počítač se chová nestardardně
log je z DDS, RSIT FRST nejdou spustit
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.55.2
Run by Uživatel at 21:23:24 on 2014-07-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.2117 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norpalla\updateNorpalla.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Norpalla\bin\Norpalla.BrowserAdapter.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Uživatel\Desktop\dds.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = www.google.com
uSearch Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
mStart Page = www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Norpalla: {18b20944-f54e-4509-88fa-f0ad137bf8de} - C:\Program Files (x86)\Norpalla\Norpallabho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - <orphaned>
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
TCP: Interfaces\{20E83AB4-0F7E-4479-991D-B83AF066C094} : DHCPNameServer = 10.0.0.138
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-7-7 448400]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-7 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-7 224896]
R1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [2014-6-30 61112]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-1-24 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-1-7 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-1-7 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-18 283200]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-7-14 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-7-14 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-7-14 62776]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-1 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-7 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-2 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-7 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-7-7 106488]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-14 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-8-29 872552]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-6-22 101888]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-6-23 2524496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-14 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-7-14 244624]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2013-3-7 794272]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-3 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-29 2656280]
R2 Update Norpalla;Update Norpalla;C:\Program Files (x86)\Norpalla\updateNorpalla.exe [2014-6-30 321824]
R2 Util Norpalla;Util Norpalla;C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe [2014-6-30 321824]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-7-14 169584]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-3 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-3 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-3 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-3 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-3 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-1-14 74840]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-3-12 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 203344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-9 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-07-15 19:23:25 -------- d-----w- C:\Users\U×ivatel\AppData\Local\Microsoft
2014-07-15 17:48:57 -------- d-----w- C:\Program Files (x86)\CCleaner
2014-07-15 13:05:08 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6234C993-D24B-41D4-8A08-3C1F4C9FE820}\mpengine.dll
2014-07-09 19:11:29 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-09 19:11:29 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-07-09 19:11:28 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-09 19:11:24 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-07-09 19:11:24 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-07-09 19:11:24 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11:24 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01:03 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01:01 503296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:01 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-07-09 19:01:00 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01:00 348672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:00 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:00:58 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-09 19:00:57 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-09 19:00:57 110592 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00:56 10240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00:55 544768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00:54 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-08 06:08:23 -------- d-----w- C:\Program Files (x86)\Vlak
2014-07-08 05:42:58 -------- d-----w- C:\Program Files (x86)\DOSBox-0.74
2014-07-07 13:52:46 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-07 13:52:24 448400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-07-07 08:49:16 -------- d-----w- C:\Program Files (x86)\astragon
2014-07-06 16:26:28 -------- d-----w- C:\Program Files (x86)\Quadriga Games
2014-07-02 14:55:01 -------- d-----w- C:\Program Files (x86)\Číslička
2014-07-01 06:49:05 -------- d-----w- C:\Program Files (x86)\BlueStack Systems Inc
2014-07-01 06:49:04 5439488 ----a-w- C:\Windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38:02 61112 ----a-w- C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:32:05 -------- d-----w- C:\Program Files (x86)\Norpalla
2014-06-30 17:31:11 718497 ----a-w- C:\Windows\unins000.exe
2014-06-30 16:12:47 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2014-06-30 16:12:47 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-06-28 06:43:32 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-06-21 11:10:51 -------- d-----w- C:\ProgramData\BlueStacks
2014-06-20 14:47:44 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2014-06-20 14:35:48 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-06-20 14:35:45 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-06-20 14:28:47 -------- d-----w- C:\Program Files (x86)\3D Instructor 2.2 Home
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0401000.01C
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2014-06-18 15:10:16 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2014-06-18 15:10:13 -------- d-----w- C:\Program Files (x86)\NortonInstaller
.
==================== Find3M ====================
.
2014-07-11 09:11:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 09:11:26 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-07 13:52:49 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-07 13:52:49 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-07 13:52:49 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-07 13:52:48 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-07 13:52:48 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-07 13:52:48 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-07 13:52:47 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-07 13:52:32 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-12 01:22:32 0 ----a-w- C:\Windows\SysWow64\sho1016.tmp
2014-06-06 10:47:08 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
.
============= FINISH: 21:25:04,90 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
ADW restartoval |PC a tady je log
# AdwCleaner v3.215 - Report created 15/07/2014 at 21:59:28
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Uživatel - ACER
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_3.215.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\saaveu net
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Retro PC Calculator
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\saaveu net
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files\Retro PC Calculator
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Katka\AppData\Local\torch
Folder Deleted : C:\Users\Katka\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Kuba\AppData\Local\torch
Folder Deleted : C:\Users\Kuba\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Kuba\Documents\Save
Folder Deleted : C:\Users\mamka\AppData\Local\torch
Folder Deleted : C:\Users\mamka\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Uživatel\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Uživatel\AppData\Local\torch
Folder Deleted : C:\Users\Uživatel\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\0V1L2Z2Z1T1I1L1T
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Katka\AppData\Local\Software
Folder Deleted : C:\Users\mamka\AppData\Local\Software
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\searchplugins\smartbar.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\user.js
File Deleted : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\DTReg
File Deleted : C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CFBE80D-5608-4309-A0F5-3B1414833432}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartBar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v
[ File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\n7zvoo75.default\prefs.js ]
[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.creativetoolbars.com/?src=hp&id=smartbar&g=");
Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (CT)");
Line Deleted : user_pref("browser.search.order.1", "Search the web (CT)");
Line Deleted : user_pref("keyword.URL", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=944&systemid=2&v=a10781-124&apn_uid=9533015892924169&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10641A&gct=hp& ... 97-124&t=4
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 96-256&t=4
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=944&systemid=2&v=a9397-124&apn_uid=9533015892924169&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10641A&gct=hp& ... 97-124&t=4
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_uid=9533015892924169&apn_dtid=IME0022&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=107&systemid=473&v=n11496-256&apn_uid=2456480746974146&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=F753F485-42AB-4D7F-B32B-EC2A75E433A8&apn_sauid=11152AB8-A7DB-4C42-BC52-B766F0927A19
Deleted [Extension] : flcjcajklmlbpmgckpcmnampagbhhmcp
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
*************************
AdwCleaner[R0].txt - [1540 octets] - [27/02/2014 23:39:24]
AdwCleaner[R1].txt - [1366 octets] - [27/02/2014 23:44:54]
AdwCleaner[R2].txt - [5134 octets] - [15/07/2014 21:49:10]
AdwCleaner[R3].txt - [5194 octets] - [15/07/2014 21:50:56]
AdwCleaner[R4].txt - [11318 octets] - [15/07/2014 21:57:12]
AdwCleaner[S0].txt - [1607 octets] - [27/02/2014 23:40:58]
AdwCleaner[S1].txt - [1427 octets] - [27/02/2014 23:53:40]
AdwCleaner[S2].txt - [12116 octets] - [15/07/2014 21:59:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12177 octets] ##########
# AdwCleaner v3.215 - Report created 15/07/2014 at 21:59:28
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Uživatel - ACER
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_3.215.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\saaveu net
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Retro PC Calculator
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\saaveu net
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files\Retro PC Calculator
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Katka\AppData\Local\torch
Folder Deleted : C:\Users\Katka\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Kuba\AppData\Local\torch
Folder Deleted : C:\Users\Kuba\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Kuba\Documents\Save
Folder Deleted : C:\Users\mamka\AppData\Local\torch
Folder Deleted : C:\Users\mamka\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Uživatel\AppData\Local\FilesFrog Update Checker
Folder Deleted : C:\Users\Uživatel\AppData\Local\torch
Folder Deleted : C:\Users\Uživatel\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\0V1L2Z2Z1T1I1L1T
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Katka\AppData\Local\Software
Folder Deleted : C:\Users\mamka\AppData\Local\Software
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
Folder Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\searchplugins\smartbar.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\user.js
File Deleted : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\DTReg
File Deleted : C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\flcjcajklmlbpmgckpcmnampagbhhmcp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CFBE80D-5608-4309-A0F5-3B1414833432}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartBar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v
[ File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\n7zvoo75.default\prefs.js ]
[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\096tf21k.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.creativetoolbars.com/?src=hp&id=smartbar&g=");
Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (CT)");
Line Deleted : user_pref("browser.search.order.1", "Search the web (CT)");
Line Deleted : user_pref("keyword.URL", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=944&systemid=2&v=a10781-124&apn_uid=9533015892924169&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10641A&gct=hp& ... 97-124&t=4
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 96-256&t=4
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=944&systemid=2&v=a9397-124&apn_uid=9533015892924169&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Startup_urls] : hxxp://www.search.ask.com/?o=APN10641A&gct=hp& ... 97-124&t=4
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
[ File : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=944&systemid=2&apn_uid=9533015892924169&apn_dtid=IME0022&o=APN10641&apn_ptnrs=AG2&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=107&systemid=473&v=n11496-256&apn_uid=2456480746974146&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=F753F485-42AB-4D7F-B32B-EC2A75E433A8&apn_sauid=11152AB8-A7DB-4C42-BC52-B766F0927A19
Deleted [Extension] : flcjcajklmlbpmgckpcmnampagbhhmcp
Deleted [Extension] : foddndpgaolhiolenefhfpncpgddjkfa
Deleted [Extension] : ihfddhndmnekkgjmdjgmmggockpgnjhb
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
*************************
AdwCleaner[R0].txt - [1540 octets] - [27/02/2014 23:39:24]
AdwCleaner[R1].txt - [1366 octets] - [27/02/2014 23:44:54]
AdwCleaner[R2].txt - [5134 octets] - [15/07/2014 21:49:10]
AdwCleaner[R3].txt - [5194 octets] - [15/07/2014 21:50:56]
AdwCleaner[R4].txt - [11318 octets] - [15/07/2014 21:57:12]
AdwCleaner[S0].txt - [1607 octets] - [27/02/2014 23:40:58]
AdwCleaner[S1].txt - [1427 octets] - [27/02/2014 23:53:40]
AdwCleaner[S2].txt - [12116 octets] - [15/07/2014 21:59:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12177 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Dejte nový log DDS. Proč nejde RSIT a FRST spustit?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
RSIT a FRST napíšou že to není platná aplikace WIN32
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.55.2
Run by Uživatel at 22:07:46 on 2014-07-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.1867 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norpalla\updateNorpalla.exe
C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Norpalla\bin\Norpalla.PurBrowse64.exe
C:\Program Files (x86)\Norpalla\bin\Norpalla.BrowserAdapter.exe
C:\Users\Uživatel\Desktop\dds.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = www.google.com
uSearch Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
mStart Page = www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Norpalla: {18b20944-f54e-4509-88fa-f0ad137bf8de} - C:\Program Files (x86)\Norpalla\Norpallabho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - <orphaned>
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
TCP: Interfaces\{20E83AB4-0F7E-4479-991D-B83AF066C094} : DHCPNameServer = 10.0.0.138
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-7-7 448400]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-7 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-7 224896]
R1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [2014-6-30 61112]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-1-24 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-1-7 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-1-7 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-18 283200]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-7-14 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-7-14 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-7-14 62776]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-1 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-7 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-2 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-7 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-7-7 106488]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-14 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-8-29 872552]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-6-22 101888]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-6-23 2524496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-14 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-7-14 244624]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2013-3-7 794272]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-3 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-29 2656280]
R2 Update Norpalla;Update Norpalla;C:\Program Files (x86)\Norpalla\updateNorpalla.exe [2014-6-30 321824]
R2 Util Norpalla;Util Norpalla;C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe [2014-6-30 321824]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-7-14 169584]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-3 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-3 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-3 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-3 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-3 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-1-14 74840]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-3-12 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 203344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-9 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-07-15 19:58:44 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-07-15 19:23:25 -------- d-----w- C:\Users\U×ivatel\AppData\Local\Microsoft
2014-07-15 17:48:57 -------- d-----w- C:\Program Files (x86)\CCleaner
2014-07-15 13:05:08 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6234C993-D24B-41D4-8A08-3C1F4C9FE820}\mpengine.dll
2014-07-09 19:11:29 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-09 19:11:29 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-07-09 19:11:28 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-09 19:11:24 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-07-09 19:11:24 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-07-09 19:11:24 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11:24 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01:03 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01:01 503296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:01 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-07-09 19:01:00 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01:00 348672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:00 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:00:58 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-09 19:00:57 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-09 19:00:57 110592 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00:56 10240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00:55 544768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00:54 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-08 06:08:23 -------- d-----w- C:\Program Files (x86)\Vlak
2014-07-08 05:42:58 -------- d-----w- C:\Program Files (x86)\DOSBox-0.74
2014-07-07 13:52:46 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-07 13:52:24 448400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-07-07 08:49:16 -------- d-----w- C:\Program Files (x86)\astragon
2014-07-06 16:26:28 -------- d-----w- C:\Program Files (x86)\Quadriga Games
2014-07-02 14:55:01 -------- d-----w- C:\Program Files (x86)\Číslička
2014-07-01 06:49:05 -------- d-----w- C:\Program Files (x86)\BlueStack Systems Inc
2014-07-01 06:49:04 5439488 ----a-w- C:\Windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38:02 61112 ----a-w- C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:32:05 -------- d-----w- C:\Program Files (x86)\Norpalla
2014-06-30 17:31:11 718497 ----a-w- C:\Windows\unins000.exe
2014-06-30 16:12:47 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2014-06-30 16:12:47 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-06-28 06:43:32 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-06-21 11:10:51 -------- d-----w- C:\ProgramData\BlueStacks
2014-06-20 14:47:44 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2014-06-20 14:35:48 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-06-20 14:35:45 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-06-20 14:28:47 -------- d-----w- C:\Program Files (x86)\3D Instructor 2.2 Home
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0401000.01C
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2014-06-18 15:10:16 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2014-06-18 15:10:13 -------- d-----w- C:\Program Files (x86)\NortonInstaller
.
==================== Find3M ====================
.
2014-07-11 09:11:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 09:11:26 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-07 13:52:49 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-07 13:52:49 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-07 13:52:49 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-07 13:52:48 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-07 13:52:48 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-07 13:52:48 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-07 13:52:47 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-07 13:52:32 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-12 01:22:32 0 ----a-w- C:\Windows\SysWow64\sho1016.tmp
2014-06-06 10:47:08 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
.
============= FINISH: 22:09:02,57 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.55.2
Run by Uživatel at 22:07:46 on 2014-07-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.1867 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norpalla\updateNorpalla.exe
C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Norpalla\bin\Norpalla.PurBrowse64.exe
C:\Program Files (x86)\Norpalla\bin\Norpalla.BrowserAdapter.exe
C:\Users\Uživatel\Desktop\dds.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = www.google.com
uSearch Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
mStart Page = www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Norpalla: {18b20944-f54e-4509-88fa-f0ad137bf8de} - C:\Program Files (x86)\Norpalla\Norpallabho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - <orphaned>
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
TCP: Interfaces\{20E83AB4-0F7E-4479-991D-B83AF066C094} : DHCPNameServer = 10.0.0.138
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-7-7 448400]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-7 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-7 224896]
R1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [2014-6-30 61112]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-1-24 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-1-7 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-1-7 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-9-18 283200]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-7-14 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-7-14 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-7-14 62776]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-1 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-7 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-2 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-7 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-7-7 106488]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-14 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-8-29 872552]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-6-22 101888]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-6-23 2524496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-14 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-7-14 244624]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-4-15 377616]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2013-3-7 794272]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-3 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-29 2656280]
R2 Update Norpalla;Update Norpalla;C:\Program Files (x86)\Norpalla\updateNorpalla.exe [2014-6-30 321824]
R2 Util Norpalla;Util Norpalla;C:\Program Files (x86)\Norpalla\bin\utilNorpalla.exe [2014-6-30 321824]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-7-14 169584]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-3 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-3 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-3 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-3 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-3 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-1-14 74840]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-3-12 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 203344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-9 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-07-15 19:58:44 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-07-15 19:23:25 -------- d-----w- C:\Users\U×ivatel\AppData\Local\Microsoft
2014-07-15 17:48:57 -------- d-----w- C:\Program Files (x86)\CCleaner
2014-07-15 13:05:08 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6234C993-D24B-41D4-8A08-3C1F4C9FE820}\mpengine.dll
2014-07-09 19:11:29 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-09 19:11:29 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-07-09 19:11:28 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-09 19:11:24 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-07-09 19:11:24 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2014-07-09 19:11:24 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11:24 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01:03 1247232 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01:01 503296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:01 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-07-09 19:01:00 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01:00 348672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01:00 224768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:00:58 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-09 19:00:57 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-09 19:00:57 110592 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00:56 10240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00:55 544768 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00:54 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-08 06:08:23 -------- d-----w- C:\Program Files (x86)\Vlak
2014-07-08 05:42:58 -------- d-----w- C:\Program Files (x86)\DOSBox-0.74
2014-07-07 13:52:46 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-07 13:52:24 448400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-07-07 08:49:16 -------- d-----w- C:\Program Files (x86)\astragon
2014-07-06 16:26:28 -------- d-----w- C:\Program Files (x86)\Quadriga Games
2014-07-02 14:55:01 -------- d-----w- C:\Program Files (x86)\Číslička
2014-07-01 06:49:05 -------- d-----w- C:\Program Files (x86)\BlueStack Systems Inc
2014-07-01 06:49:04 5439488 ----a-w- C:\Windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38:02 61112 ----a-w- C:\Windows\System32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:32:05 -------- d-----w- C:\Program Files (x86)\Norpalla
2014-06-30 17:31:11 718497 ----a-w- C:\Windows\unins000.exe
2014-06-30 16:12:47 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2014-06-30 16:12:47 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-06-28 06:43:32 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-06-21 11:10:51 -------- d-----w- C:\ProgramData\BlueStacks
2014-06-20 14:47:44 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2014-06-20 14:35:48 165376 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-06-20 14:35:45 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-06-20 14:28:47 -------- d-----w- C:\Program Files (x86)\3D Instructor 2.2 Home
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0401000.01C
2014-06-18 15:10:16 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2014-06-18 15:10:16 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2014-06-18 15:10:13 -------- d-----w- C:\Program Files (x86)\NortonInstaller
.
==================== Find3M ====================
.
2014-07-11 09:11:26 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 09:11:26 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-07 13:52:49 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-07 13:52:49 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-07 13:52:49 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-07 13:52:48 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-07 13:52:48 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-07 13:52:48 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-07 13:52:47 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-07 13:52:32 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-12 01:22:32 0 ----a-w- C:\Windows\SysWow64\sho1016.tmp
2014-06-06 10:47:08 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
.
============= FINISH: 22:09:02,57 ===============
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
jsem stáhnul ale nejde spustit, hází nějaký NSIS error
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Zkuste spustit v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
tak jsem Combofix spustil v nouzovým, tady je log
ComboFix 14-07-16.01 - Uživatel 16.07.2014 13:37:31.3.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.2873 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\AppDeploy.xml
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\Info\ALU_Status_7.txt
c:\programdata\Acer\Acer Updater\ServerInfo.xml
c:\programdata\Acer\Acer Updater\ServerInfo.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foddndpgaolhiolenefhfpncpgddjkfa_0.localstorage-journal
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foddndpgaolhiolenefhfpncpgddjkfa_0.localstorage
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihfddhndmnekkgjmdjgmmggockpgnjhb_0.localstorage-journal
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihfddhndmnekkgjmdjgmmggockpgnjhb_0.localstorage
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-16 do 2014-07-16 )))))))))))))))))))))))))))))))
.
.
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Katka\AppData\Local\temp
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 11:27 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AFC112F-2E55-43DA-A6B4-CBEDF20755A8}\mpengine.dll
2014-07-15 19:23 . 2014-07-15 19:23 -------- d-----w- c:\users\U×ivatel
2014-07-09 19:11 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 19:11 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 19:11 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 19:11 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 19:11 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 19:11 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 19:01 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:01 . 2014-06-18 01:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 19:00 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 19:00 . 2014-06-18 01:51 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-08 19:16 . 2014-07-08 19:16 -------- d-----w- c:\users\Kuba\AppData\Local\Zachtronics Industries
2014-07-08 06:08 . 2014-07-08 06:08 -------- d-----w- c:\program files (x86)\Vlak
2014-07-08 05:43 . 2014-07-08 05:43 -------- d-----w- c:\users\Kuba\AppData\Local\DOSBox
2014-07-08 05:42 . 2014-07-08 05:42 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2014-07-07 13:52 . 2014-07-07 13:52 43152 ----a-w- c:\windows\avastSS.scr
2014-07-07 13:52 . 2014-07-07 13:52 448400 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-07-07 08:49 . 2014-07-07 08:49 -------- d-----w- c:\program files (x86)\astragon
2014-07-06 16:42 . 2014-07-06 16:42 -------- d-----w- c:\users\Kuba\AppData\Local\Quadriga Games
2014-07-06 16:26 . 2014-07-06 16:26 -------- d-----w- c:\program files (x86)\Quadriga Games
2014-07-04 06:44 . 2014-07-05 17:01 -------- d-----w- c:\users\Kuba\AppData\Local\ftblauncher
2014-07-02 14:55 . 2014-07-02 14:55 -------- d-----w- c:\program files (x86)\Číslička
2014-07-01 06:49 . 2014-07-01 06:49 -------- d-----w- c:\program files (x86)\BlueStack Systems Inc
2014-07-01 06:49 . 2014-07-01 06:49 5439488 ----a-w- c:\windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38 . 2014-06-28 20:11 61112 ----a-w- c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:33 . 2014-07-16 21:15 -------- d-----w- c:\users\Uživatel\AppData\Local\FilesFrog Update Checker
2014-06-30 17:32 . 2014-07-16 21:15 -------- d-----w- c:\program files (x86)\Norpalla
2014-06-30 17:31 . 2014-06-30 17:31 718497 ----a-w- c:\windows\unins000.exe
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-06-30 12:04 . 2014-07-08 05:59 -------- d-----w- c:\users\Kuba\AppData\Local\Windows Live
2014-06-28 06:43 . 2014-06-28 06:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-06-21 11:10 . 2014-06-21 11:10 -------- d-----w- c:\programdata\BlueStacks
2014-06-20 14:47 . 2014-06-20 14:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2014-06-20 14:35 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2014-06-20 14:35 . 2014-06-20 14:36 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2014-06-20 14:28 . 2014-06-20 14:37 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home
2014-06-18 15:20 . 2014-06-19 16:24 -------- d-----w- c:\users\Kuba\AppData\Local\Monkey Quest
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\Norton Security Scan
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 09:11 . 2013-03-12 12:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-11 09:11 . 2011-07-14 08:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:42 . 2013-01-09 17:12 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-07 13:53 . 2013-01-07 19:36 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-07 13:52 . 2014-01-02 14:11 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-07 13:52 . 2013-03-07 19:23 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-07 13:52 . 2013-01-07 19:36 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-07 13:52 . 2014-05-01 16:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-07 13:52 . 2013-03-07 19:23 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-07 13:52 . 2013-01-07 19:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-07 13:52 . 2013-01-07 19:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-07 13:52 . 2013-01-07 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-07 13:52 . 2013-01-24 16:08 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-06-12 01:22 . 2014-06-12 01:22 0 ----a-w- c:\windows\SysWow64\sho1016.tmp
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-05-30 07:52 . 2014-07-09 19:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-09 06:14 . 2014-05-14 12:21 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 12:21 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 02:34 . 2014-06-11 11:02 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 11:02 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{18b20944-f54e-4509-88fa-f0ad137bf8de}]
2014-06-30 14:13 249632 ----a-w- c:\program files (x86)\Norpalla\NorpallaBHO.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-17 3588952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"cz.seznam.software.autoupdate"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-10 177448]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2013-09-09 2532352]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-08-21 105120]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-07 4086432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R2 dvdmmg;dvdmmg;c:\windows\system32\drivers\dvdmmg.sys;c:\windows\SYSNATIVE\drivers\dvdmmg.sys [x]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 Update Norpalla;Update Norpalla;c:\program files (x86)\Norpalla\updateNorpalla.exe;c:\program files (x86)\Norpalla\updateNorpalla.exe [x]
R2 Util Norpalla;Util Norpalla;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz135;cpuz135;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys;c:\windows\SYSNATIVE\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 21:14 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:11]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-14 c:\windows\Tasks\Norton Security Scan for Kuba.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-06-18 06:04]
.
2014-07-16 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-03-08 06:51]
.
2014-07-14 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2013-03-08 06:50]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Katka.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Kuba.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Uživatel.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 13:52 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-26 368728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 419096]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{0CFBE80D-5608-4309-A0F5-3B1414833432} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-BlueStacks 0.0.0.0 - c:\program files (x86)\BlueStack Systems Inc\BlueStacks\Uninstall.exe
AddRemove-MyTank - c:\users\Kuba\Desktop\patche\MT\uninstall.exe
AddRemove-smartbar - c:\program files (x86)\Bechiro S.L.\smartbar\1.8.8.12\uninstall.exe
AddRemove-{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1 - c:\users\Kuba\Desktop\Euro Truck S\Euro Truck Simulator 2\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\users\Kuba\Desktop\GTA\WoT\2\unins000.exe
AddRemove-{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1 - c:\users\Kuba\Desktop\hra\City Car Driving\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-07-16 13:55:45
ComboFix-quarantined-files.txt 2014-07-16 11:55
ComboFix2.txt 2014-02-13 22:02
ComboFix3.txt 2014-02-13 20:48
.
Před spuštěním: Volných bajtů: 324 256 768 000
Po spuštění: Volných bajtů: 324 726 816 768
.
- - End Of File - - 98AC4D2F334B2478308B2237BB453E1F
ComboFix 14-07-16.01 - Uživatel 16.07.2014 13:37:31.3.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.2873 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\AppDeploy.xml
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\Info\ALU_Status_7.txt
c:\programdata\Acer\Acer Updater\ServerInfo.xml
c:\programdata\Acer\Acer Updater\ServerInfo.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Katka\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Kuba\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\Kuba\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\mamka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\foddndpgaolhiolenefhfpncpgddjkfa\5.14\QVshG6dp8w.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\background.html
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\content.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\D9Z.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ihfddhndmnekkgjmdjgmmggockpgnjhb\1.0\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\background.html
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\bUn0bn_nAG35.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\content.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\lsdb.js
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajffemldkkhodaedkcpnbpfabiglmdi\246\manifest.json
c:\users\mamka\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foddndpgaolhiolenefhfpncpgddjkfa_0.localstorage-journal
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foddndpgaolhiolenefhfpncpgddjkfa_0.localstorage
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihfddhndmnekkgjmdjgmmggockpgnjhb_0.localstorage-journal
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihfddhndmnekkgjmdjgmmggockpgnjhb_0.localstorage
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-16 do 2014-07-16 )))))))))))))))))))))))))))))))
.
.
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Katka\AppData\Local\temp
2014-07-16 11:52 . 2014-07-16 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 11:27 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AFC112F-2E55-43DA-A6B4-CBEDF20755A8}\mpengine.dll
2014-07-15 19:23 . 2014-07-15 19:23 -------- d-----w- c:\users\U×ivatel
2014-07-09 19:11 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 19:11 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 19:11 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 19:11 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 19:11 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 19:11 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 19:01 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:01 . 2014-06-18 01:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 19:00 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 19:00 . 2014-06-18 01:51 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-08 19:16 . 2014-07-08 19:16 -------- d-----w- c:\users\Kuba\AppData\Local\Zachtronics Industries
2014-07-08 06:08 . 2014-07-08 06:08 -------- d-----w- c:\program files (x86)\Vlak
2014-07-08 05:43 . 2014-07-08 05:43 -------- d-----w- c:\users\Kuba\AppData\Local\DOSBox
2014-07-08 05:42 . 2014-07-08 05:42 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2014-07-07 13:52 . 2014-07-07 13:52 43152 ----a-w- c:\windows\avastSS.scr
2014-07-07 13:52 . 2014-07-07 13:52 448400 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-07-07 08:49 . 2014-07-07 08:49 -------- d-----w- c:\program files (x86)\astragon
2014-07-06 16:42 . 2014-07-06 16:42 -------- d-----w- c:\users\Kuba\AppData\Local\Quadriga Games
2014-07-06 16:26 . 2014-07-06 16:26 -------- d-----w- c:\program files (x86)\Quadriga Games
2014-07-04 06:44 . 2014-07-05 17:01 -------- d-----w- c:\users\Kuba\AppData\Local\ftblauncher
2014-07-02 14:55 . 2014-07-02 14:55 -------- d-----w- c:\program files (x86)\Číslička
2014-07-01 06:49 . 2014-07-01 06:49 -------- d-----w- c:\program files (x86)\BlueStack Systems Inc
2014-07-01 06:49 . 2014-07-01 06:49 5439488 ----a-w- c:\windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38 . 2014-06-28 20:11 61112 ----a-w- c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:33 . 2014-07-16 21:15 -------- d-----w- c:\users\Uživatel\AppData\Local\FilesFrog Update Checker
2014-06-30 17:32 . 2014-07-16 21:15 -------- d-----w- c:\program files (x86)\Norpalla
2014-06-30 17:31 . 2014-06-30 17:31 718497 ----a-w- c:\windows\unins000.exe
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-06-30 12:04 . 2014-07-08 05:59 -------- d-----w- c:\users\Kuba\AppData\Local\Windows Live
2014-06-28 06:43 . 2014-06-28 06:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-06-21 11:10 . 2014-06-21 11:10 -------- d-----w- c:\programdata\BlueStacks
2014-06-20 14:47 . 2014-06-20 14:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2014-06-20 14:35 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2014-06-20 14:35 . 2014-06-20 14:36 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2014-06-20 14:28 . 2014-06-20 14:37 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home
2014-06-18 15:20 . 2014-06-19 16:24 -------- d-----w- c:\users\Kuba\AppData\Local\Monkey Quest
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\Norton Security Scan
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 09:11 . 2013-03-12 12:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-11 09:11 . 2011-07-14 08:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:42 . 2013-01-09 17:12 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-07 13:53 . 2013-01-07 19:36 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-07 13:52 . 2014-01-02 14:11 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-07 13:52 . 2013-03-07 19:23 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-07 13:52 . 2013-01-07 19:36 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-07 13:52 . 2014-05-01 16:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-07 13:52 . 2013-03-07 19:23 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-07 13:52 . 2013-01-07 19:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-07 13:52 . 2013-01-07 19:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-07 13:52 . 2013-01-07 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-07 13:52 . 2013-01-24 16:08 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-06-12 01:22 . 2014-06-12 01:22 0 ----a-w- c:\windows\SysWow64\sho1016.tmp
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-05-30 07:52 . 2014-07-09 19:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-09 06:14 . 2014-05-14 12:21 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 12:21 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 02:34 . 2014-06-11 11:02 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 11:02 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{18b20944-f54e-4509-88fa-f0ad137bf8de}]
2014-06-30 14:13 249632 ----a-w- c:\program files (x86)\Norpalla\NorpallaBHO.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-17 3588952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"cz.seznam.software.autoupdate"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-10 177448]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2013-09-09 2532352]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-08-21 105120]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-07 4086432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R2 dvdmmg;dvdmmg;c:\windows\system32\drivers\dvdmmg.sys;c:\windows\SYSNATIVE\drivers\dvdmmg.sys [x]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 Update Norpalla;Update Norpalla;c:\program files (x86)\Norpalla\updateNorpalla.exe;c:\program files (x86)\Norpalla\updateNorpalla.exe [x]
R2 Util Norpalla;Util Norpalla;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz135;cpuz135;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys;c:\windows\SYSNATIVE\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 21:14 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:11]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-14 c:\windows\Tasks\Norton Security Scan for Kuba.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-06-18 06:04]
.
2014-07-16 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-03-08 06:51]
.
2014-07-14 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2013-03-08 06:50]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Katka.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Kuba.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-15 c:\windows\Tasks\WpsUpdateTask_Uživatel.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 13:52 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-26 368728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 419096]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{0CFBE80D-5608-4309-A0F5-3B1414833432} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-BlueStacks 0.0.0.0 - c:\program files (x86)\BlueStack Systems Inc\BlueStacks\Uninstall.exe
AddRemove-MyTank - c:\users\Kuba\Desktop\patche\MT\uninstall.exe
AddRemove-smartbar - c:\program files (x86)\Bechiro S.L.\smartbar\1.8.8.12\uninstall.exe
AddRemove-{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1 - c:\users\Kuba\Desktop\Euro Truck S\Euro Truck Simulator 2\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\users\Kuba\Desktop\GTA\WoT\2\unins000.exe
AddRemove-{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1 - c:\users\Kuba\Desktop\hra\City Car Driving\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-07-16 13:55:45
ComboFix-quarantined-files.txt 2014-07-16 11:55
ComboFix2.txt 2014-02-13 22:02
ComboFix3.txt 2014-02-13 20:48
.
Před spuštěním: Volných bajtů: 324 256 768 000
Po spuštění: Volných bajtů: 324 726 816 768
.
- - End Of File - - 98AC4D2F334B2478308B2237BB453E1F
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Přesuňte ComboFix na kořenový adresář c:\. Otevřte poznámkový blok a zkopírujte do něj:
Uložte jako CFScript rovněž na kořenový adresář c:\. Pak jej myší v průzkumníku windows (nebo jiném souborovém manažeru) přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\program files (x86)\Norpalla
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
c:\windows\Tasks\WpsUpdateTask_Katka.job
c:\windows\Tasks\WpsUpdateTask_Kuba.job
c:\windows\Tasks\WpsUpdateTask_Uživatel.job
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{18b20944-f54e-4509-88fa-f0ad137bf8de}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Driver::
Update Norpalla
Util Norpalla
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\McAfee]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
tak jsem provedl.lg:
ComboFix 14-07-16.01 - Uživatel 16.07.2014 15:32:18.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.1975 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job"
"c:\windows\Tasks\WpsUpdateTask_Katka.job"
"c:\windows\Tasks\WpsUpdateTask_Kuba.job"
"c:\windows\Tasks\WpsUpdateTask_Uživatel.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Norpalla
c:\program files (x86)\Norpalla\0
c:\program files (x86)\Norpalla\7za.exe
c:\program files (x86)\Norpalla\bin\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}.dll
c:\program files (x86)\Norpalla\bin\7za.exe
c:\program files (x86)\Norpalla\bin\BrowserAdapterS.7z
c:\program files (x86)\Norpalla\bin\Norpalla.BrowserAdapter.exe
c:\program files (x86)\Norpalla\bin\Norpalla.PurBrowse64.exe
c:\program files (x86)\Norpalla\bin\Norpalla.PurBrowseG.zip
c:\program files (x86)\Norpalla\bin\NorpallaBAApp.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.Bromon.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.BroStats.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.BrowserAdapterS.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.CompatibilityChecker.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.FFUpdate.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.IEUpdate.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.PurBrowseG.dll
c:\program files (x86)\Norpalla\bin\utilNorpalla.exe
c:\program files (x86)\Norpalla\bin\utilNorpalla.InstallState
c:\program files (x86)\Norpalla\Norpalla.ico
c:\program files (x86)\Norpalla\NorpallaBHO.dll
c:\program files (x86)\Norpalla\NorpallaUninstall.exe
c:\program files (x86)\Norpalla\updateNorpalla.exe
c:\program files (x86)\Norpalla\updateNorpalla.InstallState
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\AppDeploy.xml
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\Info\ALU_Status_7.txt
c:\programdata\Acer\Acer Updater\ServerInfo.xml
c:\programdata\Acer\Acer Updater\ServerInfo.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Update Norpalla
-------\Service_Util Norpalla
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-16 do 2014-07-16 )))))))))))))))))))))))))))))))
.
.
2014-07-16 13:54 . 2014-07-16 13:54 -------- d-----w- c:\programdata\Acer
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\U§ivatel\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Katka\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-07-16 12:06 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6CE88722-10B7-4146-ABD5-BDBCC4C16F93}\mpengine.dll
2014-07-16 11:55 . 2014-07-16 11:55 -------- d-----w- c:\users\UIVATE~3\AppData
2014-07-15 19:23 . 2014-07-15 19:23 -------- d-----w- c:\users\U×ivatel
2014-07-09 19:11 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 19:11 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 19:11 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 19:11 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 19:11 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 19:11 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 19:01 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:01 . 2014-06-18 01:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 19:00 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 19:00 . 2014-06-18 01:51 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-08 19:16 . 2014-07-08 19:16 -------- d-----w- c:\users\Kuba\AppData\Local\Zachtronics Industries
2014-07-08 06:08 . 2014-07-08 06:08 -------- d-----w- c:\program files (x86)\Vlak
2014-07-08 05:43 . 2014-07-08 05:43 -------- d-----w- c:\users\Kuba\AppData\Local\DOSBox
2014-07-08 05:42 . 2014-07-08 05:42 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2014-07-07 13:52 . 2014-07-07 13:52 43152 ----a-w- c:\windows\avastSS.scr
2014-07-07 13:52 . 2014-07-07 13:52 448400 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-07-07 08:49 . 2014-07-07 08:49 -------- d-----w- c:\program files (x86)\astragon
2014-07-06 16:42 . 2014-07-06 16:42 -------- d-----w- c:\users\Kuba\AppData\Local\Quadriga Games
2014-07-06 16:26 . 2014-07-06 16:26 -------- d-----w- c:\program files (x86)\Quadriga Games
2014-07-04 06:44 . 2014-07-05 17:01 -------- d-----w- c:\users\Kuba\AppData\Local\ftblauncher
2014-07-02 14:55 . 2014-07-02 14:55 -------- d-----w- c:\program files (x86)\Číslička
2014-07-01 06:49 . 2014-07-01 06:49 -------- d-----w- c:\program files (x86)\BlueStack Systems Inc
2014-07-01 06:49 . 2014-07-01 06:49 5439488 ----a-w- c:\windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38 . 2014-06-28 20:11 61112 ----a-w- c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:33 . 2014-07-16 21:15 -------- d-----w- c:\users\Uživatel\AppData\Local\FilesFrog Update Checker
2014-06-30 17:31 . 2014-06-30 17:31 718497 ----a-w- c:\windows\unins000.exe
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-06-30 12:04 . 2014-07-08 05:59 -------- d-----w- c:\users\Kuba\AppData\Local\Windows Live
2014-06-28 06:43 . 2014-06-28 06:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-06-21 11:10 . 2014-06-21 11:10 -------- d-----w- c:\programdata\BlueStacks
2014-06-20 14:47 . 2014-06-20 14:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2014-06-20 14:35 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2014-06-20 14:35 . 2014-06-20 14:36 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2014-06-20 14:28 . 2014-06-20 14:37 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home
2014-06-18 15:20 . 2014-06-19 16:24 -------- d-----w- c:\users\Kuba\AppData\Local\Monkey Quest
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\Norton Security Scan
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 09:11 . 2013-03-12 12:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-11 09:11 . 2011-07-14 08:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:42 . 2013-01-09 17:12 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-07 13:53 . 2013-01-07 19:36 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-07 13:52 . 2014-01-02 14:11 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-07 13:52 . 2013-03-07 19:23 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-07 13:52 . 2013-01-07 19:36 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-07 13:52 . 2014-05-01 16:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-07 13:52 . 2013-03-07 19:23 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-07 13:52 . 2013-01-07 19:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-07 13:52 . 2013-01-07 19:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-07 13:52 . 2013-01-07 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-07 13:52 . 2013-01-24 16:08 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-06-12 01:22 . 2014-06-12 01:22 0 ----a-w- c:\windows\SysWow64\sho1016.tmp
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-05-30 07:52 . 2014-07-09 19:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-09 06:14 . 2014-05-14 12:21 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 12:21 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 02:34 . 2014-06-11 11:02 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 11:02 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-17 3588952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"cz.seznam.software.autoupdate"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-10 177448]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2013-09-09 2532352]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-08-21 105120]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-07 4086432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dvdmmg;dvdmmg;c:\windows\system32\drivers\dvdmmg.sys;c:\windows\SYSNATIVE\drivers\dvdmmg.sys [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz135;cpuz135;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys;c:\windows\SYSNATIVE\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 21:14 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:11]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-14 c:\windows\Tasks\Norton Security Scan for Kuba.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-06-18 06:04]
.
2014-07-16 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-03-08 06:51]
.
2014-07-14 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2013-03-08 06:50]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Katka.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Kuba.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Uživatel.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 13:52 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-26 368728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 419096]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{18b20944-f54e-4509-88fa-f0ad137bf8de} - c:\program files (x86)\Norpalla\Norpallabho.dll
BHO-{FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{0CFBE80D-5608-4309-A0F5-3B1414833432} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-BlueStacks 0.0.0.0 - c:\program files (x86)\BlueStack Systems Inc\BlueStacks\Uninstall.exe
AddRemove-MyTank - c:\users\Kuba\Desktop\patche\MT\uninstall.exe
AddRemove-smartbar - c:\program files (x86)\Bechiro S.L.\smartbar\1.8.8.12\uninstall.exe
AddRemove-{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1 - c:\users\Kuba\Desktop\Euro Truck S\Euro Truck Simulator 2\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\users\Kuba\Desktop\GTA\WoT\2\unins000.exe
AddRemove-{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1 - c:\users\Kuba\Desktop\hra\City Car Driving\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-07-16 16:01:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-16 14:01
ComboFix2.txt 2014-07-16 11:55
ComboFix3.txt 2014-02-13 22:02
ComboFix4.txt 2014-02-13 20:48
.
Před spuštěním: Volných bajtů: 324 141 154 304
Po spuštění: Volných bajtů: 323 637 227 520
.
- - End Of File - - BE0B38E6ABEE9602813DFC133F898F58
ComboFix 14-07-16.01 - Uživatel 16.07.2014 15:32:18.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3948.1975 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job"
"c:\windows\Tasks\WpsUpdateTask_Katka.job"
"c:\windows\Tasks\WpsUpdateTask_Kuba.job"
"c:\windows\Tasks\WpsUpdateTask_Uživatel.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Norpalla
c:\program files (x86)\Norpalla\0
c:\program files (x86)\Norpalla\7za.exe
c:\program files (x86)\Norpalla\bin\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}.dll
c:\program files (x86)\Norpalla\bin\7za.exe
c:\program files (x86)\Norpalla\bin\BrowserAdapterS.7z
c:\program files (x86)\Norpalla\bin\Norpalla.BrowserAdapter.exe
c:\program files (x86)\Norpalla\bin\Norpalla.PurBrowse64.exe
c:\program files (x86)\Norpalla\bin\Norpalla.PurBrowseG.zip
c:\program files (x86)\Norpalla\bin\NorpallaBAApp.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.Bromon.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.BroStats.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.BrowserAdapterS.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.CompatibilityChecker.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.FFUpdate.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.IEUpdate.dll
c:\program files (x86)\Norpalla\bin\plugins\Norpalla.PurBrowseG.dll
c:\program files (x86)\Norpalla\bin\utilNorpalla.exe
c:\program files (x86)\Norpalla\bin\utilNorpalla.InstallState
c:\program files (x86)\Norpalla\Norpalla.ico
c:\program files (x86)\Norpalla\NorpallaBHO.dll
c:\program files (x86)\Norpalla\NorpallaUninstall.exe
c:\program files (x86)\Norpalla\updateNorpalla.exe
c:\program files (x86)\Norpalla\updateNorpalla.InstallState
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\AppDeploy.xml
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\Info\ALU_Status_7.txt
c:\programdata\Acer\Acer Updater\ServerInfo.xml
c:\programdata\Acer\Acer Updater\ServerInfo.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Update Norpalla
-------\Service_Util Norpalla
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-16 do 2014-07-16 )))))))))))))))))))))))))))))))
.
.
2014-07-16 13:54 . 2014-07-16 13:54 -------- d-----w- c:\programdata\Acer
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\U§ivatel\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Katka\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-16 13:52 . 2014-07-16 13:52 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-07-16 12:06 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6CE88722-10B7-4146-ABD5-BDBCC4C16F93}\mpengine.dll
2014-07-16 11:55 . 2014-07-16 11:55 -------- d-----w- c:\users\UIVATE~3\AppData
2014-07-15 19:23 . 2014-07-15 19:23 -------- d-----w- c:\users\U×ivatel
2014-07-09 19:11 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 19:11 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 19:11 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-09 19:11 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-09 19:11 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-07-09 19:11 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-07-09 19:11 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 19:01 . 2014-06-18 02:19 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2014-07-09 19:01 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:01 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 19:01 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 19:01 . 2014-06-18 02:18 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 19:01 . 2014-06-18 01:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-09 19:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 19:00 . 2014-06-18 02:19 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 19:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 19:00 . 2014-06-18 01:51 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2014-07-09 19:00 . 2014-06-18 02:17 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 19:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-08 19:16 . 2014-07-08 19:16 -------- d-----w- c:\users\Kuba\AppData\Local\Zachtronics Industries
2014-07-08 06:08 . 2014-07-08 06:08 -------- d-----w- c:\program files (x86)\Vlak
2014-07-08 05:43 . 2014-07-08 05:43 -------- d-----w- c:\users\Kuba\AppData\Local\DOSBox
2014-07-08 05:42 . 2014-07-08 05:42 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2014-07-07 13:52 . 2014-07-07 13:52 43152 ----a-w- c:\windows\avastSS.scr
2014-07-07 13:52 . 2014-07-07 13:52 448400 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-07-07 08:49 . 2014-07-07 08:49 -------- d-----w- c:\program files (x86)\astragon
2014-07-06 16:42 . 2014-07-06 16:42 -------- d-----w- c:\users\Kuba\AppData\Local\Quadriga Games
2014-07-06 16:26 . 2014-07-06 16:26 -------- d-----w- c:\program files (x86)\Quadriga Games
2014-07-04 06:44 . 2014-07-05 17:01 -------- d-----w- c:\users\Kuba\AppData\Local\ftblauncher
2014-07-02 14:55 . 2014-07-02 14:55 -------- d-----w- c:\program files (x86)\Číslička
2014-07-01 06:49 . 2014-07-01 06:49 -------- d-----w- c:\program files (x86)\BlueStack Systems Inc
2014-07-01 06:49 . 2014-07-01 06:49 5439488 ----a-w- c:\windows\SysWow64\BlueStacks-SplitInstaller_native_c.exe
2014-06-30 18:38 . 2014-06-28 20:11 61112 ----a-w- c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys
2014-06-30 17:33 . 2014-07-16 21:15 -------- d-----w- c:\users\Uživatel\AppData\Local\FilesFrog Update Checker
2014-06-30 17:31 . 2014-06-30 17:31 718497 ----a-w- c:\windows\unins000.exe
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-06-30 16:12 . 2014-06-30 16:12 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-06-30 12:04 . 2014-07-08 05:59 -------- d-----w- c:\users\Kuba\AppData\Local\Windows Live
2014-06-28 06:43 . 2014-06-28 06:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-06-21 11:10 . 2014-06-21 11:10 -------- d-----w- c:\programdata\BlueStacks
2014-06-20 14:47 . 2014-06-20 14:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2014-06-20 14:35 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2014-06-20 14:35 . 2014-06-20 14:36 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2014-06-20 14:28 . 2014-06-20 14:37 -------- d-----w- c:\program files (x86)\3D Instructor 2.2 Home
2014-06-18 15:20 . 2014-06-19 16:24 -------- d-----w- c:\users\Kuba\AppData\Local\Monkey Quest
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\windows\system32\drivers\NSSx64
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\Norton Security Scan
2014-06-18 15:10 . 2014-06-18 15:10 -------- d-----w- c:\program files (x86)\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 09:11 . 2013-03-12 12:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-11 09:11 . 2011-07-14 08:54 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:42 . 2013-01-09 17:12 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-07 13:53 . 2013-01-07 19:36 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-07 13:52 . 2014-01-02 14:11 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-07 13:52 . 2013-03-07 19:23 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-07 13:52 . 2013-01-07 19:36 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-07 13:52 . 2014-05-01 16:17 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-07 13:52 . 2013-03-07 19:23 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-07 13:52 . 2013-01-07 19:36 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-07 13:52 . 2013-01-07 19:36 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-07 13:52 . 2013-01-07 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-07 13:52 . 2013-01-24 16:08 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-06-12 01:22 . 2014-06-12 01:22 0 ----a-w- c:\windows\SysWow64\sho1016.tmp
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-05-30 07:52 . 2014-07-09 19:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-09 06:14 . 2014-05-14 12:21 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 12:21 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 02:34 . 2014-06-11 11:02 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 11:02 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-17 3588952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"cz.seznam.software.autoupdate"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-10 177448]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2013-09-09 2532352]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-08-21 105120]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-07 4086432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dvdmmg;dvdmmg;c:\windows\system32\drivers\dvdmmg.sys;c:\windows\SYSNATIVE\drivers\dvdmmg.sys [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 cpuz135;cpuz135;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\UIVATE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 {5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64;c:\windows\system32\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys;c:\windows\SYSNATIVE\drivers\{5906ab0f-5417-45a6-a4f5-8bc38ae936d5}Gw64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 21:14 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 09:11]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-09 12:42]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27 21:57]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002Core.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1045074886-2383544645-1405244027-1002UA.job
- c:\users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-28 17:38]
.
2014-07-14 c:\windows\Tasks\Norton Security Scan for Kuba.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-06-18 06:04]
.
2014-07-16 c:\windows\Tasks\RMAutoUpdate.job
- c:\program files (x86)\PC Tools Registry Mechanic\SULauncher.exe [2013-03-08 06:51]
.
2014-07-14 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2013-03-08 06:50]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Katka.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Kuba.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
2014-07-16 c:\windows\Tasks\WpsUpdateTask_Uživatel.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-11-03 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-07 13:52 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-26 368728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 419096]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{18b20944-f54e-4509-88fa-f0ad137bf8de} - c:\program files (x86)\Norpalla\Norpallabho.dll
BHO-{FD36FEBE-DBA1-4597-9DD1-B13794B92F68} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{0CFBE80D-5608-4309-A0F5-3B1414833432} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-BlueStacks 0.0.0.0 - c:\program files (x86)\BlueStack Systems Inc\BlueStacks\Uninstall.exe
AddRemove-MyTank - c:\users\Kuba\Desktop\patche\MT\uninstall.exe
AddRemove-smartbar - c:\program files (x86)\Bechiro S.L.\smartbar\1.8.8.12\uninstall.exe
AddRemove-{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1 - c:\users\Kuba\Desktop\Euro Truck S\Euro Truck Simulator 2\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\users\Kuba\Desktop\GTA\WoT\2\unins000.exe
AddRemove-{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1 - c:\users\Kuba\Desktop\hra\City Car Driving\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-07-16 16:01:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-16 14:01
ComboFix2.txt 2014-07-16 11:55
ComboFix3.txt 2014-02-13 22:02
ComboFix4.txt 2014-02-13 20:48
.
Před spuštěním: Volných bajtů: 324 141 154 304
Po spuštění: Volných bajtů: 323 637 227 520
.
- - End Of File - - BE0B38E6ABEE9602813DFC133F898F58
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu
OK
vypadá to dobře, už to nehučí a je to rychlejší, ani v \chromu neskáčou furt ty reklamy
díky moc
vypadá to dobře, už to nehučí a je to rychlejší, ani v \chromu neskáčou furt ty reklamy
díky moc
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?