Posílám log. Něco dělám špatně, na něco mám nějaký špatný odkaz, je to k zlosti. Můžete s prosím na to mrknout?
Eset ho hlásí ale jen ve Firefoxu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ovcacek at 2014-07-03 15:24:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (27%) free of 91 GB
Total RAM: 8099 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:24:20, on 3.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe
C:\Users\Ovcacek\Downloads\VectorClock-Sunset.exe
C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\Program Files\trend micro\Ovcacek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [P7131Appl] C:\Program Files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
O4 - HKLM\..\Run: [Clarus Drive Manager] C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"
O4 - HKCU\..\Run: [Diar_VS] C:\Program Files (x86)\Diar 5\diar.exe
O4 - HKCU\..\Run: [OV2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" -NoStart
O4 - HKCU\..\Run: [Downloads\Vector-Clock_VectorClock-Sunset] "C:\Users\Ovcacek\Downloads\VectorClock-Sunset.exe"
O4 - Global Startup: ASUS
O4 - Global Startup: Samsung Drive Manager Real-Time.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Desktop Utilities Service (IduService) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Desktop Boards FSC Application Service - Intel Corporation - C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RCSERVICE - Unknown owner - C:\Program Files\ASUS\P7131\Remote Control\RCService64.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Samsung Drive Manager Service (SZDrvSvc) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13016 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\ASUS\P7131\Remote Control\RCService64.exe"
"C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"
"C:\Users\Ovcacek\Downloads\VectorClock-Sunset.exe"
"C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe"
"C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" -Hide
WLIDSvcM.exe 2172
"C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-925081c8-d823-4d4f-ab89-964ab90ed37b -SystemEventPortName:HostProcess-0fd18b5a-700d-4cd5-a275-0524161f9680 -IoCancelEventPortName:HostProcess-31c1f13f-b91c-42f6-9b20-1496afe96fba -NonStateChangingEventPortName:HostProcess-5af9b56b-f4a6-4d6c-a1ec-607d3f8f136b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c889826f-2667-4e9a-a851-e3202be8dfba -DeviceGroupId:WpdFsGroup
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ovcacek\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-197756755-3138940464-450610613-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-197756755-3138940464-450610613-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
=========Mozilla firefox=========
ProfilePath - C:\Users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandora.tv/npmini,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\extensions\
de-DE@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
sitematchersite@sitematchersite.com
{65030561-c150-4370-836c-7c9d04f7a1b4}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\searchplugins\
firmycz.xml
hledejcenycz.xml
mapycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-17 537576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-17 193512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2014-05-08 68480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2011-12-16 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2011-12-16 360448]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2013-10-07 4148664]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"eyeBeam SIP Client"=C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe [2010-01-04 23941120]
"Diar_VS"=C:\Program Files (x86)\Diar 5\diar.exe [2007-11-11 496128]
"OV2_Monitor"=C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe [2012-08-23 231344]
"Downloads\Vector-Clock_VectorClock-Sunset"=C:\Users\Ovcacek\Downloads\VectorClock-Sunset.exe [2013-12-18 1162096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"=C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe [2011-11-10 1632456]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-14 113288]
""= []
"P7131Appl"=C:\Program Files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe [2008-07-31 65536]
"Clarus Drive Manager"=C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-12-18 8135744]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ASUS
Samsung Drive Manager Real-Time.lnk - C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-03 15:24:19 ----D---- C:\rsit
2014-07-01 21:20:21 ----D---- C:\Program Files (x86)\CCleaner
2014-07-01 21:08:54 ----SHD---- C:\$RECYCLE.BIN
2014-07-01 14:43:55 ----D---- C:\Windows\temp
2014-06-30 21:20:24 ----D---- C:\ProgramData\Apple
2014-06-30 21:19:14 ----A---- C:\Windows\zoek-delete.exe
2014-06-30 21:06:43 ----D---- C:\zoek_backup
2014-06-30 18:00:42 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-06-30 17:58:55 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-06-30 17:50:54 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-30 10:43:12 ----D---- C:\Program Files\trend micro
2014-06-26 20:23:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-06-19 12:00:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-17 13:14:21 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-06-16 11:55:18 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-16 11:55:18 ----A---- C:\Windows\system32\usp10.dll
2014-06-16 11:55:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-16 11:55:18 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-16 11:55:17 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-16 11:55:17 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-16 11:55:17 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-16 11:55:17 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\msxml6.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-16 11:55:17 ----A---- C:\Windows\system32\msxml3.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-16 11:55:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-16 11:55:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-16 11:55:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-16 11:55:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-16 11:55:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-16 11:55:14 ----A---- C:\Windows\system32\urlmon.dll
2014-06-16 11:55:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-16 11:55:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-16 11:55:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-16 11:55:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-16 11:55:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-16 11:55:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-16 11:55:13 ----A---- C:\Windows\system32\iesetup.dll
2014-06-16 11:55:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-16 11:55:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-16 11:55:13 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-16 11:55:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-16 11:55:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-16 11:55:12 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-16 11:55:12 ----A---- C:\Windows\system32\iertutil.dll
2014-06-16 11:55:12 ----A---- C:\Windows\system32\iernonce.dll
2014-06-16 11:55:11 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-16 11:55:11 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-16 11:55:11 ----A---- C:\Windows\system32\ieui.dll
2014-06-16 11:55:11 ----A---- C:\Windows\system32\ieframe.dll
2014-06-16 11:55:11 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\wininet.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\vbscript.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\msrating.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\jscript9.dll
2014-06-16 11:55:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-16 11:55:10 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-16 11:55:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-16 11:55:09 ----A---- C:\Windows\system32\mshtml.dll
2014-06-16 11:54:43 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 12:46:32 ----A---- C:\Windows\system32\aeinv.dll
======List of files/folders modified in the last 1 month======
2014-07-03 15:21:07 ----D---- C:\Windows
2014-07-03 15:20:33 ----D---- C:\Windows\system32\config
2014-07-03 15:18:11 ----D---- C:\Windows\inf
2014-07-03 15:06:00 ----D---- C:\Windows\System32
2014-07-03 15:06:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-01 21:30:51 ----D---- C:\Program Files (x86)\Balabolka
2014-07-01 21:27:20 ----D---- C:\Program Files\ProgDVB
2014-07-01 21:27:18 ----D---- C:\Windows\Microsoft.NET
2014-07-01 21:27:06 ----D---- C:\Program Files (x86)\ProgDVB
2014-07-01 21:27:04 ----RSD---- C:\Windows\assembly
2014-07-01 21:26:51 ----RD---- C:\Program Files (x86)
2014-07-01 21:08:18 ----D---- C:\Windows\Prefetch
2014-07-01 21:06:54 ----SHD---- C:\System Volume Information
2014-07-01 19:07:33 ----A---- C:\Windows\TRNCOM.INI
2014-07-01 14:46:30 ----D---- C:\Windows\system32\drivers
2014-07-01 14:45:12 ----A---- C:\Windows\system.ini
2014-07-01 14:45:09 ----D---- C:\Windows\system32\drivers\etc
2014-07-01 14:43:42 ----D---- C:\Windows\Tasks
2014-07-01 14:42:02 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-01 14:42:02 ----D---- C:\Windows\SysWOW64
2014-07-01 14:42:02 ----D---- C:\Windows\AppPatch
2014-07-01 14:42:02 ----D---- C:\Program Files (x86)\Common Files
2014-07-01 08:34:22 ----D---- C:\Users\Ovcacek\AppData\Roaming\Skype
2014-06-30 21:20:24 ----D---- C:\ProgramData
2014-06-30 21:16:55 ----SHD---- C:\Windows\Installer
2014-06-30 10:43:12 ----RD---- C:\Program Files
2014-06-30 08:26:46 ----D---- C:\Windows\system32\wfp
2014-06-30 08:26:46 ----D---- C:\Windows\system32\wbem
2014-06-30 08:25:55 ----D---- C:\Windows\system32\Tasks
2014-06-30 08:25:55 ----D---- C:\Windows\system32\DriverStore
2014-06-30 08:25:55 ----D---- C:\Windows\system32\catroot2
2014-06-30 08:25:54 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-30 08:25:53 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-30 08:25:52 ----D---- C:\Windows\registration
2014-06-29 20:48:48 ----D---- C:\Users\Ovcacek\AppData\Roaming\inkscape
2014-06-29 20:48:39 ----D---- C:\Windows\debug
2014-06-26 20:22:33 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 16:29:17 ----D---- C:\Users\Ovcacek\AppData\Roaming\vlc
2014-06-26 15:17:29 ----D---- C:\Windows\system32\catroot
2014-06-26 14:26:59 ----D---- C:\Windows\system32\NDF
2014-06-26 12:03:48 ----D---- C:\Users\Ovcacek\AppData\Roaming\Adobe
2014-06-24 15:09:38 ----A---- C:\Windows\system32\msvcr100.dll
2014-06-24 15:09:38 ----A---- C:\Windows\system32\msvcp100.dll
2014-06-20 06:10:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 15:16:56 ----RD---- C:\Program Files (x86)\Skype
2014-06-18 15:16:54 ----D---- C:\ProgramData\Skype
2014-06-18 15:09:23 ----D---- C:\Windows\rescache
2014-06-18 08:26:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-06-16 12:02:42 ----D---- C:\Windows\winsxs
2014-06-16 12:01:43 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-16 12:01:43 ----D---- C:\Windows\system32\en-US
2014-06-16 12:01:43 ----D---- C:\Program Files\Internet Explorer
2014-06-16 12:01:43 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-16 12:01:24 ----D---- C:\Windows\system32\MRT
2014-06-16 11:59:08 ----A---- C:\Windows\system32\MRT.exe
2014-06-16 11:59:04 ----D---- C:\ProgramData\Microsoft Help
2014-06-16 11:57:53 ----SD---- C:\Windows\system32\CompatTel
2014-06-16 11:52:27 ----RSD---- C:\Windows\Fonts
2014-06-16 11:51:51 ----D---- C:\Windows\AppCompat
2014-06-16 11:51:51 ----D---- C:\Users\Ovcacek\AppData\Roaming\FreeCommander
2014-06-16 11:51:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-16 11:51:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-21 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-10-25 219184]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-09 155896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-09 147096]
R3 cpuio;CPUIO Service; \??\C:\Windows\SysWOW64\Drivers\cpuiox64.sys [2011-12-16 15384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-07-20 342704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 mdf16;mdf16; \??\C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [2012-06-21 20400]
R3 mvd23;mvd23; \??\C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [2012-06-21 99248]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-07-28 92672]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-07-28 209408]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [2007-04-03 1418112]
R3 smbusp;Intel(R) SMBus 2.0 Driver; C:\Windows\system32\DRIVERS\intelsmb.sys [2011-11-10 28544]
S3 3xHybr64;ASUSTek SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-01-25 3110656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-10-03 117760]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2013-10-07 1025584]
R2 IduService;Intel(R) Desktop Utilities Service; C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [2011-11-10 124616]
R2 Intel(R) Desktop Boards FSC Application Service;Intel(R) Desktop Boards FSC Application Service; C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [2011-11-10 61440]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-06-29 171688]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 RCSERVICE;RCSERVICE; C:\Program Files\ASUS\P7131\Remote Control\RCService64.exe [2008-07-30 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2007-02-09 262247]
R2 SZDrvSvc;Samsung Drive Manager Service; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2013-12-18 18432]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2011-12-16 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-18 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2013-10-07 42048]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2013-10-07 191368]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-19 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zase ten ... Kryptik!!!
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zase ten ... Kryptik!!!
Zdravím!
Spusťte nejprve toto:
Spusťte nejprve toto:
Stáhněte Malwarebytes Anti-Rootkit http://www.malwarebytes.org/products/mbar/
Uložte nejlépe na Plochu a rozbalte
Spusťte kliknutím na mbar
Nyní postupně klikněte na Next a Update
Po dokončení update (aktualizace) databáze klikněte opět na Next
Nechte zaškrtnute všechny tři možnosti a kliněte na Scan čímž spustíte prohledavani PC
Po dokončeni skenu (cca 5 minutek) zkontrolujte, zda-li je u všech nalezů (samozrejme pokud budou) zatržítko
Tež zkontrolujte, jestli je zatržitko u Create Restore point
Nyní klikněte na CleanUp čímž nalezenou infekci odstraníme
PC bude restartován
Složka mbar by měla obsahovat log (a zřejmě se i sám otevře) mbar-log-rok-měsíc-den (hodina-minuta-sekunda).txt, ten mi sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zase ten ... Kryptik!!!
log
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.07.03.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17126
Ovcacek :: OVCACEK-PC [limited]
3.7.2014 20:34:01
mbar-log-2014-07-03 (20-34-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304160
Time elapsed: 5 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.07.03.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17126
Ovcacek :: OVCACEK-PC [limited]
3.7.2014 20:34:01
mbar-log-2014-07-03 (20-34-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304160
Time elapsed: 5 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zase ten ... Kryptik!!!
Toto je OK. Ještě dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zase ten ... Kryptik!!!
log CF
ComboFix 14-07-03.01 - Ovcacek 03.07.2014 21:03:20.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8099.6241 [GMT 2:00]
Spuštěný z: c:\users\Ovcacek\Desktop\ComboFix.exe
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-03 do 2014-07-03 )))))))))))))))))))))))))))))))
.
.
2014-07-03 19:06 . 2014-07-03 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-03 18:26 . 2014-07-03 18:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-03 13:24 . 2014-07-03 13:24 -------- d-----w- C:\rsit
2014-07-01 19:20 . 2014-07-01 19:20 -------- d-----w- c:\program files (x86)\CCleaner
2014-07-01 06:35 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC548799-5860-4964-BA2A-5D70DB3D0C3E}\mpengine.dll
2014-06-30 20:51 . 2014-06-30 20:51 -------- d-sh--w- c:\users\Ovcacek\AppData\Local\EmieUserList
2014-06-30 20:51 . 2014-06-30 20:51 -------- d-sh--w- c:\users\Ovcacek\AppData\Local\EmieSiteList
2014-06-30 19:20 . 2014-06-30 19:20 -------- d-----w- c:\programdata\Apple
2014-06-30 19:19 . 2014-07-03 19:06 -------- d-----w- c:\users\Ovcacek\AppData\Local\Temp
2014-06-30 19:19 . 2014-06-30 19:09 24064 ----a-w- c:\windows\zoek-delete.exe
2014-06-30 19:06 . 2014-06-30 19:20 -------- d-----w- C:\zoek_backup
2014-06-30 16:00 . 2014-07-03 18:26 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-30 15:58 . 2014-07-03 18:26 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-30 15:50 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-30 08:43 . 2014-07-03 13:24 -------- d-----w- c:\program files\trend micro
2014-06-26 18:23 . 2014-06-26 18:23 -------- d-----w- c:\program files (x86)\SiteLookup
2014-06-19 21:26 . 2014-06-19 21:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Adobe
2014-06-18 13:17 . 2014-06-18 13:17 -------- d-----w- c:\users\Ovcacek\AppData\Local\Skype
2014-06-18 13:16 . 2014-06-18 13:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-17 11:14 . 2014-06-17 14:13 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-16 09:54 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-16 06:42 . 2014-06-16 09:51 -------- d-----w- c:\users\Ovcacek\AppData\Local\Akamai
2014-06-11 10:47 . 2014-05-30 09:28 146432 ----a-w- c:\program files\Internet Explorer\Timeline_is.dll
2014-06-11 10:46 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-05 20:32 . 2014-06-05 20:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Clarus
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 13:09 . 2011-06-11 00:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-06-24 13:09 . 2011-06-11 00:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-06-18 06:26 . 2012-04-02 06:14 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-18 06:26 . 2011-12-16 00:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 09:59 . 2011-12-15 23:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-04-14 18:13 . 2013-06-20 18:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-14 10:27 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 10:27 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 10:27 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 10:27 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 10:27 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 10:27 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 10:27 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"eyeBeam SIP Client"="c:\program files (x86)\CounterPath\X-Lite\x-lite.exe" [2010-01-04 23941120]
"Diar_VS"="c:\program files (x86)\Diar 5\diar.exe" [2007-11-11 496128]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" [2012-08-23 231344]
"Downloads\Vector-Clock_VectorClock-Sunset"="c:\users\Ovcacek\Downloads\VectorClock-Sunset.exe" [2013-12-18 1162096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files (x86)\Intel\Intel Desktop Utilities\ipTray.exe" [2011-11-10 1632456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"P7131Appl"="c:\program files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2013-12-18 8135744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2014-5-28 136192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ASUS\ASUS Splendid\
ASUS Splendid.lnk - c:\program files (x86)\ASUS\ASUS Splendid\ASUSplendid.exe [2012-3-9 651264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService64.exe;c:\program files\ASUS\P7131\Remote Control\RCService64.exe [x]
R3 3xHybr64;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IduService;Intel(R) Desktop Utilities Service;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [x]
S2 Intel(R) Desktop Boards FSC Application Service;Intel(R) Desktop Boards FSC Application Service;c:\program files (x86)\Intel\FSC\FSCAppServ.exe;c:\program files (x86)\Intel\FSC\FSCAppServ.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S3 cpuio;CPUIO Service;c:\windows\SysWOW64\Drivers\cpuiox64.sys;c:\windows\SysWOW64\Drivers\cpuiox64.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2013-10-07 4148664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
Celkový čas: 2014-07-03 21:07:08
ComboFix-quarantined-files.txt 2014-07-03 19:07
.
Před spuštěním: Volných bajtů: 25 956 659 200
Po spuštění: Volných bajtů: 25 659 101 184
.
- - End Of File - - 8AF57ADC28407680E0646DDA7DC46ADF
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-07-03.01 - Ovcacek 03.07.2014 21:03:20.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8099.6241 [GMT 2:00]
Spuštěný z: c:\users\Ovcacek\Desktop\ComboFix.exe
AV: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Endpoint Antivirus 5.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-03 do 2014-07-03 )))))))))))))))))))))))))))))))
.
.
2014-07-03 19:06 . 2014-07-03 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-03 18:26 . 2014-07-03 18:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-03 13:24 . 2014-07-03 13:24 -------- d-----w- C:\rsit
2014-07-01 19:20 . 2014-07-01 19:20 -------- d-----w- c:\program files (x86)\CCleaner
2014-07-01 06:35 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC548799-5860-4964-BA2A-5D70DB3D0C3E}\mpengine.dll
2014-06-30 20:51 . 2014-06-30 20:51 -------- d-sh--w- c:\users\Ovcacek\AppData\Local\EmieUserList
2014-06-30 20:51 . 2014-06-30 20:51 -------- d-sh--w- c:\users\Ovcacek\AppData\Local\EmieSiteList
2014-06-30 19:20 . 2014-06-30 19:20 -------- d-----w- c:\programdata\Apple
2014-06-30 19:19 . 2014-07-03 19:06 -------- d-----w- c:\users\Ovcacek\AppData\Local\Temp
2014-06-30 19:19 . 2014-06-30 19:09 24064 ----a-w- c:\windows\zoek-delete.exe
2014-06-30 19:06 . 2014-06-30 19:20 -------- d-----w- C:\zoek_backup
2014-06-30 16:00 . 2014-07-03 18:26 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-30 15:58 . 2014-07-03 18:26 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-30 15:50 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-30 08:43 . 2014-07-03 13:24 -------- d-----w- c:\program files\trend micro
2014-06-26 18:23 . 2014-06-26 18:23 -------- d-----w- c:\program files (x86)\SiteLookup
2014-06-19 21:26 . 2014-06-19 21:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Adobe
2014-06-18 13:17 . 2014-06-18 13:17 -------- d-----w- c:\users\Ovcacek\AppData\Local\Skype
2014-06-18 13:16 . 2014-06-18 13:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-17 11:14 . 2014-06-17 14:13 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-16 09:54 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-16 06:42 . 2014-06-16 09:51 -------- d-----w- c:\users\Ovcacek\AppData\Local\Akamai
2014-06-11 10:47 . 2014-05-30 09:28 146432 ----a-w- c:\program files\Internet Explorer\Timeline_is.dll
2014-06-11 10:46 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-05 20:32 . 2014-06-05 20:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Clarus
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 13:09 . 2011-06-11 00:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-06-24 13:09 . 2011-06-11 00:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-06-18 06:26 . 2012-04-02 06:14 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-18 06:26 . 2011-12-16 00:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 09:59 . 2011-12-15 23:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-04-14 18:13 . 2013-06-20 18:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-14 10:27 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 10:27 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 10:27 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 10:27 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 10:27 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 10:27 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 10:27 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"eyeBeam SIP Client"="c:\program files (x86)\CounterPath\X-Lite\x-lite.exe" [2010-01-04 23941120]
"Diar_VS"="c:\program files (x86)\Diar 5\diar.exe" [2007-11-11 496128]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" [2012-08-23 231344]
"Downloads\Vector-Clock_VectorClock-Sunset"="c:\users\Ovcacek\Downloads\VectorClock-Sunset.exe" [2013-12-18 1162096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files (x86)\Intel\Intel Desktop Utilities\ipTray.exe" [2011-11-10 1632456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"P7131Appl"="c:\program files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2013-12-18 8135744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2014-5-28 136192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ASUS\ASUS Splendid\
ASUS Splendid.lnk - c:\program files (x86)\ASUS\ASUS Splendid\ASUSplendid.exe [2012-3-9 651264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService64.exe;c:\program files\ASUS\P7131\Remote Control\RCService64.exe [x]
R3 3xHybr64;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IduService;Intel(R) Desktop Utilities Service;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [x]
S2 Intel(R) Desktop Boards FSC Application Service;Intel(R) Desktop Boards FSC Application Service;c:\program files (x86)\Intel\FSC\FSCAppServ.exe;c:\program files (x86)\Intel\FSC\FSCAppServ.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S3 cpuio;CPUIO Service;c:\windows\SysWOW64\Drivers\cpuiox64.sys;c:\windows\SysWOW64\Drivers\cpuiox64.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2013-10-07 4148664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
Celkový čas: 2014-07-03 21:07:08
ComboFix-quarantined-files.txt 2014-07-03 19:07
.
Před spuštěním: Volných bajtů: 25 956 659 200
Po spuštění: Volných bajtů: 25 659 101 184
.
- - End Of File - - 8AF57ADC28407680E0646DDA7DC46ADF
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zase ten ... Kryptik!!!
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\windows\zoek-delete.exe
Folder::
C:\zoek_backup
c:\users\Ovcacek\AppData\Local\Akamai
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zase ten ... Kryptik!!!
Nevím zda se mi to dobře povedlo?
ComboFix 14-07-03.01 - Ovcacek 03.07.2014 22:06:45.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8099.6404 [GMT 2:00]
Spuštěný z: c:\users\Ovcacek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ovcacek\Desktop\CFScript.txt.txt
AV: ESET Endpoint Antivirus 5.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Endpoint Antivirus 5.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ovcacek\AppData\Local\Akamai
c:\users\Ovcacek\AppData\Local\Akamai\CplTasks.xml
c:\users\Ovcacek\AppData\Local\Akamai\euc_state.json
c:\users\Ovcacek\AppData\Local\Akamai\extraroot.pem
c:\users\Ovcacek\AppData\Local\Akamai\installer.txt
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064210.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064612.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064701.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_065340.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_065423.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_093941.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_095053.upload
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064214.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064612.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064708.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_065339.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_065430.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_074016.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_084016.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_093802.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_093946.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_095053.upload
c:\users\Ovcacek\AppData\Local\Akamai\readme.txt
c:\users\Ovcacek\AppData\Local\Akamai\root.pem
c:\users\Ovcacek\AppData\Local\Akamai\user.dat
c:\windows\zoek-delete.exe
C:\zoek_backup
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Codecs\Deflate.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\arj.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\zip.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\unrar.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dbghelp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\detoured.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlall.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlfvideo.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dllink.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlpage.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlselected.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\etasks.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.tlb
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm_01.gif
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmbtsupp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmcs.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmumsp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmwi.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\.autoreg
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome.manifest
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\install.rdf
c:\zoek_backup\C_PROGRA~2_Free Download Manager\flvsniff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\FUM\fum.tlb
c:\zoek_backup\C_PROGRA~2_Free Download Manager\FUM\fumcore.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Help\Free Download Manager.chm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdm2.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdmdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\alb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\arb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\bul.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cat.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cro.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\czk.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\dan.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\dut.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ell.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\eng.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\far.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\fin.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\fre.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\gal.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ger.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\heb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\hun.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\chs.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cht.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\id.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ita.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\jpn.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\kor.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\lt.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\mac.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\nor.LNG
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\pol.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\pt_PT.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ptbr.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\rom.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\rus.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\slo.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\spn.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\srb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\svk.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\swe.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\tha.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\tur.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ukr.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\uzb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\val.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\vie.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\license.txt
c:\zoek_backup\C_PROGRA~2_Free Download Manager\MediaConverter.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Microsoft.VC80.CRT.manifest
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msdl.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcp60.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcp80.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcr80.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\npfdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\player.swf
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Plugins\FDM plugins SDK.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\adddownloadres_err.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\adddownloadres_ok.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\compdlds.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\index.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\sigkey.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\How to create a skin.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\back.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\back_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\creategroup.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dldtasks.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dldtasks_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dlinfo.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dropbox.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\filelist.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\filelist_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\go.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groups.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groupsmenu.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groupsmenu_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\checks.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\choosefolder.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\login.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\logstat.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\mute.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\settime.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\scheduler.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\scheduler_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\sitelist.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\sitelist_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\skin.ini
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tosel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tounsel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_down.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_err.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_starting.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\vidman.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\vidman_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\tips.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\unins000.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\unins000.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Updater.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\vistafx.dll
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_autoconfig.js.vir
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_pref.js.vir
c:\zoek_backup\C_PROGRA~3_Apple Computer\iTunes\SC Info\SC Info.txt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff30.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff30.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\install.rdf
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\20130908204433.log
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\Readme.txt
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\Setup.dat
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Documentation.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\FDM remote control server.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Free Download Manager on the Web.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Free Download Manager.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Software Informer (beta).lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Uninstall Free Download Manager.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Startup_McAfee Security Scan Plus.lnk.vir
c:\zoek_backup\C_User Data_Default_Extensions\newtab.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome.manifest
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\Main.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\ManagerEvent.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\mediaList.xml
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\mediaList.xul
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\Overlay.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\overlay.xul
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\sample.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\WindowMedia.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\icons\default\downbuttonMediaListWin.ico
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon16.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon16disabled.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon24.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon24disabled.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\mediaList.css
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\overlay.css
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\install.rdf
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\components\nppluginrichmediaplayer.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Chrome\playerextension.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Chrome\richmediadownloader.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\converter.ico
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\PluginRichmediaplayer.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\RichMediaDownloader.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdLock
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdSerializeLock
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdShared
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceLock
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Mozilla_Firefox_Profiles_bb3dofn7.default_prefs_30.06.2014_2116_.backup.vir
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Mozilla_Firefox_Profiles_bb3dofn7.default_searchplugins_inbox-search.xml.vir
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Thunderbird_Profiles_6phsun7s.default_prefs_30.06.2014_2116_.backup.vir
c:\zoek_backup\C_Users_Ovcacek_Searches\desktop.ini
c:\zoek_backup\C_Users_Ovcacek_Searches\Everywhere.search-ms
c:\zoek_backup\C_Users_Ovcacek_Searches\Indexed Locations.search-ms
c:\zoek_backup\C_Users_Ovcacek_Searches\Rychlé poznámky (Rychlé poznámky).searchconnector-ms
c:\zoek_backup\C_Windows_Installer_{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\02f828b57ad36e0e.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\272512937d9e61a4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\287204568329e189.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\28bc8f716fd76a47.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\2c53092c95605355.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\31a0997e9a5b5eb3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\32c84fe32bb74d60.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\3917078cb68ec657.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\4eb34629cf18d8aa.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\590ba23ce359fd0c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\610289e025a3ee9a.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\651c5d3cdbfb8bd1.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6d03dad1035885d3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\81f50263e3aa145f.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\a8556537add6dfc5.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\abdbfa30b60c141f.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ad10a52aff5e038d.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c1fa887b03019701.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c4d28dca2e7648be.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d201ef9910cd39de.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d2e94710a5708128.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d79b9dfe81484ec4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e0de16f883bea794.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e192d9f85f18d75c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e576bc66492d19b8.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e99921cf2bc9816d.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\f998975c9cc711ee.fb
c:\zoek_backup\Low.tmp\SkypeClickToCall\Logs\PNRSvc.log
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-03 do 2014-07-03 )))))))))))))))))))))))))))))))
.
.
2014-07-03 20:09 . 2014-07-03 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-03 18:26 . 2014-07-03 18:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-06-26 18:23 . 2014-06-26 18:23 -------- d-----w- c:\program files (x86)\SiteLookup
2014-06-19 21:26 . 2014-06-19 21:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Adobe
2014-06-18 13:17 . 2014-06-18 13:17 -------- d-----w- c:\users\Ovcacek\AppData\Local\Skype
2014-06-18 13:16 . 2014-06-18 13:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-17 11:14 . 2014-06-17 14:13 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-16 09:54 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 10:47 . 2014-05-30 09:28 146432 ----a-w- c:\program files\Internet Explorer\Timeline_is.dll
2014-06-11 10:46 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-05 20:32 . 2014-06-05 20:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Clarus
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 13:09 . 2011-06-11 00:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-06-24 13:09 . 2011-06-11 00:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-06-18 06:26 . 2012-04-02 06:14 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-18 06:26 . 2011-12-16 00:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 09:59 . 2011-12-15 23:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-04-14 18:13 . 2013-06-20 18:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-14 10:27 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 10:27 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 10:27 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 10:27 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 10:27 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 10:27 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 10:27 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"eyeBeam SIP Client"="c:\program files (x86)\CounterPath\X-Lite\x-lite.exe" [2010-01-04 23941120]
"Diar_VS"="c:\program files (x86)\Diar 5\diar.exe" [2007-11-11 496128]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" [2012-08-23 231344]
"Downloads\Vector-Clock_VectorClock-Sunset"="c:\users\Ovcacek\Downloads\VectorClock-Sunset.exe" [2013-12-18 1162096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files (x86)\Intel\Intel Desktop Utilities\ipTray.exe" [2011-11-10 1632456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"P7131Appl"="c:\program files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2013-12-18 8135744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2014-5-28 136192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ASUS\ASUS Splendid\
ASUS Splendid.lnk - c:\program files (x86)\ASUS\ASUS Splendid\ASUSplendid.exe [2012-3-9 651264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 3xHybr64;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IduService;Intel(R) Desktop Utilities Service;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [x]
S2 Intel(R) Desktop Boards FSC Application Service;Intel(R) Desktop Boards FSC Application Service;c:\program files (x86)\Intel\FSC\FSCAppServ.exe;c:\program files (x86)\Intel\FSC\FSCAppServ.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService64.exe;c:\program files\ASUS\P7131\Remote Control\RCService64.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S3 cpuio;CPUIO Service;c:\windows\SysWOW64\Drivers\cpuiox64.sys;c:\windows\SysWOW64\Drivers\cpuiox64.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2013-10-07 4148664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
.
**************************************************************************
.
Celkový čas: 2014-07-03 22:12:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-03 20:12
ComboFix2.txt 2014-07-03 19:07
.
Před spuštěním: Volných bajtů: 25 803 284 480
Po spuštění: Volných bajtů: 25 714 995 200
.
- - End Of File - - AED26EA3FA6D4FB140AF208B30E0692D
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-07-03.01 - Ovcacek 03.07.2014 22:06:45.4.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8099.6404 [GMT 2:00]
Spuštěný z: c:\users\Ovcacek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ovcacek\Desktop\CFScript.txt.txt
AV: ESET Endpoint Antivirus 5.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET Endpoint Antivirus 5.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ovcacek\AppData\Local\Akamai
c:\users\Ovcacek\AppData\Local\Akamai\CplTasks.xml
c:\users\Ovcacek\AppData\Local\Akamai\euc_state.json
c:\users\Ovcacek\AppData\Local\Akamai\extraroot.pem
c:\users\Ovcacek\AppData\Local\Akamai\installer.txt
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064210.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064612.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_064701.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_065340.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_065423.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_093941.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\daemon.debug.log.140616_095053.upload
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064214.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064612.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_064708.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_065339.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_065430.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_074016.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_084016.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_093802.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_093946.sent
c:\users\Ovcacek\AppData\Local\Akamai\Logs\debug.log.140616_095053.upload
c:\users\Ovcacek\AppData\Local\Akamai\readme.txt
c:\users\Ovcacek\AppData\Local\Akamai\root.pem
c:\users\Ovcacek\AppData\Local\Akamai\user.dat
c:\windows\zoek-delete.exe
C:\zoek_backup
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Codecs\Deflate.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\arj.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\7-zip\Formats\zip.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Archive\unrar.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dbghelp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\detoured.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlall.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlfvideo.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dllink.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlpage.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\dlselected.htm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\etasks.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.tlb
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdm_01.gif
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmbtsupp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmcs.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmumsp.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\fdmwi.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\.autoreg
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome.manifest
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Firefox\extension\install.rdf
c:\zoek_backup\C_PROGRA~2_Free Download Manager\flvsniff.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\FUM\fum.tlb
c:\zoek_backup\C_PROGRA~2_Free Download Manager\FUM\fumcore.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Help\Free Download Manager.chm
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdm2.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\iefdmdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\alb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\arb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\bul.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cat.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cro.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\czk.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\dan.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\dut.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ell.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\eng.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\far.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\fin.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\fre.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\gal.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ger.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\heb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\hun.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\chs.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\cht.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\id.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ita.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\jpn.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\kor.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\lt.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\mac.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\nor.LNG
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\pol.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\pt_PT.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ptbr.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\rom.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\rus.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\slo.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\spn.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\srb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\svk.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\swe.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\tha.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\tur.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\ukr.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\uzb.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\val.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Language\vie.lng
c:\zoek_backup\C_PROGRA~2_Free Download Manager\license.txt
c:\zoek_backup\C_PROGRA~2_Free Download Manager\MediaConverter.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Microsoft.VC80.CRT.manifest
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msdl.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcp60.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcp80.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\msvcr80.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\npfdm.dll
c:\zoek_backup\C_PROGRA~2_Free Download Manager\player.swf
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Plugins\FDM plugins SDK.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\adddownloadres_err.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\adddownloadres_ok.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\compdlds.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Server\index.html
c:\zoek_backup\C_PROGRA~2_Free Download Manager\sigkey.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\How to create a skin.url
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\back.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\back_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\creategroup.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dldtasks.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dldtasks_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dlinfo.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\dropbox.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\filelist.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\filelist_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\go.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groups.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groupsmenu.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\groupsmenu_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\checks.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\choosefolder.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\login.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\logstat.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\mute.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\settime.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\scheduler.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\scheduler_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\sitelist.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\sitelist_sel.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\skin.ini
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_bt_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_dld_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_hfe_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sch_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_sites_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool_spider_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_small.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tool0_small_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tosel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tounsel.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_down.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_err.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\tray_starting.ico
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\vidman.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Skins\old style\vidman_d.bmp
c:\zoek_backup\C_PROGRA~2_Free Download Manager\tips.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\unins000.dat
c:\zoek_backup\C_PROGRA~2_Free Download Manager\unins000.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\Updater.exe
c:\zoek_backup\C_PROGRA~2_Free Download Manager\vistafx.dll
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_autoconfig.js.vir
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_pref.js.vir
c:\zoek_backup\C_PROGRA~3_Apple Computer\iTunes\SC Info\SC Info.txt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.5.8\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.1\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\ivmsfdmff30.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff30.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0.7\install.rdf
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\.autoreg
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\ivmsfdmff.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\ivmsfdmff22.xpt
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\vmsfdmff.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\components\vmsfdmff22.dll
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome.manifest
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_brcache.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_dldObserver.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffext.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffext.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffextDM.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffextDM.xul
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_ffpxy.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_fmbtn.js
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\chrome\content\fdm_objtabs.css
c:\zoek_backup\C_PROGRA~3_Free Download Manager\Firefox\Extensions\1.6.0\install.rdf
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\20130908204433.log
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\Readme.txt
c:\zoek_backup\C_PROGRA~3_InstallMate\{9C448C5A-A04C-4F88-AD63-E86E47A7AEAC}\Setup.dat
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Documentation.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\FDM remote control server.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Free Download Manager on the Web.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Free Download Manager.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Software Informer (beta).lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Free Download Manager\Uninstall Free Download Manager.lnk
c:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Startup_McAfee Security Scan Plus.lnk.vir
c:\zoek_backup\C_User Data_Default_Extensions\newtab.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome.manifest
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\Main.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\ManagerEvent.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\mediaList.xml
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\mediaList.xul
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\Overlay.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\overlay.xul
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\sample.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\content\WindowMedia.js
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\icons\default\downbuttonMediaListWin.ico
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon16.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon16disabled.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon24.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\downbuttonIcon24disabled.png
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\mediaList.css
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\chrome\skin\classic\overlay.css
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}\install.rdf
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Firefox\components\nppluginrichmediaplayer.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Chrome\playerextension.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\Chrome\richmediadownloader.crx
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\converter.ico
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\PluginRichmediaplayer.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_Local_Rich Media Player_BrowserExtensions\IE\RichMediaDownloader.dll
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdLock
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdSerializeLock
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceCmdShared
c:\zoek_backup\C_Users_Ovcacek_AppData_LocalLow_boost_interprocess\DDM0serviceLock
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Mozilla_Firefox_Profiles_bb3dofn7.default_prefs_30.06.2014_2116_.backup.vir
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Mozilla_Firefox_Profiles_bb3dofn7.default_searchplugins_inbox-search.xml.vir
c:\zoek_backup\C_Users_Ovcacek_AppData_Roaming_Thunderbird_Profiles_6phsun7s.default_prefs_30.06.2014_2116_.backup.vir
c:\zoek_backup\C_Users_Ovcacek_Searches\desktop.ini
c:\zoek_backup\C_Users_Ovcacek_Searches\Everywhere.search-ms
c:\zoek_backup\C_Users_Ovcacek_Searches\Indexed Locations.search-ms
c:\zoek_backup\C_Users_Ovcacek_Searches\Rychlé poznámky (Rychlé poznámky).searchconnector-ms
c:\zoek_backup\C_Windows_Installer_{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\02f828b57ad36e0e.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\272512937d9e61a4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\287204568329e189.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\28bc8f716fd76a47.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\2c53092c95605355.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\31a0997e9a5b5eb3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\32c84fe32bb74d60.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\3917078cb68ec657.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\4eb34629cf18d8aa.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\590ba23ce359fd0c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\610289e025a3ee9a.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\651c5d3cdbfb8bd1.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6d03dad1035885d3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\81f50263e3aa145f.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\a8556537add6dfc5.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\abdbfa30b60c141f.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ad10a52aff5e038d.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c1fa887b03019701.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c4d28dca2e7648be.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d201ef9910cd39de.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d2e94710a5708128.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d79b9dfe81484ec4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e0de16f883bea794.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e192d9f85f18d75c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e576bc66492d19b8.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e99921cf2bc9816d.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\f998975c9cc711ee.fb
c:\zoek_backup\Low.tmp\SkypeClickToCall\Logs\PNRSvc.log
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-03 do 2014-07-03 )))))))))))))))))))))))))))))))
.
.
2014-07-03 20:09 . 2014-07-03 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-03 18:26 . 2014-07-03 18:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-06-26 18:23 . 2014-06-26 18:23 -------- d-----w- c:\program files (x86)\SiteLookup
2014-06-19 21:26 . 2014-06-19 21:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Adobe
2014-06-18 13:17 . 2014-06-18 13:17 -------- d-----w- c:\users\Ovcacek\AppData\Local\Skype
2014-06-18 13:16 . 2014-06-18 13:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-17 11:14 . 2014-06-17 14:13 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-16 09:54 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 10:47 . 2014-05-30 09:28 146432 ----a-w- c:\program files\Internet Explorer\Timeline_is.dll
2014-06-11 10:46 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-05 20:32 . 2014-06-05 20:32 -------- d-----w- c:\users\Ovcacek\AppData\Local\Clarus
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 13:09 . 2011-06-11 00:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-06-24 13:09 . 2011-06-11 00:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-06-18 06:26 . 2012-04-02 06:14 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-18 06:26 . 2011-12-16 00:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 09:59 . 2011-12-15 23:44 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-04-14 18:13 . 2013-06-20 18:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-14 10:27 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 10:27 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 10:27 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 10:27 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 10:27 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 10:27 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 10:27 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 10:27 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"eyeBeam SIP Client"="c:\program files (x86)\CounterPath\X-Lite\x-lite.exe" [2010-01-04 23941120]
"Diar_VS"="c:\program files (x86)\Diar 5\diar.exe" [2007-11-11 496128]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" [2012-08-23 231344]
"Downloads\Vector-Clock_VectorClock-Sunset"="c:\users\Ovcacek\Downloads\VectorClock-Sunset.exe" [2013-12-18 1162096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ipTray.exe"="c:\program files (x86)\Intel\Intel Desktop Utilities\ipTray.exe" [2011-11-10 1632456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"P7131Appl"="c:\program files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"Clarus Drive Manager"="c:\program files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe" [2013-12-18 8135744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Drive Manager Real-Time.lnk - c:\program files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe [2014-5-28 136192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ASUS\ASUS Splendid\
ASUS Splendid.lnk - c:\program files (x86)\ASUS\ASUS Splendid\ASUSplendid.exe [2012-3-9 651264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 3xHybr64;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rt61x64;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr6164.sys;c:\windows\SYSNATIVE\DRIVERS\netr6164.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IduService;Intel(R) Desktop Utilities Service;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe;c:\program files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [x]
S2 Intel(R) Desktop Boards FSC Application Service;Intel(R) Desktop Boards FSC Application Service;c:\program files (x86)\Intel\FSC\FSCAppServ.exe;c:\program files (x86)\Intel\FSC\FSCAppServ.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService64.exe;c:\program files\ASUS\P7131\Remote Control\RCService64.exe [x]
S2 SZDrvSvc;Samsung Drive Manager Service;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe;c:\program files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [x]
S3 cpuio;CPUIO Service;c:\windows\SysWOW64\Drivers\cpuiox64.sys;c:\windows\SysWOW64\Drivers\cpuiox64.sys [x]
S3 mdf16;mdf16;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [x]
S3 mvd23;mvd23;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys;c:\program files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"egui"="c:\program files\ESET\ESET Endpoint Antivirus\egui.exe" [2013-10-07 4148664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ovcacek\AppData\Roaming\Mozilla\Firefox\Profiles\bb3dofn7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
.
**************************************************************************
.
Celkový čas: 2014-07-03 22:12:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-03 20:12
ComboFix2.txt 2014-07-03 19:07
.
Před spuštěním: Volných bajtů: 25 803 284 480
Po spuštění: Volných bajtů: 25 714 995 200
.
- - End Of File - - AED26EA3FA6D4FB140AF208B30E0692D
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zase ten ... Kryptik!!!
Jj. Podařilo se. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zase ten ... Kryptik!!!
Vypadá to dobře, žádná hláška se zatím neobjevila. Je nějaká šance zjistit co toho Kryptika spustilo? Řešili jsme to s Vyosekem a vyřešil to. Za dva dny mi naskočil znovu. Dalo by se tedy nějak lokalizovat stránku nebo server odkud se bere?
Re: Zase ten ... Kryptik!!!
Děkuji moc za pomoc, jste borci. Ať se vám daří.
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zase ten ... Kryptik!!!
Přesně těžko lokalizovat. Obvykle se tak stane, pokud navštívíte nějaké "temné zákoutí internetu".jodoanda píše:Vypadá to dobře, žádná hláška se zatím neobjevila. Je nějaká šance zjistit co toho Kryptika spustilo? Řešili jsme to s Vyosekem a vyřešil to. Za dva dny mi naskočil znovu. Dalo by se tedy nějak lokalizovat stránku nebo server odkud se bere?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?