuZi;Util AtuZi;c:\program files (x86)\AtuZi\bin\utilAtuZi.exe;c:\program files (x86)\AtuZi\bin\utilAtuZi.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-18 11:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-09 14:12 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.2
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-29 12:50:25
ComboFix-quarantined-files.txt 2014-04-29 10:50
.
Před spuštěním: Volných bajtů: 165 339 152 384
Po spuštění: Volných bajtů: 165 061 492 736
.
- - End Of File - - 89859BBEC517F93327716CFB979F23AA
A36C5E4F47E84449FF07ED3517B43A31

#13 Příspěvek od **Márty84** » 30 dub 2014 01:35

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\AtuZi

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
Update AtuZi
Util AtuZi

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Pavouk1 · #14 Příspěvek od **Pavouk1** » 30 dub 2014 15:34

ComboFix 14-04-30.01 - uzivatel 30.04.2014 16:21:35.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4044.2734 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AtuZi
c:\program files (x86)\AtuZi\0
c:\program files (x86)\AtuZi\AtuZi.ico
c:\program files (x86)\AtuZi\AtuZiBHO.dll
c:\program files (x86)\AtuZi\bin\sqlite3.dll
c:\program files (x86)\AtuZi\bin\utilAtuZi.exe
c:\program files (x86)\AtuZi\bin\utilAtuZi.InstallState
c:\program files (x86)\AtuZi\updateAtuZi.exe
c:\program files (x86)\AtuZi\updateAtuZi.InstallState
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Update AtuZi
-------\Service_Util AtuZi
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-30 )))))))))))))))))))))))))))))))
.
.
2014-04-28 12:05 . 2014-04-28 12:05 -------- d-----w- c:\program files\Microsoft Silverlight
2014-04-28 12:05 . 2014-04-28 12:05 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-04-28 09:01 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1ED8B736-0032-4333-8669-DD3D1D28AF0A}\mpengine.dll
2014-04-27 17:40 . 2014-04-27 17:42 -------- d-----w- C:\AdwCleaner
2014-04-27 10:17 . 2014-04-27 10:17 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2014-04-27 10:17 . 2014-04-27 10:17 -------- d-----w- c:\programdata\Malwarebytes
2014-04-25 15:15 . 2014-04-25 15:15 -------- d-----w- C:\rsit
2014-04-25 13:57 . 2014-04-25 13:57 -------- d-----w- c:\windows\system32\appmgmt
2014-04-25 13:54 . 2014-04-25 13:54 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-04-25 11:19 . 2014-04-25 11:19 -------- d-----w- c:\programdata\McAfee
2014-04-24 17:55 . 2014-04-24 17:55 -------- d-----w- c:\program files (x86)\Photo Story 3 for Windows
2014-04-24 16:14 . 2014-04-24 16:16 -------- d-----w- c:\windows\WindowsMobile
2014-04-24 12:32 . 2014-04-24 12:32 -------- d-----w- c:\users\uzivatel\AppData\Local\Comodo
2014-04-24 12:31 . 2014-04-28 10:19 -------- d-----w- C:\The KMPlayer
2014-04-24 12:14 . 2014-04-25 13:56 -------- d-----w- c:\program files (x86)\TPlayer
2014-04-24 11:15 . 2014-04-24 12:43 -------- d-----w- c:\users\uzivatel\AppData\Local\SpacialAudio
2014-04-24 11:15 . 2014-04-24 12:43 -------- d-----w- c:\programdata\firebird
2014-04-24 11:14 . 2014-04-24 11:14 -------- d-----w- c:\program files (x86)\Firebird
2014-04-24 11:14 . 2014-04-24 11:14 -------- d-----w- c:\program files (x86)\SpacialAudio
2014-04-22 15:35 . 2014-04-24 11:06 -------- d-----w- C:\11
2014-04-20 16:03 . 2014-04-20 16:11 -------- d-----w- C:\10
2014-04-16 12:39 . 2014-04-17 08:27 -------- d-----w- c:\users\uzivatel\AppData\Roaming\BSplayer
2014-04-16 12:39 . 2014-04-16 12:39 -------- d-----w- c:\users\uzivatel\AppData\Roaming\BSplayer Pro
2014-04-16 12:39 . 2014-04-17 08:36 -------- d-----w- c:\program files (x86)\Webteh
2014-04-15 11:31 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-04-15 11:31 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-04-15 11:31 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-04-15 11:31 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-04-15 11:31 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-04-15 11:24 . 2014-04-15 11:24 -------- d-----w- c:\windows\Migration
2014-04-15 11:18 . 2014-03-06 06:00 359936 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-15 11:17 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-04-15 11:16 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-15 11:16 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-04-15 11:16 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-04-15 11:16 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-04-15 11:16 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-04-15 11:16 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-04-15 11:16 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-04-15 11:14 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-04-15 11:14 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-04-15 11:14 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-04-15 11:14 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-04-15 11:14 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-04-15 11:14 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-04-15 11:14 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-04-15 11:09 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-04-15 11:09 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-04-15 10:54 . 2014-04-15 10:54 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-04-15 10:50 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-04-15 10:50 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-04-15 10:50 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-04-15 10:50 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-04-15 10:50 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-04-15 10:49 . 2014-03-04 09:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-15 10:49 . 2014-03-04 09:44 243712 ----a-w- c:\windows\system32\wow64.dll
2014-04-15 10:49 . 2014-03-04 09:44 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-04-15 10:49 . 2014-03-04 09:44 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-04-15 10:49 . 2014-03-04 09:44 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-04-15 10:49 . 2014-03-04 09:17 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-04-15 10:49 . 2014-03-04 09:16 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-04-15 10:49 . 2014-03-04 09:16 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-04-15 10:49 . 2014-03-04 08:09 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-04-15 10:49 . 2014-03-04 08:09 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-04-15 10:40 . 2014-04-15 10:40 -------- d-----w- c:\windows\SysWow64\Wat
2014-04-15 10:40 . 2014-04-15 10:40 -------- d-----w- c:\windows\system32\Wat
2014-04-15 09:34 . 2014-04-15 09:34 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AVG
2014-04-15 09:34 . 2014-04-15 09:34 -------- d-----w- c:\users\uzivatel\AppData\Local\AVG
2014-04-15 09:30 . 2014-04-15 09:36 -------- d-----w- c:\programdata\AVG
2014-04-15 09:30 . 2014-04-15 09:42 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-15 09:30 . 2014-04-15 09:30 -------- d--h--w- c:\programdata\Common Files
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----r- c:\users\uzivatel\OneDrive
2014-04-14 12:12 . 2014-04-14 12:12 -------- d-----w- c:\programdata\Microsoft OneDrive
2014-04-14 12:06 . 2014-04-14 12:05 578256 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-04-14 12:05 . 2014-04-14 12:11 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-04-14 12:01 . 2014-04-14 12:01 -------- d-----w- c:\program files\Microsoft Office 15
2014-04-09 18:46 . 2014-04-09 18:46 -------- d-----w- c:\users\uzivatel\AppData\Roaming\HP
2014-04-09 18:41 . 2014-04-09 18:41 -------- d-----w- c:\programdata\HP Product Assistant
2014-04-09 18:40 . 2014-04-09 18:40 -------- d-----w- c:\windows\SysWow64\spool
2014-04-09 18:39 . 2014-04-09 18:39 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2014-04-09 18:39 . 2014-04-09 18:39 -------- d-----w- c:\program files (x86)\Common Files\HP
2014-04-09 18:38 . 2014-04-09 18:41 -------- d-----w- c:\program files (x86)\HP
2014-04-09 18:37 . 2014-04-09 18:37 -------- d-----w- c:\program files\HP
2014-04-09 18:36 . 2014-04-09 18:41 -------- d-----w- c:\programdata\HP
2014-04-09 14:12 . 2014-04-09 14:12 43152 ----a-w- c:\windows\avastSS.scr
2014-04-08 16:03 . 2014-04-08 16:03 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Acoustica
2014-04-08 16:02 . 2014-04-08 16:04 -------- d-----w- c:\program files (x86)\Acoustica CD Label Maker
2014-04-08 16:02 . 2007-12-21 15:07 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-04-07 14:41 . 2014-04-07 14:48 -------- d-----w- C:\ceské 2
2014-04-04 10:40 . 2014-04-08 15:45 -------- d-----w- C:\české 1
2014-04-02 16:47 . 2014-04-08 13:28 -------- d-----w- C:\9
2014-04-02 07:20 . 2014-04-02 07:54 -------- d-----w- C:\8
2014-04-02 06:15 . 2014-04-02 06:17 -------- d-----w- C:\7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 13:40 . 2014-02-18 09:17 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 13:40 . 2012-05-25 14:09 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-09 14:12 . 2014-02-13 09:21 84816 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-04-09 14:12 . 2014-02-13 09:21 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-09 14:12 . 2014-02-13 09:21 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 14:12 . 2014-02-13 09:21 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-09 14:12 . 2014-02-13 09:21 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 14:12 . 2014-02-13 09:21 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-09 14:12 . 2014-02-13 09:21 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-09 14:12 . 2014-02-13 09:21 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-31 07:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-31 01:51 . 2014-02-06 10:13 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-30 04:17 . 2014-03-30 04:17 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-03-30 04:17 . 2014-03-30 04:17 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-03-24 18:00 . 2014-03-25 10:05 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2014-03-24 18:00 . 2014-03-25 10:04 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-03-24 15:41 . 2014-03-24 15:41 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-03-24 15:40 . 2014-03-24 15:40 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-03-24 15:40 . 2014-03-24 15:40 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-03-24 15:40 . 2014-03-24 15:40 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-03-24 15:40 . 2014-03-24 15:40 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-03-24 15:40 . 2014-03-24 15:40 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-24 15:40 . 2014-03-24 15:40 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-24 15:40 . 2014-03-24 15:40 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-03-24 15:40 . 2014-03-24 15:40 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-03-24 15:40 . 2014-03-24 15:40 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-03-24 15:40 . 2014-03-24 15:40 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-03-24 15:40 . 2014-03-24 15:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-03-24 15:40 . 2014-03-24 15:40 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-03-24 15:40 . 2014-03-24 15:40 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-03-24 15:40 . 2014-03-24 15:40 247808 ----a-w- c:\windows\system32\msls31.dll
2014-03-24 15:40 . 2014-03-24 15:40 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-03-24 15:40 . 2014-03-24 15:40 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-03-24 15:40 . 2014-03-24 15:40 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-03-24 15:40 . 2014-03-24 15:40 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-03-24 15:40 . 2014-03-24 15:40 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-03-24 15:40 . 2014-03-24 15:40 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-03-24 15:40 . 2014-03-24 15:40 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-03-24 15:40 . 2014-03-24 15:40 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-03-24 15:40 . 2014-03-24 15:40 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-03-24 15:40 . 2014-03-24 15:40 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-03-24 15:40 . 2014-03-24 15:40 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-03-24 15:40 . 2014-03-24 15:40 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-03-24 15:40 . 2014-03-24 15:40 81408 ----a-w- c:\windows\system32\icardie.dll
2014-03-24 15:40 . 2014-03-24 15:40 774144 ----a-w- c:\windows\system32\jscript.dll
2014-03-24 15:40 . 2014-03-24 15:40 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-03-24 15:40 . 2014-03-24 15:40 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-03-24 15:40 . 2014-03-24 15:40 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-03-24 15:40 . 2014-03-24 15:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-03-24 15:40 . 2014-03-24 15:40 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-03-24 15:40 . 2014-03-24 15:40 413696 ----a-w- c:\windows\system32\html.iec
2014-03-24 15:40 . 2014-03-24 15:40 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-24 15:40 . 2014-03-24 15:40 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-03-24 15:40 . 2014-03-24 15:40 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-03-24 15:40 . 2014-03-24 15:40 235520 ----a-w- c:\windows\system32\url.dll
2014-03-24 15:40 . 2014-03-24 15:40 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-03-24 15:40 . 2014-03-24 15:40 147968 ----a-w- c:\windows\system32\occache.dll
2014-03-24 15:40 . 2014-03-24 15:40 143872 ----a-w- c:\windows\system32\wextract.exe
2014-03-24 15:40 . 2014-03-24 15:40 13824 ----a-w- c:\windows\system32\mshta.exe
2014-03-24 15:40 . 2014-03-24 15:40 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-03-24 15:40 . 2014-03-24 15:40 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-03-24 15:40 . 2014-03-24 15:40 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-03-24 15:40 . 2014-03-24 15:40 101376 ----a-w- c:\windows\system32\inseng.dll
2014-03-24 15:38 . 2014-03-24 15:38 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-03-24 15:38 . 2014-03-24 15:38 859648 ----a-w- c:\windows\system32\tdh.dll
2014-03-24 15:38 . 2014-03-24 15:38 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-03-24 15:38 . 2014-03-24 15:38 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-03-24 15:38 . 2014-03-24 15:38 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-24 15:38 . 2014-03-24 15:38 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-03-24 15:38 . 2014-03-24 15:38 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-03-24 15:38 . 2014-03-24 15:38 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-03-24 15:38 . 2014-03-24 15:38 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-03-24 15:37 . 2014-03-24 15:37 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-03-24 15:37 . 2014-03-24 15:37 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-03-24 15:37 . 2014-03-24 15:37 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-11 10:14 . 2014-03-11 10:14 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-04 09:17 . 2014-04-15 10:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-03 17:33 . 2014-03-03 17:33 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-03-03 17:33 . 2014-03-03 17:33 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-03-03 17:33 . 2014-03-03 17:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-03-03 17:33 . 2014-03-03 17:33 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-03-03 17:33 . 2014-03-03 17:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-03 17:33 . 2014-03-03 17:33 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-03-03 17:33 . 2014-03-03 17:33 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-03-03 17:33 . 2014-03-03 17:33 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-14 12:14 223432 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-09 3854640]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys;c:\windows\SYSNATIVE\drivers\AVerFx2hbtv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-18 13:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-14 12:14 262344 ----a-w- c:\users\uzivatel\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-14 12:07 2333400 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-09 14:12 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.2
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{21c3c001-576e-4193-8e6a-b76f1fdd79ce} - c:\program files (x86)\AtuZi\AtuZibho.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-04-30 16:33:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-30 14:33
ComboFix2.txt 2014-04-29 10:50
.
Před spuštěním: Volných bajtů: 160 045 522 944
Po spuštění: Volných bajtů: 159 869 263 872
.
- - End Of File - - 78085D1F82FA5985E54F77635B0CAC46
A36C5E4F47E84449FF07ED3517B43A31

#15 Příspěvek od **Márty84** » 30 dub 2014 17:17

Dejte novy log z RSIT

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu