facebook virus, balasty v prohlížečích

Zpráva

Archicz · #1 Příspěvek od **Archicz** » 10 úno 2015 15:33

Dobrý den, prosím o pomoc s virusem na facebooku, rozesílá to známým do chatu obrazek s odkazem na nejjakou adresu, a dále prosím o celkovou kontrolu, v prohlížečích mám nějaké toolbary a neznámé vyhledávače.

log zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2015-02-10 15:23:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (36%) free of 76 GB
Total RAM: 2925 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:36, on 10.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Users\Uživatel\AppData\Local\LPT\srptm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?p=mKO_AwFzXI ... f5EEwuvkhs,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files (x86)\LPT\srpts.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11823 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {E67E3878-E893-4B61-91E8-41F04F98447C}
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-6.exe" /rawdata=lHUJKHydt7Gf1MuklRINcqiq3sNKCcsiVUti2UEpSkkh6ti8tSO6mpAC7bgkqvjkuhVtkWKX7OGmoI5ZN3o1BsdELHQret6q8K3c/QqGOkhe/mFLVhzRvijkWAFhBq6XswDPlahQvQ0T8z8q5cvFAyw+e0sii6NUEVaVaQU2tw0FX8k8jYmBCeZ0/bO1Xa3xaeZzyABC0E0Gmf+Fbv04EM5zHosela1LEjBoGqOFrPi8gwhBp5n3+c3pS+qu639fdcaz28cnnmmJ0GXeX9oYz/OPvmPzSuQu6om67UFjQEM/tJ6NGlHj9cQZgKomdWXd4ucUjhrLLBaq+3Rh+w5MK0OcETcLV3TqyC79QlVDVN416DW0go/ExqO279SYI38qpHu9KffV/beOtind96KIjhI+xZ0syT37w2QeXzyY7PH1oG0EEl2T8myoGjHbtBwflGb1PrfjgywzIQ4hBZOIN5dj+WWwdSS/Nte1GkrQZJJDv80BLk0C1E9ZeGuswDCvnuPMNYy+KeNHhMPVmfd+PMjYjg0WtBp1v7k8JO4HN/q9kwIDnUip6tCdzIrecenZEzbuVHlu59WdrhVOkVW34J2y6biPWt8OEJLV+1mUOKLIX9L7GdTPYBlW33GXEq8biqDLiBeP4IFFwR5mUkd0OHg59bSLkNaC+Aa7YlELOvddSObGOiowgQNDHEMFmJt+NeeWoCaNqDAH4XRklulD7u5wMt6lXvc1Cpxd1OrNZAsh//1vjbqQ8HpBxinBPYquQb3VydU6WmRvBcNi3Wr+AoXvS0XW8viV+Len2rHgKqRYLFqfGuF0bfG5aprye3XLxa2Q1GaKnwn2wWnzirYsACL6MjqyzYXBEVddVS/sgauq889X/w6B0bGNOHCrslvysV3ucySVi3s+Bonwl2jS33zbepcjxjiGbWJfrWLtMh1tLx0oNExNvul9D+evtZhgG78KNCQg4tnskLyhoGeV1+b9Q0zmPxfeIvEz0T7Z46DXIiTzDTre3NWfT3lc94pyY6udjf974je83jj/k1XxsLDwiShmfR3cj3V2CDFGQpWbJ3mspCnsSkLxajUo2ocby3HkSbOISxQufWMWFqIVYDMIhtsZ83A2qry4eTsu3TZhOxgdf2dsMnOtWz/pluwkSN0/+2I/nvnDqXFf1DXid9kf8xkx+bvroFLGRjtki8K+H+y48yiGwsqwqjAnbokHAbXSoz8oZBcgSwYI/YusfjTo/1+SoMEWZPv4L6SFKwnUISEKgbK/ZE5fsNllm2F45qWZ6MANoXvOyKkMl8iNaOru/biZAP7n8NyNFfTsXM6cCF88yj+j3RFJIcbhQzwwc7ahXNEnP31p2306/4J1ab3TRYJl0zsjAxerYEBfxlA7oH5RHA0sy4qticMFCJRUx7BX+pT6XSYjB0hZVx9NT0cAekjFvQ1E35PwaM0IDKRhbUJqOHCk6a2gdupxDND2lIGdzZ+VAoiOSTLQ8EerPnvmwKOmuByBU+Pn711/7APAXXg/qTbIrM52uKQvhh8dXl5aESuxPSLlTv5OtnmZY/Z3cAfRsThY/gk3s+p4rlYKkYtPMatWyA98H0J0lvHpn4tpGOFDSPfUAb6dcOKET8DXFOOoVjI8717yTLfL/vHc/E7/4x5V6x3DDBBfUpcqd3qh6Cvdk1DmQeO3d2ZRXDOdmjss0AyX8BzL3iRFIghgksJsqF2tovzct1NAjfRElzPzsipP2k9c7o8AX+E3NhnMiPdJX2Fzq+kqspRjHIAb4rNcMjbUEU/x0dFqwpKA/Q3bMFgoACXkZ155z6jj0q+pgqHHIECNyDbE5ieRFq4lCrteMD9TM1ADwU3O2zEkbJb87VFnThVvF0xl1pEPs6GgWl9oplksVfnzyjMVHLKuupd4ZVz4PLYdI/pucX8oKCWbJssvY0eaPsknUX46wNMvqqx82h3oTZtMKNrdkbB1MRJTvKFZH+9m4sftQqP7Lu+DIIYy+E7OERnw+W8XC2i9hNsgrXNWhMPP84LglulCJ+0M9LGZTtKIMrRGZB0Sx1eAmzzYMRxUf2udtfOdDowelK3ow8mw19V+RaRSecnOf8e0pZE6MUmWscpAZ98cNavvjIChad3ucjJIW/j3BDvPcotY4WPzOVPfBFk2Bl3GPWT78kQSHF82g/HiBcXe/8fSf7Qxs+j2MF1IPiW5i0cXeyiRgkNeA66c9a/1S54+WmYRseBdXUMNgcjgoiembzXOGqwZ92nBVK5dM7X1MOe5vjuw3vza8vQYVZd+DRe8sbGqSukVKP0Xjy6CQw30tcYFx+ZVSTmzJ3Brw3GxeJwHE/ewIw0KkUX2O/Q4A5Vg35N/BgBux86chE3u3/mm2VZxfl31xEiBu3XVlzDSCGqjGKMpUcYQsaU53JwAkbA1586V79k89+rOC9COuyLZ4B1zF6Xpw2hVf7JFxDTJF5eofiD3A6mzUMB70U6HOV5kUIdzIzPkAdqAzN/zSjc0aPkIZvBIQddQrXGIcsPSnCjQfaZD9YSV3LyZoeC+luAsuZrSJ7X+F5XTFeoUJ459
taskeng.exe {32AFFA69-1B13-4D1E-9852-27070090A197}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-6.exe" /rawdata=b4YWuvAOcGhox/IYx/3TDyAUhCzPw0zyuSdiHICQfCakIU3wXTwl2m3p0mMUgAfpTLo7+GFH1U7bqqCzrTdPTXWKOJjnlFzpg22r6W52ual6gLGAO8wCeglNshlPUqkkmFpGe46Z+Q34dd7GfWc8JkLjRrIV+OC/3E7smOr3/bdP3IylDOY4O42+4l2S/aGNO178lOOBJE1VFymyXqyOWa1cOF75llHEKvQ4AuOH3+EU0L3JesEJq0tSnTxUqhdRTZaFBSZhyiQ2NAm2FYVWfAvlk90ean3IMH59wOvB4yZN2FxKgGUQHUjkUO47w34PXvo4N3fUdJ0/zAeKfgQXsY0yviFGDMiv6nMqaUBBvJJVAT8UDyUN9nc23ADqGd5VOkjbz9BEsqk9xK6/CUd6XfzQo4U5Y1WsaCO5WOeGxLyON965VSuVsilyXfzz2xWqAxUY1Fgp4qzO37QwFWQTT2qRN2llGzrm9vj493B6JpKKxSG3pIqYzFlGlvHQkZqMkpMGLDOq2btJRwgjilQJRRSgORgNsWpVheGo1j4y6A6HsEvFxl1CXzpo7PWOjyPq68kHuJd77rKLe9ySXC6pWu4c0oBRbbHDSiQfSCBNB2INVF6JJ2S3Lhrpq/+vcBgCxcp920hb7NasmCpRmLc0ZGTlEB4opKDfRnRUta6SomYgq+9XxsgPoFYW0iYhYhHEZLLqCGcHM5uraxOnHhUCELVxE+pKNTQmKf/dGCg8xAJR2lAC6nnhBILgA9sEapEyINTdKocKPrGvUqzt1ORvO+kljE4i8l+PlPvwsbsIUuGFr9Ztx7E2Pq4/7GL6nCad3lATh74rkZywxAVrGxA8eLDYoI7OL0HylGnxRlPIWgM46zBmQ52Ag/UcskDHu8WfUaeD+JehikuWTyoFBo+SvCFxJ5w3GIwyUvOxxCKjr6YWm0ho0posa+JHtlHZkdsnglHlcdWsjs40Iz6K+P7HS1paw+sI+tUo10qhbkePbHz52A5FZb6lYtBIHOSPOGcRMGiZh8igU1+TZcC/8QHsS76ncT38qX9dqiYMxBX+xeAUSTBzPaouBBLMeNlDHSZHZwm6Pk3TPpCxQV5mVzi5FC4/iOw1/z0ZeD56HEotWV+8PBrnPiJzt3yEqd52FO5sIZMG4eOiZ6kDOXbll6VwTNnaN66AbAqwi7hY/lGRLwt4tWXJ2KXSU7U4iSki70ypgYAMjJYc1c5lUlVAKHwFJB1z+RPUn6Fg5AHF1jrJK9gF2hyWHKYHg/VhplPiShBjVQa1wFd9PUzjCVDnx881B+t4JJ5EOGqawQ6NdXuLXCbqqwwpRYr6ea6QXnlyxr6IHkZj1HRCNsZXkjN3N6EMiw==
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\LPT\srpts.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c9a28176-85e1-4496-9b6c-3f803e44f215 -SystemEventPortName:HostProcess-feade5fb-a71a-4f5d-89cd-f4880d59b7a2 -IoCancelEventPortName:HostProcess-4249d76d-5518-4cad-8def-254af8f3adaf -NonStateChangingEventPortName:HostProcess-8ff46045-f470-472f-aa9b-e4077646aa4b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8a165d93-fa56-47e6-b8be-f9f2cfdddb93 -DeviceGroupId:WpdFsGroup
C:\Users\Uživatel\AppData\Local\LPT\srptm.exe
\??\C:\Windows\system32\conhost.exe "-146678760812902374201548849586-1484041157418907964110249758-106289954-702194553
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Uživatel\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-6.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-6.exe /rawdata=b4YWuvAOcGhox/IYx/3TDyAUhCzPw0zyuSdiHICQfCakIU3wXTwl2m3p0mMUgAfpTLo7+GFH1U7bqqCzrTdPTXWKOJjnlFzpg22r6W52ual6gLGAO8wCeglNshlPUqkkmFpGe46Z+Q34dd7GfWc8JkLjRrIV+OC/3E7smOr3/bdP3IylDOY4O42+4l2S/aGNO178lOOBJE1VFymyXqyOWa1cOF75llHEKvQ4AuOH3+EU0L3JesEJq0tSnTxUqhdRTZaFBSZhyiQ2NAm2FYVWfAvlk90ean3IMH59wOvB4yZN2FxKgGUQHUjkUO47w34PXvo4N3fUdJ0/zAeKfgQXsY0yviFGDMiv6nMqaUBBvJJVAT8UDyUN9nc23ADqGd5VOkjbz9BEsqk9xK6/CUd6XfzQo4U5Y1WsaCO5WOeGxLyON965VSuVsilyXfzz2xWqAxUY1Fgp4qzO37QwFWQTT2qRN2llGzrm9vj493B6JpKKxSG3pIqYzFlGlvHQkZqMkpMGLDOq2btJRwgjilQJRRSgORgNsWpVheGo1j4y6A6HsEvFxl1CXzpo7PWOjyPq68kHuJd77rKLe9ySXC6pWu4c0oBRbbHDSiQfSCBNB2INVF6JJ2S3Lhrpq/+vcBgCxcp920hb7NasmCpRmLc0ZGTlEB4opKDfRnRUta6SomYgq+9XxsgPoFYW0iYhYhHEZLLqCGcHM5uraxOnHhUCELVxE+pKNTQmKf/dGCg8xAJR2lAC6nnhBILgA9sEapEyINTdKocKPrGvUqzt1ORvO+kljE4i8l+PlPvwsbsIUuGFr9Ztx7E2Pq4/7GL6nCad3lATh74rkZywxAVrGxA8eLDYoI7OL0HylGnxRlPIWgM46zBmQ52Ag/UcskDHu8WfUaeD+JehikuWTyoFBo+SvCFxJ5w3GIwyUvOxxCKjr6YWm0ho0posa+JHtlHZkdsnglHlcdWsjs40Iz6K+P7HS1paw+sI+tUo10qhbkePbHz52A5FZb6lYtBIHOSPOGcRMGiZh8igU1+TZcC/8QHsS76ncT38qX9dqiYMxBX+xeAUSTBzPaouBBLMeNlDHSZHZwm6Pk3TPpCxQV5mVzi5FC4/iOw1/z0ZeD56HEotWV+8PBrnPiJzt3yEqd52FO5sIZMG4eOiZ6kDOXbll6VwTNnaN66AbAqwi7hY/lGRLwt4tWXJ2KXSU7U4iSki70ypgYAMjJYc1c5lUlVAKHwFJB1z+RPUn6Fg5AHF1jrJK9gF2hyWHKYHg/VhplPiShBjVQa1wFd9PUzjCVDnx881B+t4JJ5EOGqawQ6NdXuLXCbqqwwpRYr6ea6QXnlyxr6IHkZj1HRCNsZXkjN3N6EMiw==
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-7.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-7.exe /rawdata=gGBZQJpO5tw6+j6C2yzKEiqwXle5durxS+h6+/xbZ8K1cOJjxmE0jtcRcXQud/FK1UoidIxNOm2jqZsPE4iDB8BBu0w86zvrFxug+4VnhO2A01dbwfDzkZGxtqPm+qZ8+upxytUkLq9QeWySSQOuVbZcqzSV7A35ZB1osG2yUUg/5hY6flfguRG1XWlRWqUiy5fsdtLq6taLH/cg6issuy1iDoEupyTNsA9t2Wb/sk/EpNLagCh+s44qqOtYnxgAhFryHJpZfv79YgJNGstChU1FhaWCnwY3QZNYoHu+QbT9MSmmfFFI8i5hpeQ7XwzXZtuK1A43uq4kNfE/mlVlXDlDM7soe6YQFrm6574NMiO+PQaoKZHMl4uwkyM00lgbakC9n4F6mU7cnJIRdsAQ93Qdw9LtPGGEAanAWEhmX5QaXBZtuLG+wdOaNoKB+tlQm2lcmsfFNHXCbNGuqoyBAhlZ7AhzxUVRYyZyiy+GMCUAdUXo4H4Slpn45u0fYk/0Ib+2pOlfVuLwrPrkOYUo2Yrcq4hMveU7cSFDA+pm5EV4RzwTIy8NgYgWvJtOwgKtKWqInjuxpXM/M+KykFlY+XJpByYbrYKHtGjho0P15hWZZXJ/U+hAUaeB/SKhhh21xYye/4kF+4fFx/h/5KzggR/0T9e+Dib95b1qoJABxC08Ip01Z+LKQ8bm2m//zglgB3bR4k0e1QzTZhtNpOc4qGnXr2QO9qPDGAxBTXEaC9/b+/yjAXnWhYboMpKIcvjAL/rTbp6YpKZQXahl+NVtetRuxiuivPATgS1pP/GPGG8yo7y25flzulcuFnG8mFpn+n0GhiMwXZnsV6WcE0S08T6lnrfh67pIRvvMdOqmg0JNX2un9wgBApGPWRhsgVaD754Cw3qPJHFzZMfYeSl5PtpPmK4VIRpwGRgd6J+Loj8ENwIId8vQMWzQ1MwiLEC5wbsKW8xiRb5VNhazv0pTzu2mk5e6Blu4Y0RLXez7RkCnnWQH6Q0tKbFHXTwkN9v4mvHpo5vMHhS3f0N9LFRK2sKH47nn83Nxzad4mJ9D9NaGrBSAvp+am2Sk3BEaw+4Jdy2W1GiUO4lpcCbWmi11WOBpcEBwfT9LWJ07NgY9G4EJ2bXzC/d2H1y7Ijzt8k6sb3Zej7i37u771wbgJGdvMY76VHooCnQSZZg41Bi79nEUF1Ny2+OKHJyIieDc1Di1edI/Q1SL1pmnI/SeqF3avO0zqQS3nC++SBdonSOt5yiXss/PJ+skhmvszVZAi+LK95WKaKX/hB/GB7YekEZZgfcjKf8NPmz2nRzRkkprM1Qikbn09LcwyJ0Za03taK8f1uiH4kgMj0SninRfGzj2pb1gSM4J25GiRrl5U4EOcZXBg1pWy4CFtY3Vv4cs6g8OsZ7qEWuwFmzaNwA3iE9X4zQIupm/iR16QQ3UwCKtx0lyxOtbMr8Y1KHFF+rq5HtU3OoJMGjsp972BkgJU/4jM26Ws22JL2iU/rQxH8+VcjI/IV5zQE9RVIOGcAoh6mch
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-10_user.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-10.exe /rawdata=INWyg4GrQhpO2JH2BRp17+EGbPadBjZ6Us7yvWvKGQ0WpZ2Y47yZ6rTWNfaC33LF7XP2n+drke8+UVsuTv75I2PzrVVG1ytEm11SEoaoXWtFxZ53jHCUd0ecnsN4vLz5/+oElpTz4xl6VoEM8Drjct0UnqKD/vB/EbX3AyCBHy5PIsvJZBLr/UJpGMNOMwlqiF28nFeRLJ/KidI46/hYqToHW2OIJVIXbBZOxwWwEa7S5lap+wSDYsywaFtyf4d96qS+VvLG5LvvBP64DL2KPpqeTdJXCLQfizLnD1JG4q9trfzG87Ue1/3oM+OIC4DM1KY9CrvPGqQDFgTpIFa+ehvCPEMJuMTRQ0z99X1uYe1Bv82m4hznJqk2vQazFi4Z46WQFP/jGia37knYRuFJhjhoF/dXghWPQu4/cQ2XwCmFEPytUOxCG348Jo1a8PsUZayFY8xQ6fP0EVXkhuy2fIcLYGMRbHo81mBrJhvHlBbeAqEEhsxZ4aUz1c7y1MEHLFgoFz8xbackkDMR0901WWrRu5dGy1wyQCjAgM10JEWY3dEK7BP3Hg2/TdbrQ65FWMIdvwOK58+Wzp1rk1I7ExRTAIyjpCUchEWuv6KGu4XyhxvMiHYA+JDopx35iigHM5Qn3gyIxZiaPHTH3sMsDxkGEbEZyqkGdFYjseUq5AIfcAyHes1iHhc35M0MBGzEW3HvMY2sATvq4zXlwI0JPbnKBond9DJqYJ3qBP/hEuUbx2UyWc+hy/6U4SQlvjONyJKP65q59FoW5Aaxe/evHeyZPWojANLojunQ0W2fwDnxKMKfmqZXoaA7Hra5bcs8TLqUwdnRNzAqhDC65oGk6Q==
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-4.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-4.exe /rawdata=v2Bt7cZMpdDABLLWCXC9u859J3krO7Jxq2usYTmhwob8kydjDlG5bwe/Frsmx7fQ/TGtncOkf5o5aWfCqdj4Nl/fTxnh3xRMFOcPwAvbwEi+tj5H9JeK0gpjA1FUAiFbUtTD9YeaQeTTT4IJrCZIT4jSMjoqg7tEgp54mq+ViE2NK/Llo/rwTLh140wr+QFjxajKmOolhUF/44HRsTa1nr3MNczX47oxWM6wJOLbjXIYNuOh6NYl/SfrBETdzEI6IZfIH4csaEPB6DFymxBD6yjls8sf4egDGCCVV9yIvrr8+HI76GBDcE6poBVq26FgmgpaFNeBQPLBRpA4dEJy5AVfyTyNiYEJ5nT9s7VdrfFp5nPIAELQTQaZ/4Vu/TgQznMeix6VrUsSMGgao4Ws+LyDCEGnmff5zelL6q7rf191xrPbxyeeaYnQZd5f2hjP84++Y/NK5C7qibrtQWNAQz+0no0aUeP1xBmAqiZ1Zd3i5xSOGsssFqr7dGH7DkwrQ5wRNwtXdOrILv1CVUNU3jXoNbSCj8TGo7bv1Jgjfyqke70p99X9t462Kd33ooiOEj7FnSzJPfvDZB5fPJjs8fWgbQQSXZPybKgaMdu0HB+UZvU+t+ODLDMhDiEFk4g3l2P5ZbB1JL8217UaStBkkkO/zQEuTQLUT1l4a6zAMK8+KhW7yR9jBHsOsaeXGaNMSqWp8+gTmJVVKtQ6dRp52fTwOu/T/fQtIVdllyql3zGZCV5QswA9CB8MXUfV0uGJzFmHwgia0Zg3YpUbyNlptKIF6goNniJXTm9jskA9fgTvzKdkuyE7WmyCXV6Df7lscRuXzRrk5rHxn7qkSa7eU7SfxGpljdaUXm+Zs37Oc9JmdenddBf8ZB9Y5W/r8Buvuxer0ClOsTJ80F7HefXPxQlzHwaASE253aP2iV3IbvUtpNipWt5ueSI8gjvHhBvS1sTC850Y4rHsjTfeHhWr/YHcPCyYpzdP9tHv2Wu8CAo6lCpyXBnNCaSVq1GvMZKyYwCp9CNyBsP1Jv19uTTjEY0rcwsCCjd8B6vT/GK126k9Qayqf/XfpCtmIRKs10AQBFwU/qEtcPK80q2/JllnUyDIfr6hMUzdTpo2GlU27JSrHZ+Zq6Xe+ZECQhCnIsNapK1Vbv1xhM8PPSqMQW3a0WaCyZ8Epf9yn6PpEtijGdM8PWxazh/7YgjbhRwuCgtBUVreSbA/9TzFi2T8CCuAB7JzkZk6AVc6jBPah4wnLfZhlKX0nbTulhLqKosbRXmn3kjvDLX/YRmeTmu+6clWj0hsF/aU2EDj/illJbcep8BwMnqHqIrjRYrQN3M6mr4Eyu0n5vPIJ9kUh1bvQeXgB6V54YJgSd9Lhu/nabQcymklbu+8i+d7/zzryluWX5gzYvVYR5JhZDEMoZcuB0NE91EGMpSKXKLIhFaECdFb2V50ZLCgPMwh9JSKlyN0IaSaO8OrSBLTF9a14sGOAiO1+fwQkyLz1n4kx4VINxGNUSQ5C54EpF4MEqpvx45Y75/PsucbJ8OMDqsWcyrQqXWhusVlTyzR/kTS5llExO0s7GQWc3TafnrHkwb1qu4Fv9kcd523jhIynXRGJM+miYMXhbmtQdUu58NCRiJqSvrjQnEExJ9q+986UAfGvBIOCmiGg1cUmD4+xOXEPHt4+b2kJzXjMo/ibCfBjCV5cdNXRlGWimgTMH/57S9T5Y+q+OmA1ttsep5ykGDJBQ6ma21SlVSt9rf4x5UaaK+Qhhz8rI+Bt2QYQ7yaFsfPw5oarQ3ruKq+1mX5ppF0QPZAshT/xC6nZ0qQmxhSw2DmFQ7DdC2I/P3Vo/JHZam8gdSzoQdMf48uKaZxvpBwaD9PpOfWWp1DtlAFXuGKYWk9KJEv7aS3kSAzV5JUD7/fsuFWkJN410bEoLhFRSxP/UO8zhJX8xz+SLHLo4yBcb4cerPqwf9wAKlMOwQIRYL7uVS85EPR8MNnt9czj6e76Vt07uMaHzKpHgoLwHcSDgXNXXlUTkcexyWtzlQSix81s8Dlytl6
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5.exe /rawdata=JifQvEXqR8q8ipct6iue/9RqwmxJnN9MIHrpXGy2aPMzASuruBbnRKvIj2AwaI4YVfa97Lo/leWQWmS/F5y8H/Mj8Ku7yx5Ossx9w9OwmhXIRPomepGbGdYCFjGV4ZfEM3nIx13qyYZRWYBPlOpUHp19vJFq18aAt/EadCSqMq63a95/sM98CUbC0C95VqOoRH1m5iDLPszoapAopArFd1gT2Na+nug2eMdnyx2WEswzvLEWGo/ragU9KurSFSeiFm8wEa05l8zXuLCN8tILQsh2cQ1+cE25nZlrfJ/VXIYxC7kJphgwntzbY+Pj0m2rrWzsB/eA6V8m13koL3wqOlOfSFsSbvi3EmhJvmg5X0FAYjqiCghmBhwMQCXivRW6GHFxAWNLDoFB4t3bzF7nyY/ddjDyvPIF5zljKP5me4uafJGN4WE8J/kUJKBAy+xzRswWfthGccfpfxr/p0O85MiDshQD81KGECa34kxR03e5A5IDrxm4pmsRqAK1sjDwJmLv67vdgxkk66ma7fbtKotlxjPDAidkXFBFfrHzmvCTx/rHkycQFwHpqfg2h18oGk9Ix7EVNYxEe3zIL+VoPB80d8hh5s9B3iIEXylcf2Pe1JKjLrRcJByIKbGkT+1VCJQ/0Dsf5E01tqi0YJ35bbx0okb2Dyz4YDzZpbsR4IORQDyJ13GAgt5Bf7EdIWU7oouVxQpfKlr1/mVLBag3tUatVr2/jwE2zk0ueo2MC6BH/avj04zkHQYizJDQadq6upgpxRW72YsgYT4aoV5VgWRo/xjbW7Sxf0hmu2/Z5GZVSmghNKfSPmrx0s2r0F2WmYK5rvoLbrNhdbCHdl7Sk0agsr6Darl9Z69/BD5tsxfk8rcOa7MKscWf86Fu4yVGtuJ23Wuahe3uetIPq3zhjExLeOUX1g66WzaHmf7tXQQoTX0WSqqgzCCun826ZQCfA7J2qQhBXnKEZMczKV+VU7Ihrt6wfGh15BLaO0ESqg4s4AsaajlPUuWjhe96w4z6
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5_user.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5.exe /rawdata=JifQvEXqR8q8ipct6iue/9RqwmxJnN9MIHrpXGy2aPMzASuruBbnRKvIj2AwaI4YVfa97Lo/leWQWmS/F5y8H/Mj8Ku7yx5Ossx9w9OwmhXIRPomepGbGdYCFjGV4ZfEM3nIx13qyYZRWYBPlOpUHp19vJFq18aAt/EadCSqMq63a95/sM98CUbC0C95VqOoRH1m5iDLPszoapAopArFd1gT2Na+nug2eMdnyx2WEswzvLEWGo/ragU9KurSFSeiFm8wEa05l8zXuLCN8tILQsh2cQ1+cE25nZlrfJ/VXIYxC7kJphgwntzbY+Pj0m2rrWzsB/eA6V8m13koL3wqOlOfSFsSbvi3EmhJvmg5X0FAYjqiCghmBhwMQCXivRW6GHFxAWNLDoFB4t3bzF7nyY/ddjDyvPIF5zljKP5me4uafJGN4WE8J/kUJKBAy+xzRswWfthGccfpfxr/p0O85MiDshQD81KGECa34kxR03e5A5IDrxm4pmsRqAK1sjDwJmLv67vdgxkk66ma7fbtKotlxjPDAidkXFBFfrHzmvCTx/rHkycQFwHpqfg2h18oGk9Ix7EVNYxEe3zIL+VoPB80d8hh5s9B3iIEXylcf2Pe1JKjLrRcJByIKbGkT+1VCJQ/0Dsf5E01tqi0YJ35bbx0okb2Dyz4YDzZpbsR4IORQDyJ13GAgt5Bf7EdIWU7oouVxQpfKlr1/mVLBag3tUatVr2/jwE2zk0ueo2MC6BH/avj04zkHQYizJDQadq6upgpxRW72YsgYT4aoV5VgWRo/xjbW7Sxf0hmu2/Z5GZVSmghNKfSPmrx0s2r0F2WmYK5rvoLbrNhdbCHdl7Sk0OC2GUUKMvVnzUa2jgOZYa7okUHTUkUTYlMjX5HkCQKMYKFpkBXt7xw7ypXHx9370k4kd7qrjTspxjU102lakng7LpEgHApeRr9Y6R5uE6CdwsnQY/8X9WT1lkL25p0rV/RAShNPyDuO8N6XVE9sHYKO61AJrRl5yrtBhEAw1k6
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-6.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-6.exe /rawdata=lHUJKHydt7Gf1MuklRINcqiq3sNKCcsiVUti2UEpSkkh6ti8tSO6mpAC7bgkqvjkuhVtkWKX7OGmoI5ZN3o1BsdELHQret6q8K3c/QqGOkhe/mFLVhzRvijkWAFhBq6XswDPlahQvQ0T8z8q5cvFAyw+e0sii6NUEVaVaQU2tw0FX8k8jYmBCeZ0/bO1Xa3xaeZzyABC0E0Gmf+Fbv04EM5zHosela1LEjBoGqOFrPi8gwhBp5n3+c3pS+qu639fdcaz28cnnmmJ0GXeX9oYz/OPvmPzSuQu6om67UFjQEM/tJ6NGlHj9cQZgKomdWXd4ucUjhrLLBaq+3Rh+w5MK0OcETcLV3TqyC79QlVDVN416DW0go/ExqO279SYI38qpHu9KffV/beOtind96KIjhI+xZ0syT37w2QeXzyY7PH1oG0EEl2T8myoGjHbtBwflGb1PrfjgywzIQ4hBZOIN5dj+WWwdSS/Nte1GkrQZJJDv80BLk0C1E9ZeGuswDCvnuPMNYy+KeNHhMPVmfd+PMjYjg0WtBp1v7k8JO4HN/q9kwIDnUip6tCdzIrecenZEzbuVHlu59WdrhVOkVW34J2y6biPWt8OEJLV+1mUOKLIX9L7GdTPYBlW33GXEq8biqDLiBeP4IFFwR5mUkd0OHg59bSLkNaC+Aa7YlELOvddSObGOiowgQNDHEMFmJt+NeeWoCaNqDAH4XRklulD7u5wMt6lXvc1Cpxd1OrNZAsh//1vjbqQ8HpBxinBPYquQb3VydU6WmRvBcNi3Wr+AoXvS0XW8viV+Len2rHgKqRYLFqfGuF0bfG5aprye3XLxa2Q1GaKnwn2wWnzirYsACL6MjqyzYXBEVddVS/sgauq889X/w6B0bGNOHCrslvysV3ucySVi3s+Bonwl2jS33zbepcjxjiGbWJfrWLtMh1tLx0oNExNvul9D+evtZhgG78KNCQg4tnskLyhoGeV1+b9Q0zmPxfeIvEz0T7Z46DXIiTzDTre3NWfT3lc94pyY6udjf974je83jj/k1XxsLDwiShmfR3cj3V2CDFGQpWbJ3mspCnsSkLxajUo2ocby3HkSbOISxQufWMWFqIVYDMIhtsZ83A2qry4eTsu3TZhOxgdf2dsMnOtWz/pluwkSN0/+2I/nvnDqXFf1DXid9kf8xkx+bvroFLGRjtki8K+H+y48yiGwsqwqjAnbokHAbXSoz8oZBcgSwYI/YusfjTo/1+SoMEWZPv4L6SFKwnUISEKgbK/ZE5fsNllm2F45qWZ6MANoXvOyKkMl8iNaOru/biZAP7n8NyNFfTsXM6cCF88yj+j3RFJIcbhQzwwc7ahXNEnP31p2306/4J1ab3TRYJl0zsjAxerYEBfxlA7oH5RHA0sy4qticMFCJRUx7BX+pT6XSYjB0hZVx9NT0cAekjFvQ1E35PwaM0IDKRhbUJqOHCk6a2gdupxDND2lIGdzZ+VAoiOSTLQ8EerPnvmwKOmuByBU+Pn711/7APAXXg/qTbIrM52uKQvhh8dXl5aESuxPSLlTv5OtnmZY/Z3cAfRsThY/gk3s+p4rlYKkYtPMatWyA98H0J0lvHpn4tpGOFDSPfUAb6dcOKET8DXFOOoVjI8717yTLfL/vHc/E7/4x5V6x3DDBBfUpcqd3qh6Cvdk1DmQeO3d2ZRXDOdmjss0AyX8BzL3iRFIghgksJsqF2tovzct1NAjfRElzPzsipP2k9c7o8AX+E3NhnMiPdJX2Fzq+kqspRjHIAb4rNcMjbUEU/x0dFqwpKA/Q3bMFgoACXkZ155z6jj0q+pgqHHIECNyDbE5ieRFq4lCrteMD9TM1ADwU3O2zEkbJb87VFnThVvF0xl1pEPs6GgWl9oplksVfnzyjMVHLKuupd4ZVz4PLYdI/pucX8oKCWbJssvY0eaPsknUX46wNMvqqx82h3oTZtMKNrdkbB1MRJTvKFZH+9m4sftQqP7Lu+DIIYy+E7OERnw+W8XC2i9hNsgrXNWhMPP84LglulCJ+0M9LGZTtKIMrRGZB0Sx1eAmzzYMRxUf2udtfOdDowelK3ow8mw19V+RaRSecnOf8e0pZE6MUmWscpAZ98cNavvjIChad3ucjJIW/j3BDvPcotY4WPzOVPfBFk2Bl3GPWT78kQSHF82g/HiBcXe/8fSf7Qxs+j2MF1IPiW5i0cXeyiRgkNeA66c9a/1S54+WmYRseBdXUMNgcjgoiembzXOGqwZ92nBVK5dM7X1MOe5vjuw3vza8vQYVZd+DRe8sbGqSukVKP0Xjy6CQw30tcYFx+ZVSTmzJ3Brw3GxeJwHE/ewIw0KkUX2O/Q4A5Vg35N/BgBux86chE3u3/mm2VZxfl31xEiBu3XVlzDSCGqjGKMpUcYQsaU53JwAkbA1586V79k89+rOC9COuyLZ4B1zF6Xpw2hVf7JFxDTJF5eofiD3A6mzUMB70U6HOV5kUIdzIzPkAdqAzN/zSjc0aPkIZvBIQddQrXGIcsPSnCjQfaZD9YSV3LyZoeC+luAsuZrSJ7X+F5XTFeoUJ459
C:\Windows\tasks\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-7.job - C:\Program Files (x86)\Internet Speed Checker\07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-7.exe /rawdata=DMmhUwaGNJG56JiR1+xAt2x5RJt/T9vy4y8NHIqO9p9BMdeHmy5sHu2D29F2TiDbtSZXrfH39S9eaL2gY3rJnx3SvoJgb4wygzCXJ9BmB2v6mcuKizvbImGIfayoOiEWbDoPl0UoG8vPNZYF5WOCvTDqVC9cRbGoZ6k9jifLxYVR70z/ADQRfQDTvbZMAgKtrQvCORmyrItyU3NLbrQ5JKLfmvQ0meFE94kPJCSt3n67yZE1ZFdaOQBbCCkxBO4wJyQhOj0dNz+Jt0Cc0g7445kSMHD/aO7V+/2Z8jiMxUvbhE7J76qeM0HdScGKFhnxNYG9pjJiEUDKaB7+fivGLWpJ2GLA5fLDj39GAFudQ6SLGMhL91iYpc0j62VaEV/VlFHlZm7XOv9kU/rrKDHSzFkEMZ5Iei85kgPS4aXGEkZo9F8IAilZFNK5Tls7HOr4wgU3ze/19bKiEgxV7KzCy+BSuKogpUXgrHM16m7zLYLKntnrrqfmH9NfXI65wYh4D6icqyDDrKoWYVVethncBq/zK2Br+63+fldx+8jX8TCaBjqEz/t2BtIi/yEBgj8+VCtHJzqAAdwFypodnyX+JrJSv4COJ+6JvSK4xWgH+RIFJbx4GYXXM9JUyLGO37lJt36DSLhND3ZOS7zXhMksgslX+bRvHNkP/5zNleTgRl2wZILMueNzT+u3PmK8OUuDmMlDjcAhUrlaEVzX/a56GFLeQQDSzHFrjYEl4Nui+05oMwHoCLxfh6+n4H5kNQ3SUJXrZuP9t7w2SI3HDZj7LBOa0qukK2UAI5wwfQK4tjUwUy+J6ROgqqkSYrAO4mI93Lk2K289xA7Gjs0JrnWi+3VWFO2G3Lg47HHPm9Kc8/8gN57aUEkFLS+RFb+esxep7Pbx5AHWn5vUbEpriXTQN+XgfD9HdS1H4YQUxas8zPNcXf7Mm/AvHlFdf1XaMbvekKwKrXpGgesMpK31kWwVLYW+cHiGJk12uA/NZnNdI+F81oTzU3790t0tuYqPrH6TsRMYK5df/4l3LlFLNnml+hKl6Ww3iUqBKJGkCbI9CjnzTXvTHt9sXTkkTIn+ujcswwcxaMzaMqiPwoBIBgEcMygvzEvFhW29aIzy7BTcuyflttuSvdHDiZULK51d+aELqp61Cp/iHTns9dPYar+/W1Z1uH1hG76neUCMZoPZTX+SrrjdrcF7WFUk1BACyZ7680gKyCHCNDM4XhMEkQr5j/g/Pg2VP89BuJA5+qx+Hu4BSrVXtaS+QnVXLrrJ9O50dR74sZ+hR+qPAYl8Sqh6gGEDlvNpzNrrqrO+Tdr8MFXjW6Jmggl9geo7wlgsyiXn8Mr1V5xT/hZc7IkpObCWthDkI0tkilUKsu7zfbF4H8NRPKiSbgtZKZCRGdnwsDEEXbQWtaT1JjcD0NQFehJgqpoa0+LCfje5ZntiEmRYacWCjo5u07HvcqlwtHCvW5BIPiMhY/YKB11vPizrsgjzB3SjJq/SOCmDz/matoUwS5ImJqOVQH9cipDjNzzfs7N1N92YmFezu57fq/c3IDYYyCG1zHf9T3fj63C48t28E+oh5FMAKpZE++VJVSBLQO/Ql9g2rlVfYWt2Tty+5uRhFW0+YLMXtdcXFhauNKw5wCnuzyMLwvd/4aBlUul6mekbnj0RwmFggbUSS/mfa1DTpnXq2NZ9C0tsV9KruzLLrNFvpfFXd6RCojRq6CHxCNp6iAKXeTMjhfn9scw5M7Bh/Dq0k86D4S1QKv4dBPMAnxed6H9dCCr8uclxhpE5t5m7U+7DD+VHhSsVwcw47tzzpEe6iCSRBKnx2zimbj7iL2clnJhwP+podT2vfn7j/3ER5M6gdKtRRLOS0g6nEGvmr2QVgpCSfrZpgq4Hp09MGK4uEZe83ITVgJS6H0uNiP4LKdGMpdnsUsjK6HUtrqSz4wCOLLJ0mhaZi2d5QyUDoibjiKPDhdOjYCj+vBddRLhE5XdNN7Eh2tby91Jnl4XOihZPfVcTxghecSwjzYeQ9rN6q6fUjNbBMJu08XVeKXzYvPtJ93K8bX2C5YBHCuPYxeujq6kcf+aa/yrcxfkFJDc6Jm1oGD2s+/rMmBEqbQLzK+rR+UKIt7qrErxfiXhphRdTqlHaBBO38ypeU462glmb+DZWU2XbAh74WqMPIhDTPg6bl/RHhZIEo9vj6zFqZWBl7a8vAp266K3+FsYXh7h6hOcuAn6Wose4NFPd8unX45vUUSkDPARTEF4ouKFIiOCcdb6JwxyeAuJ2UTsk6A2lxn/OtrgcWeLA9koCUA0lr9FF2rY5aIcX6gvaDDcClg7xVEkXDR6Mj9BOE8HKa/TIBW7dci5wgDAh5sR3f2feeizV6FmF6xHe1ePyIWfAsIj9nwuKmDA30ANP0h6CQ1gvZJUjRuHg9vCGqffRp2thls5H8uHB+WmNKPVBtmg+cdsFIdIb0ybW6+7yW1YLzgdVntAtRk9KYt8t8+fGCdu3MdInDuE4TKpEyYA+d9ix8AUwL/SNbC+cioXq4KaTNYdyXw+tRdG33SlcWyYZspYZ
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000Core.job - C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000UA.job - C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default

prefs.js - "browser.startup.homepage" - "http://feed.helperbar.com/?p=mKO_AwFzXI ... f5EEwuvkhs, "
prefs.js - "keyword.URL" - "http://feed.helperbar.com/?p=mKO_AwFzXI ... 8Kxvn-UORE, &q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\extensions\
sepherdwilbur@aol.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
{eca52711-18ca-a617-65c3-8b788c18fbed}

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\searchplugins\
bingp.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
SmartbarInternetExplorerBHOEngine - C:\Windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
SmartbarInternetExplorerBHOEngine - C:\Windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Muvic - C:\Windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Muvic - C:\Windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Facebook Update"=C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-07-15 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Uživatel\AppData\Local\Smartbar\Application\Muvic.exe [2014-03-25 28192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-02 1079584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-07-15 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-07-15 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-04-26 1597440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-10 15:23:28 ----D---- C:\rsit
2015-02-10 15:23:28 ----D---- C:\Program Files\trend micro
2015-02-10 15:13:21 ----D---- C:\Program Files (x86)\globalUpdate
2015-02-10 15:13:21 ----D---- C:\Program Files (x86)\cb5ef53b-2d61-4e90-b229-62e69259531b
2015-02-10 15:13:13 ----D---- C:\Program Files (x86)\Internet Speed Checker
2015-01-14 15:33:46 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:33:45 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 15:33:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:33:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 15:33:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 15:33:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-02-10 15:23:28 ----RD---- C:\Program Files
2015-02-10 15:22:01 ----D---- C:\Windows\Temp
2015-02-10 15:20:57 ----SHD---- C:\Windows\Installer
2015-02-10 15:20:55 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-10 15:20:55 ----D---- C:\Program Files (x86)\Registry Dr
2015-02-10 15:18:56 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2015-02-10 15:18:22 ----D---- C:\Windows\system32\Tasks
2015-02-10 15:17:09 ----D---- C:\Windows\system32\config
2015-02-10 15:16:19 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-10 15:16:13 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-02-10 15:14:41 ----RD---- C:\Program Files (x86)
2015-02-10 15:14:27 ----D---- C:\Windows\Tasks
2015-02-10 15:13:39 ----D---- C:\Program Files (x86)\Alex Kočičák
2015-02-05 16:49:40 ----D---- C:\Windows\SysWOW64
2015-02-05 16:49:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 04:15:24 ----D---- C:\Windows\system32\catroot2
2015-01-21 12:16:43 ----D---- C:\Windows\Prefetch
2015-01-15 17:53:05 ----D---- C:\Windows\winsxs
2015-01-15 17:51:25 ----D---- C:\Windows\System32
2015-01-15 17:51:24 ----D---- C:\Windows\system32\drivers
2015-01-15 17:19:00 ----D---- C:\Windows\system32\MRT
2015-01-15 17:18:54 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 15:33:25 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 LPTSystemUpdater;LPT System Updater Service; C:\Program Files (x86)\LPT\srpts.exe [2014-03-25 37920]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-10 68608]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-10 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-09 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-12 118896]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 10 úno 2015 17:45

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Archicz · #3 Příspěvek od **Archicz** » 10 úno 2015 18:01

# AdwCleaner v4.110 - Logfile created 10/02/2015 at 17:54:43
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Uživatel - ASUS
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : LPTSystemUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\Registry Dr
Folder Deleted : C:\Program Files (x86)\Internet Speed Checker
Folder Deleted : C:\Users\UIVATE~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Uživatel\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Uživatel\AppData\Local\LPT
Folder Deleted : C:\Users\Uživatel\AppData\Local\RegistryDr
Folder Deleted : C:\Users\Uživatel\AppData\Local\Smartbar
Folder Deleted : C:\Users\Uživatel\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Uživatel\Documents\RegistryDr
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\searchplugins\bingp.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\searchplugins\Web Search.xml

***** [ Scheduled tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : RegistryDr_Popup
Task Deleted : RegistryDr_Start
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-6
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-1-7
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-10_user
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-4
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-5_user
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-6
Task Deleted : 07d36f0e-fdf9-4bef-b3b3-9b3f7b7c16e5-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v27.0.1 (cs)

[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVvtCUbfuevG[...]
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVuNc2[...]
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...]
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...]
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14b73dbebd89085980912afa8e75aed1");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.BackPageActive", true);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", false);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCounter", 0);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageDay", 11);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1397055608598");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15);
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.barcodeid", "131768");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "cz");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "muvicambs");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"sidecubes.com\\\",\\\"only-apartments.\\\",\\\"uk.search.yahoo.com\\\"],\\\[...]
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "false");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "eca52711-18ca-a617-65c3-8b788c18fbed");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "11/04/2014");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1397228408");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1423578121094");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "muvicambs");
[z3bksmcu.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVtGBLXmMW1D_JFWe8i[...]

-\\ Google Chrome v40.0.2214.111

[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVtGBLXmMW1D_JFWe8irxdkE0P5EMjicH44lYFtkYyUKrraHUE49vwm8Kxvn-UORE,&q={searchTerms}
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVtGBLXmMW1D_JFWe8irxdkE0P5EMjicH44lYFtkYyUKrraHUE49vwm8Kxvn-UORE,&q={searchTerms}
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVtGBLXmMW1D_JFWe8irxdkE0P5EMjicH44lYFtkYyUKrraHUE49vwm8Kxvn-UORE,&q={searchTerms}
[C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ59YMuYzpsejZ9BnLiFrGqicYSAhgxHDuM_1r6AbcJbXHT7yHsrFkcQ_VuRbW5YSpVtGBLXmMW1D_JFWe8irxdkE0P5EMjicH44lYFtkYyUKrraHUE49vwm8Kxvn-UORE,&q={searchTerms}

*************************

AdwCleaner[R0].txt - [19306 bytes] - [10/02/2015 17:49:16]
AdwCleaner[S0].txt - [17513 bytes] - [10/02/2015 17:54:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17573 bytes] ##########

#4 Příspěvek od **Rudy** » 10 úno 2015 19:09

Dejte nový log RSIT.

Archicz · #5 Příspěvek od **Archicz** » 10 úno 2015 19:11

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2015-02-10 19:11:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (36%) free of 76 GB
Total RAM: 2925 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:11:35, on 10.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9627 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {4A49F024-7270-4CC2-A80E-E78E13826441}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e301f6fc-968e-4db9-853d-fd0b8686eb44 -SystemEventPortName:HostProcess-4934f280-63f7-4cbe-9949-57a8ca1ff2cc -IoCancelEventPortName:HostProcess-9ac44fd0-4727-4f0c-8a56-c1fcfcbec3ec -NonStateChangingEventPortName:HostProcess-a2981be5-13cc-431a-8deb-3811e1d9f68d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:edb34f9a-b90b-4537-bdfb-0adf2694a1d8 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
ATKOSD.exe
WDC.exe
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Uživatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000Core.job - C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000UA.job - C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
{eca52711-18ca-a617-65c3-8b788c18fbed}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Facebook Update"=C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-24 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-07-15 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Uživatel\AppData\Local\Smartbar\Application\Muvic.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-02 1079584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-07-15 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-07-15 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-04-26 1597440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-10 17:49:13 ----D---- C:\AdwCleaner
2015-02-10 15:23:28 ----D---- C:\rsit
2015-02-10 15:23:28 ----D---- C:\Program Files\trend micro
2015-02-10 15:13:21 ----D---- C:\Program Files (x86)\cb5ef53b-2d61-4e90-b229-62e69259531b
2015-01-14 15:33:46 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:33:45 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 15:33:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:33:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 15:33:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 15:33:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-02-10 19:10:29 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2015-02-10 18:21:09 ----D---- C:\Windows\system32\config
2015-02-10 18:11:32 ----D---- C:\Windows\Temp
2015-02-10 17:58:30 ----D---- C:\Windows\system32\Tasks
2015-02-10 17:58:08 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-10 17:54:55 ----D---- C:\Windows\Tasks
2015-02-10 17:54:45 ----RD---- C:\Program Files (x86)
2015-02-10 17:54:44 ----HD---- C:\ProgramData
2015-02-10 15:23:28 ----RD---- C:\Program Files
2015-02-10 15:20:57 ----SHD---- C:\Windows\Installer
2015-02-10 15:20:55 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-10 15:16:13 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-02-10 15:13:39 ----D---- C:\Program Files (x86)\Alex Kočičák
2015-02-05 16:49:40 ----D---- C:\Windows\SysWOW64
2015-02-05 16:49:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 04:15:24 ----D---- C:\Windows\system32\catroot2
2015-01-21 12:16:43 ----D---- C:\Windows\Prefetch
2015-01-15 17:53:05 ----D---- C:\Windows\winsxs
2015-01-15 17:51:25 ----D---- C:\Windows\System32
2015-01-15 17:51:24 ----D---- C:\Windows\system32\drivers
2015-01-15 17:33:35 ----D---- C:\Windows\system32\MRT
2015-01-15 17:18:54 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 15:33:25 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-09 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-12 118896]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 10 úno 2015 19:24

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Uživatel\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4101168957-212371354-2345742307-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\Skype\Toolbars

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Archicz · #7 Příspěvek od **Archicz** » 10 úno 2015 19:42

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2015-02-10 19:42:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (37%) free of 76 GB
Total RAM: 2925 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:40, on 10.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9403 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {40C84346-78DC-4226-8A87-909233EBBF18}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {9CD16D29-A76B-4AC3-B49F-0638748FD738}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\AsScrPro.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c0c90ea3-b296-4468-bd7e-b1ac13da9fac -SystemEventPortName:HostProcess-d4b5da36-464d-4786-863b-23cc380d0327 -IoCancelEventPortName:HostProcess-532d9216-f09c-4a11-8979-ef0ecc083ca9 -NonStateChangingEventPortName:HostProcess-d7404549-8333-4246-b8b4-6d17082c7ef7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ed32b68-a733-407f-b322-e991064ceefc -DeviceGroupId:WpdFsGroup
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Uživatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\z3bksmcu.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
{eca52711-18ca-a617-65c3-8b788c18fbed}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-07-15 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Uživatel\AppData\Local\Smartbar\Application\Muvic.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-02 1079584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-07-15 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-07-15 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-04-26 1597440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-10 19:26:07 ----D---- C:\_OTM
2015-02-10 17:49:13 ----D---- C:\AdwCleaner
2015-02-10 15:23:28 ----D---- C:\rsit
2015-02-10 15:23:28 ----D---- C:\Program Files\trend micro
2015-02-10 15:13:21 ----D---- C:\Program Files (x86)\cb5ef53b-2d61-4e90-b229-62e69259531b
2015-01-14 15:33:46 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:33:45 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 15:33:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 15:33:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:33:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 15:33:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 15:33:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 15:33:33 ----A---- C:\Windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-02-10 19:41:13 ----D---- C:\Windows\system32\config
2015-02-10 19:40:50 ----D---- C:\Windows\Temp
2015-02-10 19:32:42 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2015-02-10 19:30:57 ----D---- C:\Windows\system32\Tasks
2015-02-10 19:30:41 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-10 19:26:07 ----RD---- C:\Program Files (x86)\Skype
2015-02-10 19:26:07 ----D---- C:\Windows\Tasks
2015-02-10 17:54:45 ----RD---- C:\Program Files (x86)
2015-02-10 17:54:44 ----HD---- C:\ProgramData
2015-02-10 15:23:28 ----RD---- C:\Program Files
2015-02-10 15:20:57 ----SHD---- C:\Windows\Installer
2015-02-10 15:20:55 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-10 15:16:13 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-02-10 15:13:39 ----D---- C:\Program Files (x86)\Alex Kočičák
2015-02-05 16:49:40 ----D---- C:\Windows\SysWOW64
2015-02-05 16:49:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 04:15:24 ----D---- C:\Windows\system32\catroot2
2015-01-21 12:16:43 ----D---- C:\Windows\Prefetch
2015-01-15 17:53:05 ----D---- C:\Windows\winsxs
2015-01-15 17:51:25 ----D---- C:\Windows\System32
2015-01-15 17:51:24 ----D---- C:\Windows\system32\drivers
2015-01-15 17:33:35 ----D---- C:\Windows\system32\MRT
2015-01-15 17:18:54 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 15:33:25 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-10-30 704512]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-09 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-12 118896]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-28 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 10 úno 2015 20:52

Dvouklikem na soubor C:\Program Files\trend micro\Uživatel.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Archicz · #9 Příspěvek od **Archicz** » 10 úno 2015 21:02

ok diky zatím to vypadá dobře uvidímokolí jak bude reagovat okolí při používání facebooku, děkuji za pomoc

#10 Příspěvek od **Rudy** » 10 úno 2015 21:09

Rádo se stalo!

VIRY.CZ

facebook virus, balasty v prohlížečích

facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích

Re: facebook virus, balasty v prohlížečích