Prosím o kontrolu logu ComboFix

Zpráva

goha · #16 Příspěvek od **goha** » 23 dub 2014 07:09

Teď jsem jen nakoukl, musím hned odjet. Večer to udělám a vložím sem.
Zatím díky.

#17 Příspěvek od **vyosek** » 23 dub 2014 10:36

Ou Kej

goha · #18 Příspěvek od **goha** » 23 dub 2014 20:34

Zde je ten log:

# AdwCleaner v3.201 - Report created 23/04/2014 at 21:30:21
# Updated 22/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : BetaVerze - BETAVERZE-PC
# Running from : C:\Users\BetaVerze\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
File Found : C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Found : C:\Users\BetaVerze\daemonprocess.txt
Folder Found : C:\Users\BetaVerze\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found C:\Program Files (x86)\Crawler
Folder Found C:\ProgramData\fighters
Folder Found C:\Users\BetaVerze\.android
Folder Found C:\Users\BetaVerze\AppData\Local\fighters
Folder Found C:\Users\BetaVerze\AppData\Roaming\fighters
Folder Found C:\Users\BetaVerze\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk ( /showurl hxxp://www.crawler.com/help/default.aspx?src=TbMenu )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk ( /showurl hxxp://www.crawler.com/products/ )

***** [ Registry ] *****

Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\CToolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540

-\\ Mozilla Firefox v19.0.2 (cs)

[ File : C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\prefs.js ]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\BetaVerze\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj

*************************

AdwCleaner[R5].txt - [4269 octets] - [23/04/2014 21:30:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [4329 octets] ##########

#19 Příspěvek od **vyosek** » 23 dub 2014 22:23

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

goha · #20 Příspěvek od **goha** » 23 dub 2014 22:57

Tady je nový log po opravě:

# AdwCleaner v3.201 - Report created 23/04/2014 at 23:50:35
# Updated 22/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : BetaVerze - BETAVERZE-PC
# Running from : C:\Users\BetaVerze\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\fighters
Folder Deleted : C:\Program Files (x86)\Crawler
Folder Deleted : C:\Users\BetaVerze\.android
Folder Deleted : C:\Users\BetaVerze\AppData\Local\fighters
Folder Deleted : C:\Users\BetaVerze\AppData\Roaming\fighters
Folder Deleted : C:\Users\BetaVerze\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\BetaVerze\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
File Deleted : C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Deleted : C:\Users\BetaVerze\daemonprocess.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\CToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16540

-\\ Mozilla Firefox v19.0.2 (cs)

[ File : C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\prefs.js ]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\BetaVerze\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj

*************************

AdwCleaner[R5].txt - [4441 octets] - [23/04/2014 21:30:21]
AdwCleaner[R6].txt - [4501 octets] - [23/04/2014 23:49:42]
AdwCleaner[S3].txt - [4192 octets] - [23/04/2014 23:50:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4252 octets] ##########

goha · #21 Příspěvek od **goha** » 25 dub 2014 15:25

Jak bych měl postupovat dál?

#22 Příspěvek od **vyosek** » 28 dub 2014 11:11

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

goha · #23 Příspěvek od **goha** » 28 dub 2014 12:21

Zde je příslušný log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16545 BrowserJavaVersion: 10.51.2
Run by BetaVerze at 13:16:14 on 2014-04-28
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.6575 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Windows\SysWOW64\winver.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\ASUS\AASP\1.01.05\aaCenter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\splwow64.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
C:\Program Files (x86)\SeaMonkey\seamonkey.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uProxyServer = localhost:8080
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: CHelper Class: {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files (x86)\Eurotran 2003\e2003i.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: EurotranXP: {0E0ADD34-AF8E-47FA-A99B-3E7556FAF54C} - C:\Program Files (x86)\Verdict Free\etnxp.dll
EB: EurotranXP: {0E0ADD34-AF8E-47FA-A99B-3E7556FAF54C} - C:\Program Files (x86)\Verdict Free\etnxp.dll
uRun: [StickyPassword] C:\Program Files (x86)\Sticky Password\stpass.exe
uRun: [HKCU] C:\directory\CyberGate\WinDir\winuptade.exe
uRun: [brothel] C:\Users\BetaVerze\AppData\Roaming\brothel\ate.exe
mRun: [HKLM] C:\directory\CyberGate\WinDir\winuptade.exe
uExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe
mExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoStrCmpLogical = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:1
mPolicies-System: SynchronousUserGroupPolicy = dword:1
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
IE: Add to Google Photos Screensa&ver - <no file>
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - C:\Program Files (x86)\Verdict Free\etnxp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - C:\Program Files (x86)\Verdict Free\etnxp.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
IE: {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - C:\Program Files (x86)\Eurotran 2003\e2003i.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{0DC0A56B-602D-40DE-A012-EAF600461F86} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0DC0A56B-602D-40DE-A012-EAF600461F86}\94E6475627E65647 : DHCPNameServer = 10.0.0.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
mASetup: {76GV7767-8W8W-UI8P-6EDL-8UWV033Y1445} - C:\directory\CyberGate\WinDir\winuptade.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Sticky Password\npSPAutofill.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - ExtSQL: 2014-03-15 16:32; fmconverter@gmail.com; C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF - ExtSQL: 2014-03-21 10:09; PrivDog@AdTrustMedia.com; C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 ambakdrv;ambakdrv;C:\Windows\System32\ambakdrv.sys [2013-10-3 30648]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 RVSystem;RVSystem;C:\Windows\System32\drivers\rvsystem.sys [2013-10-29 49736]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2012-12-19 21184]
R1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2013-5-7 37976]
R1 rvsmon;rvsmon;C:\Windows\System32\drivers\rvsmon.sys [2013-10-29 151752]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-5 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-5 365568]
R2 ammntdrv;ammntdrv;C:\Windows\System32\ammntdrv.sys [2013-10-3 151480]
R2 amwrtdrv;amwrtdrv;C:\Windows\System32\amwrtdrv.sys [2013-10-3 17848]
R2 ASWLCCSvc;ASUS Wireless Card Service;C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe [2011-12-13 172032]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-6-10 70984]
R2 LiveTuner2PM;Ashampoo LiveTuner 2 Driver;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [2014-4-2 14320]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;D:\Ashampoo WinOptimizer 10.02.05 CZ portable\App\WinOptimizer\LiveTunerProcessMonitor64.sys [2013-6-25 12824]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-12-17 69640]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-10-7 32544]
R2 rvsmonf;rvsmonf;C:\Windows\System32\drivers\rvsmonf.sys [2013-10-29 1326416]
R2 rvsmonn;rvsmonn;C:\Windows\System32\drivers\rvsmonn2.sys [2013-10-29 21936]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2012-1-10 11576]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-7 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-7 115216]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2014-1-21 181760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-4-12 901848]
R3 seehcri;Sony Ericsson seehcri Device Driver;C:\Windows\System32\drivers\seehcri.sys [2012-4-6 34032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-3-30 580648]
S3 ampa;ampa;C:\Windows\System32\ampa.sys [2013-10-3 15288]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-1-5 178176]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-24 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-4-3 34848]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-7 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-10-7 29472]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-7 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-24 30208]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-4-3 23016]
S3 V0770Vid;Live! Cam Sync HD VF0770 Driver;C:\Windows\System32\drivers\V0770Vid.sys [2012-6-1 379776]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-8 1255736]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152]
S4 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-9-22 819976]
S4 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-8-14 43624]
S4 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-2-11 881952]
S4 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-5-21 136616]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-10-7 96896]
S4 Backupper Service;AOMEI Backupper Scheduler Service;C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2013-10-3 29912]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-6-10 393032]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-6-10 384840]
S4 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]
S4 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfSdkS64.exe [2014-4-2 544768]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-4-3 23048]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-4 342336]
S4 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-4 2153792]
S4 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
S4 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2013-12-17 230920]
S4 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-3-25 204304]
S4 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-12-30 1922600]
S4 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-15 65657]
S4 RVSMONBL;Returnil Virtual System Core Service;C:\Windows\SysWOW64\Returnil\RVS3\rvsmon.exe [2009-10-30 1216184]
S4 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
S4 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S4 WO_LiveService;Ashampoo LiveTuner Service;D:\Ashampoo WinOptimizer 10.02.05 CZ portable\App\WinOptimizer\LiveTunerService.exe [2013-6-25 885096]
S4 WO_LiveService2;Ashampoo LiveTuner 2 Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [2014-4-2 223624]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\NOTEPAD.EXE=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-04-28 10:06:46 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4FD4D112-B4CD-4593-AE06-0EAFF0B78DBE}\mpengine.dll
2014-04-28 09:27:26 -------- d-----w- C:\Users\BetaVerze\AppData\Roaming\brothel
2014-04-27 08:31:44 10651704 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-26 08:45:56 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-26 08:45:43 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-26 08:45:43 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-26 08:45:43 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-04-26 08:45:43 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-04-26 08:45:43 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-26 08:44:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-26 08:44:38 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-26 08:44:38 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-26 08:44:38 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-26 08:44:38 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-26 08:44:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-26 08:44:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-26 08:44:38 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-26 08:44:38 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-25 07:51:00 -------- d-----w- C:\Program Files\Yamicsoft
2014-04-25 07:50:25 -------- d-----w- C:\directory
2014-04-25 07:50:12 -------- d-----w- C:\Systeam
2014-04-24 18:10:53 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-04-24 08:34:03 -------- d-----w- C:\Program Files (x86)\RAR Password Unlocker
2014-04-23 19:30:18 -------- d-----w- C:\AdwCleaner
2014-04-22 18:10:52 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-04-20 22:29:30 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9087BAE8-E6B8-4B8F-B4E9-E52B34D31EB4}\gapaengine.dll
2014-04-18 12:46:14 -------- d-----w- C:\Users\BetaVerze\AppData\Roaming\DropboxMaster
2014-04-15 19:06:41 -------- d-sh--w- C:\$RECYCLE.BIN
2014-04-15 18:52:01 208896 ----a-w- C:\Windows\MBR.exe
2014-04-15 18:52:00 98816 ----a-w- C:\Windows\sed.exe
2014-04-15 18:52:00 256000 ----a-w- C:\Windows\PEV.exe
2014-04-15 18:44:41 237736 ----a-w- C:\bs_Advanced_Process_Termination.exe
2014-04-15 10:51:16 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-12 21:24:45 901848 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-04-12 21:24:45 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-04-12 21:23:06 2157704 ----a-w- C:\Windows\System32\YamahaAE.dll
2014-04-12 21:23:04 2101848 ----a-w- C:\Windows\System32\WavesGUILib64.dll
2014-04-10 19:17:51 357337 ----a-w- C:\Program Files (x86)\EAM-TR.exe
2014-04-10 06:41:03 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-10 06:35:58 55808 --s-a-w- C:\Windows\SysWow64\pthreadVC2.dll
2014-04-10 06:35:58 538126 --s-a-w- C:\Windows\SysWow64\libcurl-4.dll
2014-04-10 06:35:58 472424 --s-a-w- C:\Windows\SysWow64\cudart32_50_35.dll
2014-04-10 06:35:58 364544 --s-a-w- C:\Windows\SysWow64\ssleay32.dll
2014-04-10 06:35:58 192512 --s-a-w- C:\Windows\SysWow64\libidn-11.dll
2014-04-10 06:35:58 171008 --s-a-w- C:\Windows\SysWow64\libssh2.dll
2014-04-10 06:35:58 1704448 --s-a-w- C:\Windows\SysWow64\libeay32.dll
2014-04-10 06:35:58 133632 --s-a-w- C:\Windows\SysWow64\librtmp.dll
2014-04-10 06:35:58 119888 --s-a-w- C:\Windows\SysWow64\pthreadGC2.dll
2014-04-10 06:35:58 100864 --s-a-w- C:\Windows\SysWow64\zlib1.dll
2014-04-10 06:35:58 -------- d-----w- C:\Windows\SysWow64\bitstreams
2014-04-08 17:09:28 -------- d---a-w- C:\Windows\rundll16.exe
2014-04-08 17:09:28 -------- d---a-w- C:\Windows\logo1_.exe
2014-04-08 16:58:09 -------- d-----w- C:\Program Files (x86)\Common Files\MicroWorld
2014-04-08 16:23:56 -------- d-----w- C:\Program Files (x86)\VLCPortable
2014-04-05 16:55:24 29704 ----a-w- C:\Windows\System32\nitrolocalmon9.dll
2014-04-05 16:55:24 17928 ----a-w- C:\Windows\System32\nitrolocalui9.dll
2014-04-05 16:25:16 -------- d-----w- C:\Program Files (x86)\Common Files\PDF Architect
2014-04-05 10:09:16 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-04-05 10:08:42 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-04-05 10:08:42 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140405121532.dll
2014-04-05 10:08:42 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140405120915.dll
2014-04-03 21:24:50 -------- d-----w- C:\Users\BetaVerze\AppData\Roaming\ProductData
2014-04-02 18:18:28 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-04-02 09:17:03 -------- d-----w- C:\Program Files (x86)\Ashampoo
.
==================== Find3M ====================
.
2014-04-26 08:46:49 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-04-26 08:46:49 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-04-26 08:46:49 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-04-26 08:46:49 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-04-26 08:46:49 2334720 ----a-w- C:\Windows\System32\jscript9.dll
2014-04-26 08:46:49 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-04-26 08:46:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-04-26 08:46:49 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-04-26 08:46:49 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-26 08:46:48 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-04-26 08:46:48 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-04-26 08:46:48 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-04-26 08:44:38 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-04-22 18:10:43 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-22 18:10:43 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-12 21:24:45 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-03-16 10:37:51 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-16 10:37:51 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-16 10:37:38 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-16 10:37:20 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-16 10:37:20 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-16 10:36:55 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-02-28 09:35:24 581632 ----a-w- C:\Program Files (x86)\convert.exe
2014-02-28 07:14:11 724728 ----a-w- C:\Windows\System32\sltech64.dll
2014-02-28 07:14:11 245496 ----a-w- C:\Windows\System32\slprp64.dll
2014-02-28 07:14:10 899320 ----a-w- C:\Windows\System32\sl3apo64.dll
2014-02-28 07:14:10 1045752 ----a-w- C:\Windows\System32\slcnt64.dll
2014-02-28 07:14:09 2825432 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-02-28 07:14:04 942384 ----a-w- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
2014-02-28 07:14:03 5752072 ----a-w- C:\Windows\System32\NAHIMICAPOlfx.dll
2014-02-17 12:41:24 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2014-02-17 09:26:07 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-17 09:26:07 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-17 09:26:07 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-17 09:26:07 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-11 11:17:19 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-02-11 11:15:17 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-02-11 11:15:17 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-02-11 11:14:56 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-02-11 11:14:56 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-02-11 11:14:33 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-02-11 11:14:33 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-02-11 11:14:00 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-02-11 11:14:00 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-02-11 11:14:00 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-02-11 11:14:00 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-02-11 11:14:00 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-02-11 11:14:00 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-02-11 11:14:00 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-02-11 11:13:47 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-02-11 11:13:47 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-02-11 11:13:34 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-02-11 11:13:34 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-02-11 11:13:06 197120 ----a-w- C:\Windows\System32\credui.dll
2014-02-11 11:13:06 1930752 ----a-w- C:\Windows\System32\authui.dll
2014-02-11 11:13:06 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2014-02-11 11:13:06 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2014-02-11 11:13:06 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2014-02-11 11:13:05 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2014-02-11 11:12:39 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-02-11 11:12:39 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-02-11 11:12:22 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-02-11 11:12:22 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-02-11 11:10:50 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-02-11 11:10:50 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-02-11 11:10:50 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-02-11 11:10:50 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-02-11 11:10:50 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-01-18 21:04:11 4406784 ----a-w- C:\Program Files\RogueKillerX64.exe
2013-10-25 07:34:31 1530368 ----a-w- C:\Program Files (x86)\Universal-KeyGen-Generator.exe
2013-03-29 22:23:48 1563968 ----a-w- C:\Program Files (x86)\Iobit......HANZY.exe
2005-03-12 13:39:41 1347584 ----a-w- C:\Program Files (x86)\Common Files\EXIF Viewer.exe
1997-12-01 00:00:00 317440 ----a-r- C:\Program Files (x86)\Mtran.exe
.
============= FINISH: 13:16:54,20 ===============

goha · #24 Příspěvek od **goha** » 30 dub 2014 05:51

Tady je nový log, po odtranění problému ate.exe

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16545 BrowserJavaVersion: 10.51.2
Run by BetaVerze at 6:45:22 on 2014-04-30
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.6067 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\ASUS\AASP\1.01.05\aaCenter.exe
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\SeaMonkey\seamonkey.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\365dni\365dniNET.exe
C:\Program Files (x86)\SeaMonkey\seamonkey.exe
C:\Program Files (x86)\SeaMonkey\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uProxyServer = localhost:8080
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: CHelper Class: {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files (x86)\Eurotran 2003\e2003i.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: EurotranXP: {0E0ADD34-AF8E-47FA-A99B-3E7556FAF54C} - C:\Program Files (x86)\Verdict Free\etnxp.dll
EB: EurotranXP: {0E0ADD34-AF8E-47FA-A99B-3E7556FAF54C} - C:\Program Files (x86)\Verdict Free\etnxp.dll
uRun: [StickyPassword] C:\Program Files (x86)\Sticky Password\stpass.exe
uRun: [HKCU] C:\directory\CyberGate\WinDir\winuptade.exe
mRun: [HKLM] C:\directory\CyberGate\WinDir\winuptade.exe
uExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe
mExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoStrCmpLogical = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:1
mPolicies-System: SynchronousUserGroupPolicy = dword:1
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
IE: Add to Google Photos Screensa&ver - <no file>
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - C:\Program Files (x86)\Verdict Free\etnxp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - C:\Program Files (x86)\Verdict Free\etnxp.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
IE: {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - C:\Program Files (x86)\Eurotran 2003\e2003i.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{0DC0A56B-602D-40DE-A012-EAF600461F86} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0DC0A56B-602D-40DE-A012-EAF600461F86}\94E6475627E65647 : DHCPNameServer = 10.0.0.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
mASetup: {76GV7767-8W8W-UI8P-6EDL-8UWV033Y1445} - C:\directory\CyberGate\WinDir\winuptade.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Sticky Password\npSPAutofill.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - ExtSQL: 2014-03-15 16:32; fmconverter@gmail.com; C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF - ExtSQL: 2014-03-21 10:09; PrivDog@AdTrustMedia.com; C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 ambakdrv;ambakdrv;C:\Windows\System32\ambakdrv.sys [2013-10-3 30648]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 RVSystem;RVSystem;C:\Windows\System32\drivers\rvsystem.sys [2013-10-29 49736]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2012-12-19 21184]
R1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2013-5-7 37976]
R1 rvsmon;rvsmon;C:\Windows\System32\drivers\rvsmon.sys [2013-10-29 151752]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-5 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-5 365568]
R2 ammntdrv;ammntdrv;C:\Windows\System32\ammntdrv.sys [2013-10-3 151480]
R2 amwrtdrv;amwrtdrv;C:\Windows\System32\amwrtdrv.sys [2013-10-3 17848]
R2 ASWLCCSvc;ASUS Wireless Card Service;C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe [2011-12-13 172032]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-6-10 70984]
R2 LiveTuner2PM;Ashampoo LiveTuner 2 Driver;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [2014-4-2 14320]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;D:\Ashampoo WinOptimizer 10.02.05 CZ portable\App\WinOptimizer\LiveTunerProcessMonitor64.sys [2013-6-25 12824]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-12-17 69640]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-10-7 32544]
R2 rvsmonf;rvsmonf;C:\Windows\System32\drivers\rvsmonf.sys [2013-10-29 1326416]
R2 rvsmonn;rvsmonn;C:\Windows\System32\drivers\rvsmonn2.sys [2013-10-29 21936]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2012-1-10 11576]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-7 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-7 115216]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2014-1-21 181760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-4-12 901848]
R3 seehcri;Sony Ericsson seehcri Device Driver;C:\Windows\System32\drivers\seehcri.sys [2012-4-6 34032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-3-30 580648]
S3 ampa;ampa;C:\Windows\System32\ampa.sys [2013-10-3 15288]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-1-5 178176]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-24 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-4-3 34848]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-7 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-10-7 29472]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-7 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-24 30208]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-4-3 23016]
S3 V0770Vid;Live! Cam Sync HD VF0770 Driver;C:\Windows\System32\drivers\V0770Vid.sys [2012-6-1 379776]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-8 1255736]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152]
S4 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-9-22 819976]
S4 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-8-14 43624]
S4 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-2-11 881952]
S4 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-5-21 136616]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-10-7 96896]
S4 Backupper Service;AOMEI Backupper Scheduler Service;C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2013-10-3 29912]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-6-10 393032]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-6-10 384840]
S4 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]
S4 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfSdkS64.exe [2014-4-2 544768]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-4-3 23048]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-4 342336]
S4 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-4 2153792]
S4 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-11-15 137528]
S4 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [2013-12-17 230920]
S4 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-3-25 204304]
S4 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-12-30 1922600]
S4 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2012-6-15 65657]
S4 RVSMONBL;Returnil Virtual System Core Service;C:\Windows\SysWOW64\Returnil\RVS3\rvsmon.exe [2009-10-30 1216184]
S4 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
S4 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S4 WO_LiveService;Ashampoo LiveTuner Service;D:\Ashampoo WinOptimizer 10.02.05 CZ portable\App\WinOptimizer\LiveTunerService.exe [2013-6-25 885096]
S4 WO_LiveService2;Ashampoo LiveTuner 2 Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [2014-4-2 223624]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\NOTEPAD.EXE=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-04-30 04:23:41 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0EAC429B-8132-4C10-BAE0-DA8E1C95C1F3}\mpengine.dll
2014-04-28 16:01:53 10651704 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-26 08:45:56 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-26 08:45:43 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-26 08:45:43 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-26 08:45:43 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-04-26 08:45:43 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-04-26 08:45:43 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-26 08:44:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-26 08:44:38 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-26 08:44:38 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-26 08:44:38 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-26 08:44:38 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-26 08:44:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-26 08:44:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-26 08:44:38 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-26 08:44:38 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-25 07:51:00 -------- d-----w- C:\Program Files\Yamicsoft
2014-04-25 07:50:25 -------- d-----w- C:\directory
2014-04-25 07:50:12 -------- d-----w- C:\Systeam
2014-04-24 18:10:53 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-04-24 08:34:03 -------- d-----w- C:\Program Files (x86)\RAR Password Unlocker
2014-04-23 19:30:18 -------- d-----w- C:\AdwCleaner
2014-04-22 18:10:52 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-04-20 22:29:30 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9087BAE8-E6B8-4B8F-B4E9-E52B34D31EB4}\gapaengine.dll
2014-04-18 12:46:14 -------- d-----w- C:\Users\BetaVerze\AppData\Roaming\DropboxMaster
2014-04-15 19:06:41 -------- d-sh--w- C:\$RECYCLE.BIN
2014-04-15 18:52:01 208896 ----a-w- C:\Windows\MBR.exe
2014-04-15 18:52:00 98816 ----a-w- C:\Windows\sed.exe
2014-04-15 18:52:00 256000 ----a-w- C:\Windows\PEV.exe
2014-04-15 18:44:41 237736 ----a-w- C:\bs_Advanced_Process_Termination.exe
2014-04-15 10:51:16 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-12 21:24:45 901848 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-04-12 21:24:45 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-04-12 21:23:06 2157704 ----a-w- C:\Windows\System32\YamahaAE.dll
2014-04-12 21:23:04 2101848 ----a-w- C:\Windows\System32\WavesGUILib64.dll
2014-04-10 19:17:51 357337 ----a-w- C:\Program Files (x86)\EAM-TR.exe
2014-04-10 06:41:03 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-10 06:35:58 55808 --s-a-w- C:\Windows\SysWow64\pthreadVC2.dll
2014-04-10 06:35:58 538126 --s-a-w- C:\Windows\SysWow64\libcurl-4.dll
2014-04-10 06:35:58 472424 --s-a-w- C:\Windows\SysWow64\cudart32_50_35.dll
2014-04-10 06:35:58 364544 --s-a-w- C:\Windows\SysWow64\ssleay32.dll
2014-04-10 06:35:58 192512 --s-a-w- C:\Windows\SysWow64\libidn-11.dll
2014-04-10 06:35:58 171008 --s-a-w- C:\Windows\SysWow64\libssh2.dll
2014-04-10 06:35:58 1704448 --s-a-w- C:\Windows\SysWow64\libeay32.dll
2014-04-10 06:35:58 133632 --s-a-w- C:\Windows\SysWow64\librtmp.dll
2014-04-10 06:35:58 119888 --s-a-w- C:\Windows\SysWow64\pthreadGC2.dll
2014-04-10 06:35:58 100864 --s-a-w- C:\Windows\SysWow64\zlib1.dll
2014-04-10 06:35:58 -------- d-----w- C:\Windows\SysWow64\bitstreams
2014-04-08 17:09:28 -------- d---a-w- C:\Windows\rundll16.exe
2014-04-08 17:09:28 -------- d---a-w- C:\Windows\logo1_.exe
2014-04-08 16:58:09 -------- d-----w- C:\Program Files (x86)\Common Files\MicroWorld
2014-04-08 16:23:56 -------- d-----w- C:\Program Files (x86)\VLCPortable
2014-04-05 16:55:24 29704 ----a-w- C:\Windows\System32\nitrolocalmon9.dll
2014-04-05 16:55:24 17928 ----a-w- C:\Windows\System32\nitrolocalui9.dll
2014-04-05 16:25:16 -------- d-----w- C:\Program Files (x86)\Common Files\PDF Architect
2014-04-05 10:09:16 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-04-05 10:08:42 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-04-05 10:08:42 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140405121532.dll
2014-04-05 10:08:42 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll20140405120915.dll
2014-04-03 21:24:50 -------- d-----w- C:\Users\BetaVerze\AppData\Roaming\ProductData
2014-04-02 18:18:28 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-04-02 09:17:03 -------- d-----w- C:\Program Files (x86)\Ashampoo
.
==================== Find3M ====================
.
2014-04-26 08:46:49 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-04-26 08:46:49 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-04-26 08:46:49 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-04-26 08:46:49 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-04-26 08:46:49 2334720 ----a-w- C:\Windows\System32\jscript9.dll
2014-04-26 08:46:49 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-04-26 08:46:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-04-26 08:46:49 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-04-26 08:46:49 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-26 08:46:48 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-04-26 08:46:48 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-04-26 08:46:48 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-04-26 08:44:38 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-04-22 18:10:43 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-22 18:10:43 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-12 21:24:45 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-03-16 10:37:51 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-16 10:37:51 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-16 10:37:38 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-16 10:37:20 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-16 10:37:20 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-16 10:36:55 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-02-28 09:35:24 581632 ----a-w- C:\Program Files (x86)\convert.exe
2014-02-28 07:14:11 724728 ----a-w- C:\Windows\System32\sltech64.dll
2014-02-28 07:14:11 245496 ----a-w- C:\Windows\System32\slprp64.dll
2014-02-28 07:14:10 899320 ----a-w- C:\Windows\System32\sl3apo64.dll
2014-02-28 07:14:10 1045752 ----a-w- C:\Windows\System32\slcnt64.dll
2014-02-28 07:14:09 2825432 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-02-28 07:14:04 942384 ----a-w- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
2014-02-28 07:14:03 5752072 ----a-w- C:\Windows\System32\NAHIMICAPOlfx.dll
2014-02-17 12:41:24 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2014-02-17 09:26:07 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-17 09:26:07 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-17 09:26:07 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-17 09:26:07 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-11 11:17:19 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-02-11 11:15:17 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-02-11 11:15:17 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-02-11 11:14:56 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-02-11 11:14:56 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-02-11 11:14:33 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-02-11 11:14:33 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-02-11 11:14:00 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-02-11 11:14:00 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-02-11 11:14:00 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-02-11 11:14:00 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-02-11 11:14:00 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-02-11 11:14:00 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-02-11 11:14:00 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-02-11 11:13:47 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2014-02-11 11:13:47 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2014-02-11 11:13:34 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2014-02-11 11:13:34 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-02-11 11:13:06 197120 ----a-w- C:\Windows\System32\credui.dll
2014-02-11 11:13:06 1930752 ----a-w- C:\Windows\System32\authui.dll
2014-02-11 11:13:06 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2014-02-11 11:13:06 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2014-02-11 11:13:06 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2014-02-11 11:13:05 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2014-02-11 11:12:39 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-02-11 11:12:39 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-02-11 11:12:22 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-02-11 11:12:22 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-02-11 11:10:50 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-02-11 11:10:50 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-02-11 11:10:50 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-02-11 11:10:50 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-02-11 11:10:50 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-01-18 21:04:11 4406784 ----a-w- C:\Program Files\RogueKillerX64.exe
2013-10-25 07:34:31 1530368 ----a-w- C:\Program Files (x86)\Universal-KeyGen-Generator.exe
2013-03-29 22:23:48 1563968 ----a-w- C:\Program Files (x86)\Iobit......HANZY.exe
2005-03-12 13:39:41 1347584 ----a-w- C:\Program Files (x86)\Common Files\EXIF Viewer.exe
1997-12-01 00:00:00 317440 ----a-r- C:\Program Files (x86)\Mtran.exe
.
============= FINISH: 6:46:14,17 ===============

#25 Příspěvek od **vyosek** » 30 dub 2014 07:17

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\directory\CyberGate\WinDir\winuptade.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu

Do okna vlozte skript nize
Kód: Vybrat vše
```
:dir
C:\directory /sub
C:\Systeam /sub
```
Kliknete na Look
Tlacitko Look se zmeni na Scanning a zsedne
Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

Pokud budou logy dlouhe, tak je nekam uploadnete

goha · #26 Příspěvek od **goha** » 30 dub 2014 10:11

winuptade.exe se mi podařilo včera v rámci čištění již odstranit.

Tady je log SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 11:09 on 30/04/2014 by BetaVerze
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

C:\directory - Parameters: "/sub"

---Files---
None found.

C:\directory\CyberGate d------ [09:01 30/04/2014]

C:\directory\CyberGate\WinDir d------ [22:33 23/01/2006]
winuptade.exe -rahs-- 506634 bytes [21:19 13/01/2006] [21:19 13/01/2006]

C:\Systeam - Parameters: "/sub"

---Files---
windows7manager.exe --a---- 13935424 bytes [06:50 14/03/2014] [06:50 14/03/2014]

No folders found.

-= EOF =-

goha · #27 Příspěvek od **goha** » 30 dub 2014 15:46

Tak se mi nějak záhadně ten winuptade.exe spoští znovu, ale https://www.virustotal.com/cs/ ho nedokáže najít.

#28 Příspěvek od **vyosek** » 30 dub 2014 15:50

Odinstalujte Advanced SystemCare 7 a IObit Malware Fighter a nasledne i vse od IOBit

Odinstalujte McAfee Security Scan

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Collect::
C:\directory\CyberGate\WinDir\winuptade.exe

Folder::
C:\directory
C:\Systeam
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\ProgramData\McAfee Security Scan
C:\Program Files\McAfee Security Scan
C:\Program Files (x86)\IObit
C:\Program Files (x86)\PANDORA.TV

DDS::
uProxyServer = localhost:8080
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
uRun: [StickyPassword] C:\Program Files (x86)\Sticky Password\stpass.exe
uRun: [HKCU] C:\directory\CyberGate\WinDir\winuptade.exe
uRun: [brothel] C:\Users\BetaVerze\AppData\Roaming\brothel\ate.exe
mRun: [HKLM] C:\directory\CyberGate\WinDir\winuptade.exe
uExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe
mExplorerRun: [Policies] C:\directory\CyberGate\WinDir\winuptade.exe

Firefox::
FF - ProfilePath - C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =902615&p=
FF - ExtSQL: 2014-03-21 10:09; PrivDog@AdTrustMedia.com; C:\Users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\extensions\PrivDog@AdTrustMedia.com.xpi

Driver::
AdvancedSystemCareService7
McComponentHostService
FileMonitor
IMFservice
LiveUpdateSvc
PanService

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

goha · #29 Příspěvek od **goha** » 30 dub 2014 23:57

Zde je ten log:

ComboFix 14-04-12.01 - BetaVerze 30.04.2014 23:19:04.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8191.5844 [GMT 2:00]
Spuštěný z: c:\users\BetaVerze\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\BetaVerze\Desktop\CFScript.txt
AV: Baidu Antivirus *Enabled/Updated* {10616E6C-0E20-8594-D377-A7D03F6128A6}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Baidu Antivirus *Disabled/Updated* {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\directory
c:\directory\CyberGate\WinDir\winuptade.exe
c:\program files (x86)\IObit
c:\program files (x86)\IObit\Driver Booster\AUpdate.exe
c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe
c:\program files (x86)\IObit\Driver Booster\cus.dat
c:\program files (x86)\IObit\Driver Booster\Database\Backup\Drivers.db
c:\program files (x86)\IObit\Driver Booster\Database\Drivers.db
c:\program files (x86)\IObit\Driver Booster\Database\Games.db
c:\program files (x86)\IObit\Driver Booster\Database\Update\db_upd00.incpk
c:\program files (x86)\IObit\Driver Booster\Database\Update\db_upd01.incpk
c:\program files (x86)\IObit\Driver Booster\Database\Update\db_upd02.incpk
c:\program files (x86)\IObit\Driver Booster\Database\Update\db_upd03.incpk
c:\program files (x86)\IObit\Driver Booster\Database\Update\Ver_1.12.1.0.incpk
c:\program files (x86)\IObit\Driver Booster\Database\Version.dll
c:\program files (x86)\IObit\Driver Booster\DataState.dll
c:\program files (x86)\IObit\Driver Booster\DBPro.exe
c:\program files (x86)\IObit\Driver Booster\Deployer.exe
c:\program files (x86)\IObit\Driver Booster\Download\aud_win7_8_8.1_6.0.1.7183_vista64_78b4.dbz
c:\program files (x86)\IObit\Driver Booster\Download\aud_win7_8_8.1_6.0.1.7183_vista64_78b4.dbz.dat
c:\program files (x86)\IObit\Driver Booster\Download\driver_win7_7080_03212014_64.dbz
c:\program files (x86)\IObit\Driver Booster\Download\driver_win7_7080_03212014_64.dbz.dat
c:\program files (x86)\IObit\Driver Booster\DpInst\x64\dpinst.exe
c:\program files (x86)\IObit\Driver Booster\DpInst\x86\dpinst.exe
c:\program files (x86)\IObit\Driver Booster\Driver_Booster_FreeSoftwareDownloader.exe
c:\program files (x86)\IObit\Driver Booster\DriverBooster.exe
c:\program files (x86)\IObit\Driver Booster\DrvInstall\DIFxAPI32.dll
c:\program files (x86)\IObit\Driver Booster\DrvInstall\DIFxAPI64.dll
c:\program files (x86)\IObit\Driver Booster\DrvInstall\DpInstX32.exe
c:\program files (x86)\IObit\Driver Booster\DrvInstall\DpInstX64.exe
c:\program files (x86)\IObit\Driver Booster\DrvInstall\DrvInstall.exe
c:\program files (x86)\IObit\Driver Booster\EULA.rtf
c:\program files (x86)\IObit\Driver Booster\FixPlugin.exe
c:\program files (x86)\IObit\Driver Booster\Freeware\Driver_Booster_FreeSoftwareDownloader.exe
c:\program files (x86)\IObit\Driver Booster\Freeware\Check.dll
c:\program files (x86)\IObit\Driver Booster\Help.html
c:\program files (x86)\IObit\Driver Booster\History.txt
c:\program files (x86)\IObit\Driver Booster\Images\backups-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\backups-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\btn_upgrade.jpg
c:\program files (x86)\IObit\Driver Booster\Images\cloud-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\driver-details.jpg
c:\program files (x86)\IObit\Driver Booster\Images\enter-license.jpg
c:\program files (x86)\IObit\Driver Booster\Images\feedback-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\feedback-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\feedback.jpg
c:\program files (x86)\IObit\Driver Booster\Images\google-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\installation-tips.jpg
c:\program files (x86)\IObit\Driver Booster\Images\like-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\main-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\main-screen2.jpg
c:\program files (x86)\IObit\Driver Booster\Images\more-settings-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\more-settings.jpg
c:\program files (x86)\IObit\Driver Booster\Images\reboot.jpg
c:\program files (x86)\IObit\Driver Booster\Images\restore-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\restore-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\scan-drivers-latest.jpg
c:\program files (x86)\IObit\Driver Booster\Images\scan-outdated-found.jpg
c:\program files (x86)\IObit\Driver Booster\Images\scanning-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings-drivers.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings-ignored.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings-network.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings-recommend.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings-scan.jpg
c:\program files (x86)\IObit\Driver Booster\Images\settings.jpg
c:\program files (x86)\IObit\Driver Booster\Images\skin-icon.jpg
c:\program files (x86)\IObit\Driver Booster\Images\skin-screen.jpg
c:\program files (x86)\IObit\Driver Booster\Images\update-drivers.jpg
c:\program files (x86)\IObit\Driver Booster\Images\update-process.jpg
c:\program files (x86)\IObit\Driver Booster\Images\upgrade-icon.jpg
c:\program files (x86)\IObit\Driver Booster\IObitDownloader.exe
c:\program files (x86)\IObit\Driver Booster\Language\Albanian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Arabic.lng
c:\program files (x86)\IObit\Driver Booster\Language\Belarusian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Bulgarian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Croatian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Czech.lng
c:\program files (x86)\IObit\Driver Booster\Language\Danish.lng
c:\program files (x86)\IObit\Driver Booster\Language\Dutch.lng
c:\program files (x86)\IObit\Driver Booster\Language\English.lng
c:\program files (x86)\IObit\Driver Booster\Language\Finnish.lng
c:\program files (x86)\IObit\Driver Booster\Language\French.lng
c:\program files (x86)\IObit\Driver Booster\Language\German.lng
c:\program files (x86)\IObit\Driver Booster\Language\Greek.lng
c:\program files (x86)\IObit\Driver Booster\Language\Hebrew.lng
c:\program files (x86)\IObit\Driver Booster\Language\Hungarian.lng
c:\program files (x86)\IObit\Driver Booster\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Driver Booster\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Driver Booster\Language\Italian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Japanese.lng
c:\program files (x86)\IObit\Driver Booster\Language\Korean.lng
c:\program files (x86)\IObit\Driver Booster\Language\Mongolian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Nepali.lng
c:\program files (x86)\IObit\Driver Booster\Language\Polish.lng
c:\program files (x86)\IObit\Driver Booster\Language\Portuguese (PT-BR).lng
c:\program files (x86)\IObit\Driver Booster\Language\Portuguese (PT-PT).lng
c:\program files (x86)\IObit\Driver Booster\Language\Romanian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Russian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Serbian (Cyrillic).lng
c:\program files (x86)\IObit\Driver Booster\Language\Serbian (Latin).lng
c:\program files (x86)\IObit\Driver Booster\Language\Slovenian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Spanish.lng
c:\program files (x86)\IObit\Driver Booster\Language\Swedish.lng
c:\program files (x86)\IObit\Driver Booster\Language\Thai.lng
c:\program files (x86)\IObit\Driver Booster\Language\Turkish.lng
c:\program files (x86)\IObit\Driver Booster\Language\Ukrainian.lng
c:\program files (x86)\IObit\Driver Booster\Language\Vietnamese.lng
c:\program files (x86)\IObit\Driver Booster\LatestNews\imagenews.png
c:\program files (x86)\IObit\Driver Booster\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Driver Booster\LocalData\Config.ini
c:\program files (x86)\IObit\Driver Booster\LocalData\Ignore.ini
c:\program files (x86)\IObit\Driver Booster\LocalData\Installed.lst
c:\program files (x86)\IObit\Driver Booster\madbasic_.bpl
c:\program files (x86)\IObit\Driver Booster\maddisAsm_.bpl
c:\program files (x86)\IObit\Driver Booster\madexcept_.bpl
c:\program files (x86)\IObit\Driver Booster\MakeSFX.exe
c:\program files (x86)\IObit\Driver Booster\Promote.exe
c:\program files (x86)\IObit\Driver Booster\Register.dll
c:\program files (x86)\IObit\Driver Booster\rtl120.bpl
c:\program files (x86)\IObit\Driver Booster\SetupHlp.exe
c:\program files (x86)\IObit\Driver Booster\Scheduler.exe
c:\program files (x86)\IObit\Driver Booster\Skin\black.rcc
c:\program files (x86)\IObit\Driver Booster\Skin\public.rcc
c:\program files (x86)\IObit\Driver Booster\Skin\white.rcc
c:\program files (x86)\IObit\Driver Booster\SkipUacExec.exe
c:\program files (x86)\IObit\Driver Booster\SkipUacTask.exe
c:\program files (x86)\IObit\Driver Booster\SQLite3.dll
c:\program files (x86)\IObit\Driver Booster\SysRest.dll
c:\program files (x86)\IObit\Driver Booster\TaskMgr.dll
c:\program files (x86)\IObit\Driver Booster\unins000.dat
c:\program files (x86)\IObit\Driver Booster\unins000.exe
c:\program files (x86)\IObit\Driver Booster\unins000.msg
c:\program files (x86)\IObit\Driver Booster\UninstallPromote.log
c:\program files (x86)\IObit\Driver Booster\Update\Database\Update\db_upd00.incpk.dat
c:\program files (x86)\IObit\Driver Booster\Update\Database\Update\db_upd01.incpk.dat
c:\program files (x86)\IObit\Driver Booster\Update\DBPro.exe.dat
c:\program files (x86)\IObit\Driver Booster\Update\LastCheck.Ini
c:\program files (x86)\IObit\Driver Booster\Update\LocalData\Ignore.ini.dat
c:\program files (x86)\IObit\Driver Booster\Update\Update.ini
c:\program files (x86)\IObit\Driver Booster\Update\Url.ini
c:\program files (x86)\IObit\Driver Booster\UpdateDB.exe
c:\program files (x86)\IObit\Driver Booster\vcl120.bpl
c:\program files (x86)\IObit\Driver Booster\vclx120.bpl
c:\program files (x86)\IObit\Driver Booster\WebRes.dll
c:\program files (x86)\IObit\IObit Uninstaller\datastate.dll
c:\program files (x86)\IObit\IObit Uninstaller\EULA.rtf
c:\program files (x86)\IObit\IObit Uninstaller\help.html
c:\program files (x86)\IObit\IObit Uninstaller\Images\batch-uninstall.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\browser-plug-ins.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\control-panel-entrance.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\create-restore-point.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\file-shred.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\file-shredder.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\forced-uninstall.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\like.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\main-screen.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\more-settings-button.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\more-settings-dropdown.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\more-settings.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\powerful-scan.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\restore-browser-default.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\right-click-entrance.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\search-program.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\settings.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\shred-file.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\uninstall.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\uninstalling.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\view-style.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Images\vote.jpg
c:\program files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
c:\program files (x86)\IObit\IObit Uninstaller\IObitDownloader.exe
c:\program files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Arabic.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Belarusian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Czech.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Dutch.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\English.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Finnish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\German.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Hungarian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\ChineseSimp.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\ChineseTrad.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Japanese.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Polish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Romanian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Russian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Serbian (cyrillic).lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Serbian (latin).lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Slovenian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Spanish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Swedish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Turkish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Lan_LiveUpt\Vietnamese.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Arabic.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Belarusian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Croatian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Czech.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Danish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Dinka.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Dutch.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\English.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Finnish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\French.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\German.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Greek.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Hungarian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\ChineseSimp.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\ChineseTrad.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Indonesian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Italian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Japanese.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Korean.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Malayalam.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Nuer.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Polish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Romanian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Russian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Serbian(Cyrillic).lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Serbian(Latin).lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Slovenian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Spanish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Swedish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Thai.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Turkish.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Ukrainian.lng
c:\program files (x86)\IObit\IObit Uninstaller\Language\Vietnamese.lng
c:\program files (x86)\IObit\IObit Uninstaller\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\IObit Uninstaller\LiveUpdate.exe
c:\program files (x86)\IObit\IObit Uninstaller\LiveUpdate.log
c:\program files (x86)\IObit\IObit Uninstaller\pr.dat
c:\program files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
c:\program files (x86)\IObit\IObit Uninstaller\sqlite3.dll
c:\program files (x86)\IObit\IObit Uninstaller\taskmgr.dll
c:\program files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64_1.dll
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64_2.dll
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64_1.dll
c:\program files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallPromote_1.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallPromote_2.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallRote.dbd
c:\program files (x86)\IObit\LiveUpdate\Language\Arabic.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Czech.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Danish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dinka.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dutch.lng
c:\program files (x86)\IObit\LiveUpdate\Language\English.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Finnish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Flemish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\French.lng
c:\program files (x86)\IObit\LiveUpdate\Language\German.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Greek.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Italian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Japanese.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Korean.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Latvian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Polish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Romanian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Russian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovak.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Spanish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Swedish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Turkish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Ukrainian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.log
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate_1.log
c:\program files (x86)\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files (x86)\IObit\LiveUpdate\ManualUpt.log
c:\program files (x86)\IObit\LiveUpdate\ProductStatistics.dll
c:\program files (x86)\IObit\LiveUpdate\ProductStatistics.log
c:\program files (x86)\IObit\LiveUpdate\ProductUpt.log
c:\program files (x86)\IObit\LiveUpdate\system.ini
c:\program files (x86)\IObit\LiveUpdate\update\timer.db
c:\program files (x86)\IObit\LiveUpdate\update\update.spt
c:\program files (x86)\IObit\Smart Defrag 3\ActionCenterDownloader.exe
c:\program files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe
c:\program files (x86)\IObit\Smart Defrag 3\Database\PriTemp.dbd
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win7_x64\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win7_x64\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win7_x86\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win7_x86\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win8_x64\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win8_x64\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win8_x86\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\win8_x86\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wlh_x64\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wlh_x64\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wlh_x86\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wlh_x86\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wnet_x64\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wnet_x64\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wnet_x86\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wnet_x86\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wxp_x64\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wxp_x64\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wxp_x86\SmartDefragBootTime.exe
c:\program files (x86)\IObit\Smart Defrag 3\drivers\wxp_x86\SmartDefragDriver.sys
c:\program files (x86)\IObit\Smart Defrag 3\EULA.rtf
c:\program files (x86)\IObit\Smart Defrag 3\Extension\IObitSmartDefragExtension_x64.dll
c:\program files (x86)\IObit\Smart Defrag 3\Extension\IObitSmartDefragExtension_x86.dll
c:\program files (x86)\IObit\Smart Defrag 3\FixPlugin.exe
c:\program files (x86)\IObit\Smart Defrag 3\Freeware\Check.dll
c:\program files (x86)\IObit\Smart Defrag 3\Freeware\SD_FreeSoftwareDownloader.exe
c:\program files (x86)\IObit\Smart Defrag 3\Help\EULA.rtf
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\actioncenter.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\automaticdefrag.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\boottimedefrag.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\boottimedefragconfigure.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\diskcleanup.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\excludelist.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\functionstate.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\iconlike.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\iconmore.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\iconskin.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\mainscreen.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\mapcolor.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\report.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\settings-main.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\img\settings.jpg
c:\program files (x86)\IObit\Smart Defrag 3\Help\Index.html
c:\program files (x86)\IObit\Smart Defrag 3\Language\Arabic.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Croatian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Czech.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Danish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Dinka.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Dutch.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\English.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Finnish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Flemish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\French.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\German.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Greek.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Hindi.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Hungarian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Indonesia.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Italian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Japanese.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Korean.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Malayalam.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Polish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Romanian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Russian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Serbian (Cyrillic).lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Serbian (Latin).lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Slovak.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Slovenian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Spanish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Swedish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Thai.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Turkish.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Ukrainian.lng
c:\program files (x86)\IObit\Smart Defrag 3\Language\Vietnamese.lng
c:\program files (x86)\IObit\Smart Defrag 3\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Smart Defrag 3\NtfsData.dll
c:\program files (x86)\IObit\Smart Defrag 3\rtl120.bpl
c:\program files (x86)\IObit\Smart Defrag 3\SD_FreeSoftwareDownloader.exe
c:\program files (x86)\IObit\Smart Defrag 3\sdcore.dll
c:\program files (x86)\IObit\Smart Defrag 3\SDDriverMgr.dll
c:\program files (x86)\IObit\Smart Defrag 3\SDInit.exe
c:\program files (x86)\IObit\Smart Defrag 3\sdlib.dll
c:\program files (x86)\IObit\Smart Defrag 3\SDReport\SmartDefragReport.html
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\black.rcc
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\color_setting.ini
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\deepanalyze.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\icon_correct_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\icon_error_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Black\mask.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\blue.rcc
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\color_setting.ini
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\deepanalyze.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\icon_correct_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\icon_error_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\Blue\mask.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\color_setting.ini
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\deepanalyze.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\icon_correct_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\icon_error_s.ico
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\mask.png
c:\program files (x86)\IObit\Smart Defrag 3\Skins\White\white.rcc
c:\program files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
c:\program files (x86)\IObit\Smart Defrag 3\sqlite3.dll
c:\program files (x86)\IObit\Smart Defrag 3\taskMgr.dll
c:\program files (x86)\IObit\Smart Defrag 3\unins000.dat
c:\program files (x86)\IObit\Smart Defrag 3\unins000.exe
c:\program files (x86)\IObit\Smart Defrag 3\unins000.msg
c:\program files (x86)\IObit\Smart Defrag 3\UninstallPromote.exe
c:\program files (x86)\IObit\Smart Defrag 3\Update History.txt
c:\program files (x86)\IObit\Smart Defrag 3\Update\freeware.ini
c:\program files (x86)\IObit\Smart Defrag 3\Update\LastCheck.Ini
c:\program files (x86)\IObit\Smart Defrag 3\Update\Update.ini
c:\program files (x86)\IObit\Smart Defrag 3\vcl120.bpl
c:\program files (x86)\IObit\Smart Defrag 3\vclx120.bpl
c:\program files (x86)\IObit\Smart Defrag 3\webres.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\manifest.json
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Ex.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\asc.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\tips.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.bak
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\manifest.json
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Ex.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\asc.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.html
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\tips.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.bak
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files (x86)\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_0330
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_0926
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_1021
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_1116
c:\program files (x86)\IObit\Surfing Protection\Database\base_upt_add
c:\program files (x86)\IObit\Surfing Protection\Database\spupdate.utp
c:\program files (x86)\IObit\Surfing Protection\DownErrorConfig.txt
c:\program files (x86)\IObit\Surfing Protection\Extensions.plist
c:\program files (x86)\IObit\Surfing Protection\Language\Arabic.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Czech.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Dutch.lng
c:\program files (x86)\IObit\Surfing Protection\Language\English.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Finnish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Japanese.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Korean.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Polish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Romanian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Russian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files (x86)\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Spanish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Swedish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Turkish.lng
c:\program files (x86)\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files (x86)\IObit\Surfing Protection\PluginInstall.exe
c:\program files (x86)\IObit\Surfing Protection\SPInit.log
c:\program files (x86)\IObit\Surfing Protection\SPUpdate.exe
c:\program files (x86)\IObit\Surfing Protection\sqlite3.dll
c:\program files (x86)\IObit\Surfing Protection\unins000.dat
c:\program files (x86)\IObit\Surfing Protection\unins000.exe
c:\program files (x86)\IObit\Surfing Protection\unins000.msg
c:\program files (x86)\IObit\Surfing Protection\Update\Update.ini
c:\program files (x86)\PANDORA.TV
c:\program files (x86)\PANDORA.TV\PanService\avcodec-53.dll
c:\program files (x86)\PANDORA.TV\PanService\avformat-53.dll
c:\program files (x86)\PANDORA.TV\PanService\avutil-51.dll
c:\program files (x86)\PANDORA.TV\PanService\crossdomain.xml
c:\program files (x86)\PANDORA.TV\PanService\killp.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPElevateExecutor.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPProcess.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPServiceStarter.exe
c:\program files (x86)\PANDORA.TV\PanService\libupnp.dll
c:\program files (x86)\PANDORA.TV\PanService\msvcp100.dll
c:\program files (x86)\PANDORA.TV\PanService\msvcr100.dll
c:\program files (x86)\PANDORA.TV\PanService\noname.gif
c:\program files (x86)\PANDORA.TV\PanService\PanConf.ini
c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe
c:\program files (x86)\PANDORA.TV\PanService\PanElevateExecutor.exe
c:\program files (x86)\PANDORA.TV\PanService\PanProcess.exe
c:\program files (x86)\PANDORA.TV\PanService\PanServiceStarter.exe
c:\program files (x86)\PANDORA.TV\PanService\PanStreamer.dll
c:\program files (x86)\PANDORA.TV\PanService\Proxy.dll
c:\program files (x86)\PANDORA.TV\PanService\pthreadVC2.dll
c:\program files (x86)\PANDORA.TV\PanService\unins000.dat
c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
c:\program files (x86)\PANDORA.TV\PanService\UnistAX.exe
c:\program files (x86)\Spybot - Search & Destroy 2
c:\program files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe.log
c:\program files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe
c:\program files (x86)\Sticky Password\stpass.exe
C:\Systeam
c:\systeam\windows7manager.exe
c:\users\BetaVerze\AppData\Roaming\BetaVerzelog.dat
c:\users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\extensions\PrivDog@AdTrustMedia.com.xpi
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_LiveUpdateSvc
-------\Service_PanService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-30 )))))))))))))))))))))))))))))))
.
.
2014-04-30 21:28 . 2014-04-30 21:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-30 09:03 . 2014-04-30 08:55 70944 ----a-w- c:\windows\system32\drivers\Bndef.sys
2014-04-30 09:03 . 2014-04-30 08:55 91648 ----a-w- c:\windows\system32\drivers\Bnbasex.sys
2014-04-30 05:10 . 2014-04-30 08:55 141408 ----a-w- c:\windows\system32\drivers\Bprotect.sys
2014-04-30 05:10 . 2014-01-16 08:53 37696 ----a-w- c:\windows\system32\drivers\Bfmon.sys
2014-04-30 05:10 . 2014-01-23 06:57 55616 ----a-w- c:\windows\system32\drivers\Bfilter.sys
2014-04-30 05:10 . 2014-04-30 05:10 -------- d-----w- c:\users\BetaVerze\AppData\Roaming\Baidu
2014-04-30 05:10 . 2014-04-30 08:55 70944 ----a-w- c:\windows\system32\drivers\bndef64.sys
2014-04-30 05:10 . 2014-04-30 08:55 91648 ----a-w- c:\windows\system32\drivers\bnbasex64.sys
2014-04-30 05:09 . 2014-04-30 05:09 -------- d-----w- c:\programdata\baidu
2014-04-30 05:09 . 2014-04-30 05:09 -------- d-----w- c:\program files (x86)\Baidu Security
2014-04-30 04:23 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EAC429B-8132-4C10-BAE0-DA8E1C95C1F3}\mpengine.dll
2014-04-28 16:01 . 2014-04-16 10:22 10651704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-26 08:45 . 2014-04-26 08:45 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-26 08:45 . 2014-04-26 08:45 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-26 08:45 . 2014-04-26 08:45 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-26 08:45 . 2014-04-26 08:45 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-04-26 08:45 . 2014-04-26 08:45 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-26 08:45 . 2014-04-26 08:45 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-26 08:44 . 2014-04-26 08:44 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-04-26 08:44 . 2014-04-26 08:44 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-04-26 08:44 . 2014-04-26 08:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-26 08:44 . 2014-04-26 08:44 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-04-26 08:44 . 2014-04-26 08:44 243712 ----a-w- c:\windows\system32\wow64.dll
2014-04-26 08:44 . 2014-04-26 08:44 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-04-26 08:44 . 2014-04-26 08:44 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-04-26 08:44 . 2014-04-26 08:44 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-04-26 08:44 . 2014-04-26 08:44 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-04-26 08:44 . 2014-04-26 08:44 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-04-25 07:51 . 2014-04-25 14:18 -------- d-----w- c:\program files\Yamicsoft
2014-04-24 08:34 . 2014-04-24 08:38 -------- d-----w- c:\program files (x86)\RAR Password Unlocker
2014-04-23 19:30 . 2014-04-26 18:22 -------- d-----w- C:\AdwCleaner
2014-04-20 22:29 . 2014-02-20 17:03 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9087BAE8-E6B8-4B8F-B4E9-E52B34D31EB4}\gapaengine.dll
2014-04-18 12:46 . 2014-04-18 12:46 -------- d-----w- c:\users\BetaVerze\AppData\Roaming\DropboxMaster
2014-04-15 18:44 . 2014-04-15 18:43 237736 ----a-w- C:\bs_Advanced_Process_Termination.exe
2014-04-15 10:51 . 2014-04-15 10:51 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-12 21:24 . 2014-04-12 21:24 901848 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-04-12 21:24 . 2014-04-12 21:24 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-04-12 21:23 . 2014-04-12 21:23 2157704 ----a-w- c:\windows\system32\YamahaAE.dll
2014-04-12 21:23 . 2014-04-12 21:23 2101848 ----a-w- c:\windows\system32\WavesGUILib64.dll
2014-04-10 19:17 . 2013-08-22 18:50 357337 ----a-w- c:\program files (x86)\EAM-TR.exe
2014-04-10 06:35 . 2014-04-10 19:48 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-04-10 06:35 . 2013-10-26 18:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-04-10 06:35 . 2013-10-26 18:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2014-04-10 06:35 . 2013-10-26 18:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-04-10 06:35 . 2013-10-26 18:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-04-10 06:35 . 2013-10-26 18:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2014-04-10 06:35 . 2013-10-26 18:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-04-10 06:35 . 2013-06-12 13:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-04-10 06:35 . 2013-06-12 13:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-04-10 06:35 . 2012-09-25 21:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2014-04-10 06:35 . 2012-05-26 23:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-04-08 17:09 . 2014-04-08 17:09 -------- d---a-w- c:\windows\rundll16.exe
2014-04-08 17:09 . 2014-04-08 17:09 -------- d---a-w- c:\windows\logo1_.exe
2014-04-08 16:58 . 2014-04-08 16:58 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2014-04-08 16:23 . 2014-04-08 16:23 -------- d-----w- c:\program files (x86)\VLCPortable
2014-04-05 16:55 . 2013-12-17 13:06 29704 ----a-w- c:\windows\system32\nitrolocalmon9.dll
2014-04-05 16:55 . 2013-12-17 13:06 17928 ----a-w- c:\windows\system32\nitrolocalui9.dll
2014-04-05 16:25 . 2014-04-05 16:25 -------- d-----w- c:\program files (x86)\Common Files\PDF Architect
2014-04-05 10:09 . 2013-11-19 14:52 34080 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-04-05 10:08 . 2014-03-10 16:17 128288 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-04-03 21:24 . 2014-04-03 21:24 -------- d-----w- c:\users\BetaVerze\AppData\Roaming\ProductData
2014-04-02 18:18 . 2014-04-02 18:18 -------- d-----w- c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2014-04-02 09:17 . 2014-04-02 09:17 -------- d-----w- c:\program files (x86)\Ashampoo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 08:44 . 2014-04-26 08:44 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-04-22 18:10 . 2012-04-02 05:11 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-22 18:10 . 2011-10-07 21:00 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-12 21:24 . 2011-10-07 20:24 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-03-16 10:37 . 2014-03-16 10:37 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-16 10:37 . 2014-03-16 10:37 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-16 10:37 . 2014-03-16 10:37 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-03-16 10:37 . 2014-03-16 10:37 484864 ----a-w- c:\windows\system32\wer.dll
2014-03-16 10:37 . 2014-03-16 10:37 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-16 10:36 . 2014-03-16 10:36 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-02-28 09:35 . 2014-02-28 09:36 581632 ----a-w- c:\program files (x86)\convert.exe
2014-02-28 07:14 . 2014-02-28 07:14 724728 ----a-w- c:\windows\system32\sltech64.dll
2014-02-28 07:14 . 2014-02-28 07:14 245496 ----a-w- c:\windows\system32\slprp64.dll
2014-02-28 07:14 . 2014-02-28 07:14 899320 ----a-w- c:\windows\system32\sl3apo64.dll
2014-02-28 07:14 . 2014-02-28 07:14 1045752 ----a-w- c:\windows\system32\slcnt64.dll
2014-02-28 07:14 . 2014-02-28 07:14 2825432 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-02-28 07:14 . 2014-02-28 07:14 942384 ----a-w- c:\windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-28 07:14 . 2014-02-28 07:14 5752072 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll
2014-02-20 17:03 . 2013-04-24 05:16 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-17 12:41 . 2012-02-12 14:56 27456 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-02-17 09:26 . 2014-02-17 09:26 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-17 09:26 . 2014-02-17 09:26 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-17 09:26 . 2014-02-17 09:26 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-17 09:26 . 2014-02-17 09:26 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-17 09:15 . 2014-02-17 09:15 87040 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2014-02-17 09:15 . 2014-02-17 09:15 572416 ----a-w- c:\windows\SysWow64\RMActivate.exe
2014-02-17 09:15 . 2014-02-17 09:15 528384 ----a-w- c:\windows\system32\msdrm.dll
2014-02-17 09:15 . 2014-02-17 09:15 510976 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2014-02-17 09:15 . 2014-02-17 09:15 428032 ----a-w- c:\windows\SysWow64\secproc.dll
2014-02-17 09:15 . 2014-02-17 09:15 390144 ----a-w- c:\windows\SysWow64\msdrm.dll
2014-02-17 09:15 . 2014-02-17 09:15 553984 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-02-17 09:15 . 2014-02-17 09:15 87040 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2014-02-17 09:15 . 2014-02-17 09:15 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-17 09:15 . 2014-02-17 09:15 626176 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-17 09:15 . 2014-02-17 09:15 594944 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2014-02-17 09:15 . 2014-02-17 09:15 552960 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-17 09:15 . 2014-02-17 09:15 508928 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2014-02-17 09:15 . 2014-02-17 09:15 488448 ----a-w- c:\windows\system32\secproc.dll
2014-02-17 09:15 . 2014-02-17 09:15 485888 ----a-w- c:\windows\system32\secproc_isv.dll
2014-02-17 09:15 . 2014-02-17 09:15 423936 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2014-02-17 09:15 . 2014-02-17 09:15 123392 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-02-17 09:15 . 2014-02-17 09:15 123392 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-02-11 11:17 . 2014-02-11 11:17 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-11 11:15 . 2014-02-11 11:15 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-02-11 11:15 . 2014-02-11 11:15 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-02-11 11:14 . 2014-02-11 11:14 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-02-11 11:14 . 2014-02-11 11:14 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-02-11 11:14 . 2014-02-11 11:14 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-02-11 11:14 . 2014-02-11 11:14 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-02-11 11:14 . 2014-02-11 11:14 2048 ----a-w- c:\windows\system32\tzres.dll
2014-02-11 11:14 . 2014-02-11 11:14 202752 ----a-w- c:\windows\system32\scrrun.dll
2014-02-11 11:14 . 2014-02-11 11:14 168960 ----a-w- c:\windows\system32\wscript.exe
2014-02-11 11:14 . 2014-02-11 11:14 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-02-11 11:14 . 2014-02-11 11:14 156160 ----a-w- c:\windows\system32\cscript.exe
2014-02-11 11:14 . 2014-02-11 11:14 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-02-11 11:14 . 2014-02-11 11:14 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2014-02-11 11:14 . 2014-02-11 11:14 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2014-02-11 11:13 . 2014-02-11 11:13 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-02-11 11:13 . 2014-02-11 11:13 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-02-11 11:13 . 2014-02-11 11:13 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-02-11 11:13 . 2014-02-11 11:13 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-02-11 11:13 . 2014-02-11 11:13 197120 ----a-w- c:\windows\system32\credui.dll
2014-02-11 11:13 . 2014-02-11 11:13 1930752 ----a-w- c:\windows\system32\authui.dll
2014-02-11 11:13 . 2014-02-11 11:13 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-02-11 11:13 . 2014-02-11 11:13 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2014-02-11 11:13 . 2014-02-11 11:13 168960 ----a-w- c:\windows\SysWow64\credui.dll
2014-02-11 11:13 . 2014-02-11 11:13 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2014-02-11 11:12 . 2014-02-11 11:12 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-02-11 11:12 . 2014-02-11 11:12 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-02-11 11:12 . 2014-02-11 11:12 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-02-11 11:12 . 2014-02-11 11:12 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-02-11 11:11 . 2014-02-11 11:11 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-02-11 11:11 . 2014-02-11 11:11 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-02-11 11:11 . 2014-02-11 11:11 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-02-11 11:11 . 2014-02-11 11:11 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2014-02-11 11:11 . 2014-02-11 11:11 340992 ----a-w- c:\windows\system32\schannel.dll
2014-02-11 11:11 . 2014-02-11 11:11 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-02-11 11:11 . 2014-02-11 11:11 30720 ----a-w- c:\windows\system32\lsass.exe
2014-02-11 11:11 . 2014-02-11 11:11 28672 ----a-w- c:\windows\system32\sspisrv.dll
2014-02-11 11:11 . 2014-02-11 11:11 28160 ----a-w- c:\windows\system32\secur32.dll
2014-02-11 11:11 . 2014-02-11 11:11 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-02-11 11:11 . 2014-02-11 11:11 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-02-11 11:11 . 2014-02-11 11:11 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-02-11 11:11 . 2014-02-11 11:11 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-02-11 11:11 . 2014-02-11 11:11 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2014-02-11 11:11 . 2014-02-11 11:11 135680 ----a-w- c:\windows\system32\sspicli.dll
2014-02-11 11:10 . 2014-02-11 11:10 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-02-11 11:10 . 2014-02-11 11:10 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-02-11 11:10 . 2014-02-11 11:10 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-02-11 11:10 . 2014-02-11 11:10 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-02-11 11:10 . 2014-02-11 11:10 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-01-18 21:04 . 2014-01-18 21:15 4406784 ----a-w- c:\program files\RogueKillerX64.exe
2013-10-25 07:34 . 2013-10-25 07:34 1530368 ----a-w- c:\program files (x86)\Universal-KeyGen-Generator.exe
2013-03-29 22:23 . 2013-03-30 16:48 1563968 ----a-w- c:\program files (x86)\Iobit......HANZY.exe
2005-03-12 13:39 . 2005-03-05 16:21 1347584 ----a-w- c:\program files (x86)\Common Files\EXIF Viewer.exe
1997-12-01 00:00 . 2011-10-26 21:37 317440 ----a-r- c:\program files (x86)\Mtran.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-24 04:57 220632 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-24 04:57 220632 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-24 04:57 220632 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys;c:\windows\SYSNATIVE\DRIVERS\EIO64.sys [x]
R2 ASWLCCSvc;ASUS Wireless Card Service;c:\program files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe;c:\program files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 P1C1394;Phase One 1394 Camera Driver;c:\windows\System32\Drivers\p1c1394.sys;c:\windows\SYSNATIVE\Drivers\p1c1394.sys [x]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys;c:\windows\SYSNATIVE\DRIVERS\thdudf.sys [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 V0770Vid;Live! Cam Sync HD VF0770 Driver;c:\windows\system32\DRIVERS\V0770Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0770Vid.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [x]
R4 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R4 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
R4 Backupper Service;AOMEI Backupper Scheduler Service;c:\program files (x86)\AOMEI Backupper\ABService.exe;c:\program files (x86)\AOMEI Backupper\ABService.exe [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x]
R4 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe [x]
R4 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
R4 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;c:\program files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe;c:\program files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [x]
R4 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [x]
R4 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R4 RVSMONBL;Returnil Virtual System Core Service;c:\windows\SysWOW64\Returnil\RVS3\rvsmon.exe;c:\windows\SysWOW64\Returnil\RVS3\rvsmon.exe [x]
R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R4 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 WO_LiveService;Ashampoo LiveTuner Service;d:\ashampoo winoptimizer 10.02.05 cz portable\App\WinOptimizer\LiveTunerService.exe;d:\ashampoo winoptimizer 10.02.05 cz portable\App\WinOptimizer\LiveTunerService.exe [x]
R4 WO_LiveService2;Ashampoo LiveTuner 2 Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [x]
S0 ambakdrv;ambakdrv;c:\windows\system32\ambakdrv.sys;c:\windows\SYSNATIVE\ambakdrv.sys [x]
S0 RVSystem;RVSystem;c:\windows\system32\Drivers\RVSystem.sys;c:\windows\SYSNATIVE\Drivers\RVSystem.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys;c:\windows\SYSNATIVE\drivers\Bfilter.sys [x]
S1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys;c:\windows\SYSNATIVE\drivers\Bfmon.sys [x]
S1 Bnbase;Bnbase;c:\windows\system32\drivers\bnbasex64.sys;c:\windows\SYSNATIVE\drivers\bnbasex64.sys [x]
S1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef64.sys;c:\windows\SYSNATIVE\drivers\bndef64.sys [x]
S1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys;c:\windows\SYSNATIVE\drivers\Bprotect.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 rvsmon;rvsmon;c:\windows\system32\DRIVERS\rvsmon.sys;c:\windows\SYSNATIVE\DRIVERS\rvsmon.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ammntdrv;ammntdrv;c:\windows\system32\ammntdrv.sys;c:\windows\SYSNATIVE\ammntdrv.sys [x]
S2 amwrtdrv;amwrtdrv;c:\windows\system32\amwrtdrv.sys;c:\windows\SYSNATIVE\amwrtdrv.sys [x]
S2 BAVSvc;Baidu Antivirus Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe [x]
S2 BHipsSvc;Baidu Hips Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 LiveTuner2PM;Ashampoo LiveTuner 2 Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [x]
S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;d:\ashampoo winoptimizer 10.02.05 cz portable\App\WinOptimizer\LiveTunerProcessMonitor64.sys;d:\ashampoo winoptimizer 10.02.05 cz portable\App\WinOptimizer\LiveTunerProcessMonitor64.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 rvsmonf;rvsmonf;c:\windows\system32\DRIVERS\rvsmonf.sys;c:\windows\SYSNATIVE\DRIVERS\rvsmonf.sys [x]
S2 rvsmonn;rvsmonn;c:\windows\system32\DRIVERS\rvsmonn2.sys;c:\windows\SYSNATIVE\DRIVERS\rvsmonn2.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BdApiUtil;BdApiUtil;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [x]
S3 BdCameraProtect;BdCameraProtect;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - BavR3base
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-25 18:07 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:10]
.
2014-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 09:36]
.
2014-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 09:36]
.
2014-04-30 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-03-30 05:47]
.
2014-04-30 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-12-18 05:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-24 04:57 244696 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-24 04:57 244696 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-24 04:57 244696 ----a-w- c:\users\BetaVerze\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BaiduAntivirusIconLock]
@="{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}"
[HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}]
2014-04-30 08:50 325480 ----a-w- c:\program files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\BetaVerze\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-09 08:51 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-09 08:51 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-09 08:51 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-09 08:51 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-09 08:51 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2013-01-24 07:48 482144 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2013-01-24 07:48 482144 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2013-01-24 07:48 482144 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2013-01-24 07:48 482144 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyServer = localhost:8080
IE: Add to Google Photos Screensa&ver
IE: Clip image - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: New note - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Nová poznámka - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Oříznout tuto stránku - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Vystřihnout obrázek - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Vystřihnout URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Výběr oříznutí - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} -
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~2\Eurotran 2003\e2003i.dll
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2014-03-15 16:32; fmconverter@gmail.com; c:\program files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF - ExtSQL: 2014-03-21 10:09; PrivDog@AdTrustMedia.com; c:\users\BetaVerze\AppData\Roaming\Mozilla\Firefox\Profiles\gnleqish.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-HKLM - c:\directory\CyberGate\WinDir\winuptade.exe
HKLM_Wow6432Node-ActiveSetup-{76GV7767-8W8W-UI8P-6EDL-8UWV033Y1445} - c:\directory\CyberGate\WinDir\winuptade.exe
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
AddRemove-AllerCalc - c:\program files (x86)\AllerCalc\Uninstall.exe
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-IObit Surfing Protection_is1 - c:\program files (x86)\IObit\Surfing Protection\unins000.exe
AddRemove-IObitUninstall - c:\program files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe
AddRemove-Smart Defrag 3_is1 - c:\program files (x86)\IObit\Smart Defrag 3\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\PC Probe II\Probe2.exe
c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Baidu Security\Baidu Antivirus\BavUpdater.exe
.
**************************************************************************
.
Celkový čas: 2014-05-01 00:36:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-30 22:36
ComboFix2.txt 2014-04-15 19:11
.
Před spuštěním: Volných bajtů: 118 569 451 520
Po spuštění: Volných bajtů: 117 897 138 176
.
- - End Of File - - CF7531AB134889B9619A51D9D625E0E9
687BD79F63D87AA25AA115FF2FF4D12C

goha · #30 Příspěvek od **goha** » 01 kvě 2014 00:06

Pozn.: Baidu byl vypnutý, nechápu, jak se mohl objevit jako spuštěný.

VIRY.CZ

Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix

Re: Prosím o kontrolu logu ComboFix