Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalený počítač

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Zpomalený počítač

#1 Příspěvek od RaiderR »

Pěkný den přeji,
dědeček má problémy se svým ntb, seká se, je zpomalený a hlavně ho štve, že v mozzile mu nefunguje tlačítko zpět (ne vždy).

přikládám log z RSIT a děkuji předem:)

Logfile of random's system information tool 1.10 (written by random/random)
Run by zbytek petr at 2015-02-28 14:26:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 169 GB (39%) free of 432 GB
Total RAM: 4040 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:26:25, on 28.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\zbytek petr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... DSearchBox
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0049030 - {11111111-1111-1111-1111-110411901130} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSStp] C:\windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncdksivaSrv] C:\windows\inf\mncdksiva.vbe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14685 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 27179552
\??\C:\windows\system32\conhost.exe "-1104494324-13160071511446790817-98070314512452523183007490191806932346-2051956609
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {670EC201-1C4A-4ABB-B1B7-E3EB2C1F06C1}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\windows\SysWOW64\ssins.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1080
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
C:\windows\system32\SearchIndexer.exe /Embedding
szndesktop.exe default start
"C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe "257748821515588862-58577182-10511793821322711886-150676818518386080782102719874
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
C:\windows\splwow64.exe 8192
taskeng.exe {8FD5165C-E5FE-4D01-96C9-8B2C13646643}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4500.0.1279427537\2022539332" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2342 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4500.5.2129238273\1381029062" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4500.7.1404712603\1481644482" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4500.17.35423721\835055557" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4500.18.956839758\2042634777" /prefetch:673131151
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\zbytek petr\Desktop\RSITx64.exe"
wmiadap.exe /F /T /R

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\FreeHDSport TV V7.0-chromeinstaller-dev.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-chromeinstaller.exe /installcrx /agentregpath='FreeHDSport TV V7.0' /extensionfilepath='C:\Program Files (x86)\FreeHDSport TV V7.0\49030.crx' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=nddeakeooplfboiehkjlpljmddcooloi /extensionversion=1.26.13 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWneAsTfJQTonlxJ8Y3Dz8VorDb1TgS8MIUx7DjES78Bh7VOsrEXb4kzo65LBnZmJ2LTMq6zLHb0KKgFQTJ/rpqJcRM7K8ri7rZF2Yc4Ecd8PHVhvjkHK1Kshz4soe/5y+lUG75XjT1mPKfgqzEn8GICkIW3LHzU/vOf3WCfE6QwIDAQAB /defbro=ff /allusers /allprofiles /crxidfordevinstall=jpnbcnjminaklpgemhabgehipdlpcono /crxinstalltype=2 /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-codedownloader.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-codedownloader.exe /reinstallapp /runfrom=task /agentregpath='FreeHDSport TV V7.0' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /codedownloaddomain=http://cr.install-daddy.com /defbro=ff /allusers /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-firefoxinstaller.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-firefoxinstaller.exe /installxpi /agentregpath='FreeHDSport TV V7.0' /extensionfilepath='C:\Program Files (x86)\FreeHDSport TV V7.0\49030.xpi' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com /extensionversion=0.93 /prefsbranch=abeed7c57885c4fb094a4dded48027c2a6d3a8558a11e49a3892c3ce3edc559fbcom49030 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /49030.rdf /extensionname='FreeHDSport TV V7.0' /extensiondesc='Turn your pc into a TV! Enjoy endless variety of worldwide sports, movies and news channels.' /publishername='installdaddy' /defbro=ff /allusers /allprofiles /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-updater.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-updater.exe /runupdater /agentregpath='FreeHDSport TV V7.0' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http://stats.syncstatsdata.com /runfrom='task' /externallog=''
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\components\
Scriptff.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\extensions\
beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901130}]
FreeHDSport TV V7.0 - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-bho64.dll [2014-01-21 969216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-01-21 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901130}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-11-12 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-29 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-29 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-29 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-06-06 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-06-06 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-06-06 5908928]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"cz.seznam.software.autoupdate"=C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\zbytek petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"=C:\windows\system32\cmd.exe [2010-11-21 345088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-06-06 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"MSStp"=C:\windows\system32\msstp.vbe []
"mncdksivaSrv"=C:\windows\inf\mncdksiva.vbe [2014-01-19 1342]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\zbytek petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-28 14:26:08 ----D---- C:\rsit
2015-02-28 14:26:08 ----D---- C:\Program Files\trend micro
2015-02-25 20:22:22 ----A---- C:\windows\system32\powertracker.dll
2015-02-25 20:22:22 ----A---- C:\windows\system32\perftrack.dll
2015-02-25 20:22:21 ----A---- C:\windows\SYSWOW64\wdi.dll
2015-02-25 20:22:21 ----A---- C:\windows\system32\wdi.dll
2015-02-20 14:12:08 ----D---- C:\Program Files\WinRAR
2015-02-15 15:42:42 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-02-15 15:42:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-02-15 15:42:40 ----A---- C:\windows\system32\jscript9diag.dll
2015-02-15 15:42:40 ----A---- C:\windows\system32\jscript9.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\invagent.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\generaltel.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\devinv.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\appraiser.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\aeinv.dll
2015-02-11 11:30:28 ----A---- C:\windows\system32\aitstatic.exe
2015-02-11 11:30:28 ----A---- C:\windows\system32\aepdu.dll
2015-02-11 11:30:27 ----A---- C:\windows\system32\aepic.dll
2015-02-11 11:30:23 ----A---- C:\windows\system32\schannel.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-02-11 11:30:22 ----A---- C:\windows\system32\kerberos.dll
2015-02-11 11:30:21 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\wdigest.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\TSpkg.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\ncrypt.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\msv1_0.dll
2015-02-11 11:30:20 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-02-11 11:30:20 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-02-11 11:30:19 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-02-11 11:30:19 ----A---- C:\windows\system32\credssp.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 11:30:12 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-02-11 11:30:12 ----A---- C:\windows\system32\ieetwcollector.exe
2015-02-11 11:30:11 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-02-11 11:30:11 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-02-11 11:30:11 ----A---- C:\windows\system32\iernonce.dll
2015-02-11 11:30:11 ----A---- C:\windows\system32\ie4uinit.exe
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-02-11 11:30:10 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\urlmon.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\iedkcs32.dll
2015-02-11 11:30:07 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-02-11 11:30:07 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-02-11 11:30:07 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-02-11 11:30:06 ----A---- C:\windows\system32\msfeeds.dll
2015-02-11 11:30:06 ----A---- C:\windows\system32\dxtrans.dll
2015-02-11 11:30:05 ----A---- C:\windows\system32\iesetup.dll
2015-02-11 11:30:05 ----A---- C:\windows\system32\ieapfltr.dll
2015-02-11 11:30:04 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 11:30:04 ----A---- C:\windows\system32\iertutil.dll
2015-02-11 11:30:01 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-02-11 11:30:00 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-02-11 11:30:00 ----A---- C:\windows\system32\jsproxy.dll
2015-02-11 11:29:59 ----A---- C:\windows\system32\ieUnatt.exe
2015-02-11 11:29:58 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\ieui.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\ieframe.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\dxtmsft.dll
2015-02-11 11:29:56 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-02-11 11:29:56 ----A---- C:\windows\system32\mshtmled.dll
2015-02-11 11:29:55 ----A---- C:\windows\system32\wininet.dll
2015-02-11 11:29:55 ----A---- C:\windows\system32\vbscript.dll
2015-02-11 11:29:54 ----A---- C:\windows\system32\msrating.dll
2015-02-11 11:29:54 ----A---- C:\windows\system32\MshtmlDac.dll
2015-02-11 11:29:52 ----A---- C:\windows\system32\mshtml.dll
2015-02-11 11:29:27 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-02-11 11:29:26 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\sspisrv.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\sspicli.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\secur32.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\lsass.exe
2015-02-11 11:29:22 ----A---- C:\windows\system32\lsasrv.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\cng.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\auditpol.exe
2015-02-11 11:29:22 ----A---- C:\windows\system32\adtschema.dll
2015-02-11 11:29:21 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-02-11 11:29:21 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-02-11 11:29:20 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-02-11 11:29:20 ----A---- C:\windows\system32\msobjs.dll
2015-02-11 11:29:20 ----A---- C:\windows\system32\msaudite.dll
2015-02-11 11:29:12 ----A---- C:\windows\system32\cryptsvc.dll
2015-02-11 11:29:12 ----A---- C:\windows\system32\crypt32.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-02-11 11:29:11 ----A---- C:\windows\system32\wintrust.dll
2015-02-11 11:29:06 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2015-02-11 11:29:06 ----A---- C:\windows\system32\oleaut32.dll
2015-02-11 11:29:05 ----A---- C:\windows\system32\mstscax.dll
2015-02-11 11:29:04 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-02-11 11:29:02 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-02-11 11:28:38 ----A---- C:\windows\SYSWOW64\scesrv.dll
2015-02-11 11:28:38 ----A---- C:\windows\system32\scesrv.dll
2015-02-11 11:28:31 ----A---- C:\windows\system32\ntoskrnl.exe
2015-02-11 11:28:30 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 11:28:29 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-02-11 11:28:28 ----A---- C:\windows\system32\srcore.dll
2015-02-11 11:28:28 ----A---- C:\windows\system32\rstrui.exe
2015-02-11 11:28:27 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-02-11 11:28:27 ----A---- C:\windows\system32\srclient.dll
2015-02-11 11:28:05 ----A---- C:\windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-02-28 14:26:21 ----D---- C:\windows\Prefetch
2015-02-28 14:26:08 ----RD---- C:\Program Files
2015-02-28 14:25:50 ----D---- C:\windows\Temp
2015-02-28 14:24:33 ----A---- C:\windows\SYSWOW64\log.txt
2015-02-28 14:23:34 ----D---- C:\Users\zbytek petr\AppData\Roaming\Skype
2015-02-28 14:22:58 ----D---- C:\ProgramData\VeriFace
2015-02-28 14:22:34 ----D---- C:\windows\system32\config
2015-02-27 23:08:23 ----D---- C:\windows\System32
2015-02-27 23:08:23 ----D---- C:\windows\inf
2015-02-27 23:08:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-02-27 17:10:38 ----D---- C:\windows\tracing
2015-02-27 16:00:41 ----D---- C:\Users\zbytek petr\AppData\Roaming\Seznam.cz
2015-02-26 07:22:08 ----D---- C:\windows\winsxs
2015-02-26 07:21:01 ----D---- C:\windows\SysWOW64
2015-02-25 22:19:02 ----SHD---- C:\System Volume Information
2015-02-22 22:15:28 ----D---- C:\Users\zbytek petr\AppData\Roaming\uTorrent
2015-02-22 14:45:57 ----D---- C:\Users\zbytek petr\AppData\Roaming\vlc
2015-02-21 19:51:54 ----SHD---- C:\windows\Installer
2015-02-21 19:51:54 ----SHD---- C:\Config.Msi
2015-02-21 19:51:54 ----D---- C:\ProgramData\Skype
2015-02-21 19:51:50 ----RD---- C:\Program Files (x86)\Skype
2015-02-20 09:46:39 ----RSD---- C:\windows\assembly
2015-02-20 09:45:14 ----D---- C:\ProgramData\Microsoft Help
2015-02-15 19:39:42 ----D---- C:\windows\rescache
2015-02-15 17:22:47 ----D---- C:\windows\SYSWOW64\en-US
2015-02-15 17:22:47 ----D---- C:\windows\system32\en-US
2015-02-15 17:00:16 ----D---- C:\windows\system32\MRT
2015-02-15 16:49:24 ----A---- C:\windows\system32\MRT.exe
2015-02-15 16:11:13 ----SD---- C:\windows\system32\CompatTel
2015-02-15 16:11:12 ----D---- C:\windows\system32\appraiser
2015-02-15 15:58:57 ----D---- C:\windows\Microsoft.NET
2015-02-12 16:20:28 ----D---- C:\windows\system32\catroot2
2015-02-12 16:15:13 ----D---- C:\windows\system32\catroot
2015-02-12 16:14:18 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-02-12 16:14:18 ----D---- C:\windows\system32\cs-CZ
2015-02-12 16:14:18 ----D---- C:\Program Files\Internet Explorer
2015-02-12 16:14:17 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 16:14:16 ----D---- C:\windows\system32\drivers
2015-02-12 15:54:36 ----A---- C:\windows\win.ini
2015-02-12 15:52:13 ----D---- C:\Windows
2015-02-12 15:52:05 ----D---- C:\Program Files\Microsoft Security Client
2015-02-12 15:52:03 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-09 21:33:04 ----D---- C:\windows\Minidump
2015-02-05 20:12:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 16:03:41 ----D---- C:\ProgramData\CanonIJPLM
2015-02-05 15:23:11 ----RD---- C:\Program Files (x86)
2015-02-05 15:23:05 ----D---- C:\windows\Tasks
2015-01-30 09:47:23 ----RSD---- C:\windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-06-06 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-06-06 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-06-06 13408]
R1 tnetfilter2;tnetfilter2; C:\windows\system32\drivers\tnetfilter2.sys [2014-01-17 60096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 wStLibG64;wStLibG64; C:\windows\system32\drivers\wStLibG64.sys [2014-03-25 61120]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-06-06 29792]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-10-28 4716608]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\syswow64\pwdspio.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 ssinstall;SInstalátor; C:\windows\SysWOW64\ssins.exe [2014-01-02 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#2 Příspěvek od Márty84 »

Zdravim :)

Je tam havet :boxed:

:arrow: Pokud nepouzivate, odinstalujte Seznam Software.

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#3 Příspěvek od RaiderR »

všechny kroky hotové :)

# AdwCleaner v4.111 - Logfile created 28/02/2015 at 15:03:22
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : zbytek petr - ZBYTEKPETR-PC
# Running from : C:\Users\zbytek petr\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : wStLibG64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\optimizerpro1
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\AdTrustMedia
Folder Deleted : C:\ProgramData\CoolYou
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
Folder Deleted : C:\Program Files (x86)\LSHunter.TV
Folder Deleted : C:\Program Files (x86)\SecretSauce
Folder Deleted : C:\Program Files (x86)\FreeHDSport TV V7.0
Folder Deleted : C:\windows\SysWOW64\WNLT
Folder Deleted : C:\windows\System32\ARFC
Folder Deleted : C:\Users\zbytek petr\AppData\Local\genienext
Folder Deleted : C:\Users\zbytek petr\AppData\Local\Mobogenie
Folder Deleted : C:\Users\zbytek petr\AppData\LocalLow\FreeHDSport TV V7.0
Folder Deleted : C:\Users\zbytek petr\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\w5ufp7dz.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\Extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com
Folder Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\Extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com
File Deleted : C:\windows\System32\drivers\wStLibG64.sys
File Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\searchplugins\bingp.xml
File Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\w5ufp7dz.default\user.js
File Deleted : C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049030.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049030.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049030.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0049030.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905530}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906630}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3853ee3d-0b43-460c-9494-d380b4c991cf}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905530}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906630}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3853ee3d-0b43-460c-9494-d380b4c991cf}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F2927C87-71FF-4804-ACE3-E844F2D14E70}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\FreeHDSport TV V7.0
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKLM\SOFTWARE\FreeHDSport TV V7.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeHDSport TV V7.0
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v35.0.1 (x86 cs)

[yexhb6qz.default-1383998969984\prefs.js] - Line Deleted : user_pref("extensions.abeed7c57885c4fb094a4dded48027c2a6d3a8558a11e49a3892c3ce3edc559fbcom49030.49030.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[yexhb6qz.default-1383998969984\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "143b663583e8b02793a4dc71e25e1cf9");

-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [7716 bytes] - [28/02/2015 14:58:38]
AdwCleaner[S0].txt - [6951 bytes] - [28/02/2015 15:03:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7010 bytes] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#4 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#5 Příspěvek od RaiderR »

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.2.2015
Scan Time: 15:24:51
Logfile: log mal.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.28.03
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: zbytek petr

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 574302
Time Elapsed: 2 hr, 21 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.FreeHDSportTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FreeHDSport TV V7.0, , [def5889b5a301c1a7b29f2ece02356aa],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411901130}, , [4c8769baf79391a5115ebc1e60a5c040],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411901130}, , [4c8769baf79391a5115ebc1e60a5c040],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440444904430}, , [4c8769baf79391a5115ebc1e60a5c040],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440444904430}, , [4c8769baf79391a5115ebc1e60a5c040],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411901130}, , [4c8769baf79391a5115ebc1e60a5c040],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-163564537-3469407517-3352717574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110411901130}, , [4c8769baf79391a5115ebc1e60a5c040],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\bitstreams, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\bitstreams, , [4093e73cccbe50e6d567b5aea85bf808],

Files: 49
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-bg.exe.vir, , [e7ecef34bfcbdd59f86a4452c839a15f],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-bho64.dll.vir, , [666dc45f3951b38372f0177fd130da26],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-buttonutil.exe.vir, , [369dae758604de580f53861037cae818],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-buttonutil64.exe.vir, , [5a79de457e0cd165c69cdeb88f72c43c],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-chromeinstaller.exe.vir, , [c013bb68860475c1cc96484e9968f60a],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-codedownloader.exe.vir, , [577c041f0a8088ae2e341086b24f3dc3],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-firefoxinstaller.exe.vir, , [cf04de459af01b1b7ae82d695ca52fd1],
PUP.Optional.FreeHDSportTV.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-updater.exe.vir, , [c3104cd7b8d2fd394f139df919e848b8],
PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FreeHDSport TV V7.0\utils.exe.vir, , [e1f278ab21695ed850cfeb5e24dcfc04],
PUP.Optional.ScramblePacker.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LSHunter.TV\LSextsetup.exe.vir, , [24af30f30783f83e54afb9eda75af60a],
Trojan.Dropper, C:\AdwCleaner\Quarantine\C\ProgramData\optimizerpro1\OptimizerPro1.exe.vir, , [e2f1150e2b5ff93de8c8257f9a6834cc],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\zbytek petr\AppData\Local\genienext\nengine.dll.vir, , [10c374afcac0cc6a52992756907145bb],
PUP.Optional.Perion.A, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\WNLT\Installation\WSSetup.exe.vir, , [7360a1823951a98daf990c8cb2533bc5],
PUP.Optional.Seznam, C:\Users\zbytek petr\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe, , [1ab9e73cc5c53006f90c6fda55acfd03],
PUP.Optional.Perion.A, C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7RIORL1W\PersgSetup[1].exe, , [1cb732f1395146f0eb5d2e6ab84da55b],
Trojan.BitMiner, C:\Windows\inf\mncdksiva\mncdksiva.exe, , [5e75a87b4842b08673e7cf8500028977],
BitcoinMiner, C:\Windows\inf\msmwiukt\msmwiukt.exe, , [cb0871b2aedc3303becb3beb45bc8779],
PUP.Optional.Incredibar.A, C:\Users\zbytek petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage, , [cf0458cb1872d462a7cc498e47bc9a66],
PUP.Optional.FreeHDSportTV.A, C:\Windows\Tasks\FreeHDSport TV V7.0-chromeinstaller-dev.job, , [2ea570b3e5a593a3d5cedc023dc6b64a],
PUP.Optional.FreeHDSportTV.A, C:\Windows\Tasks\FreeHDSport TV V7.0-codedownloader.job, , [a72ccf54b0da0d29841f776745be9f61],
PUP.Optional.FreeHDSportTV.A, C:\Windows\Tasks\FreeHDSport TV V7.0-firefoxinstaller.job, , [9b3877ac34560333edb6716d52b12ed2],
PUP.Optional.FreeHDSportTV.A, C:\Windows\Tasks\FreeHDSport TV V7.0-updater.job, , [28abcc5745450a2c198a07d790739c64],
Trojan.Agent.VBS, C:\Windows\SysWOW64\msstp.vbe, , [4f8459ca1872db5b789f925040c3e41c],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\diablo130302.cl, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\diakgcn121016.cl, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\libcurl-4.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\libeay32.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\libidn-11.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\librtmp.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\libssh2.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\phatk121016.cl, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\poclbm130302.cl, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\scrypt130511.cl, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\ssleay32.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\zlib1.dll, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncdksiva\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [7f5461c2bad0c472ea52ca990af921df],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\diablo130302.cl, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\diakgcn121016.cl, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\libcurl-4.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\libeay32.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\libidn-11.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\librtmp.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\libssh2.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\phatk121016.cl, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\poclbm130302.cl, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\scrypt130511.cl, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\ssleay32.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\zlib1.dll, , [4093e73cccbe50e6d567b5aea85bf808],
Trojan.Agent.BCM, C:\Windows\inf\mncmplmtf\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [4093e73cccbe50e6d567b5aea85bf808],

Physical Sectors: 0
(No malicious items detected)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#6 Příspěvek od Márty84 »

No fuj :boxed:

Vsechny nalezy hodte do karanteny. Po restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#7 Příspěvek od RaiderR »

Scan proběhl v pořádku bez nálezů :)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#8 Příspěvek od Márty84 »

Vyborne :)


:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#9 Příspěvek od RaiderR »

Zdravím, ted jsem se pokousel pocitac spustit a nastal problem. Ted probiha oprava spusteni systemu. Mám i přesto použít combofix jak oprava proběhne nebo jiné kroky ?

edit: vypadá to, že proběhla obnova do staršío data
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#10 Příspěvek od Márty84 »

Pocitac byl hodne zavirovany, je mozne, ze havet system poskodila a byla nutna oprava.

Dejte tedy nejprve novy log z RSIT, at vidim, co tam ted bezi.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#11 Příspěvek od RaiderR »

Logfile of random's system information tool 1.10 (written by random/random)
Run by zbytek petr at 2015-03-01 11:04:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 175 GB (40%) free of 432 GB
Total RAM: 4040 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:04:49, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\zbytek petr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... DSearchBox
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0049030 - {11111111-1111-1111-1111-110411901130} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [MSStp] C:\windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncdksivaSrv] C:\windows\inf\mncdksiva.vbe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:1e7231d7c57a186430db2e7371173f6b] "C:\Users\ZBYTEK~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\zbytek petr\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14259 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 3993376
\??\C:\windows\system32\conhost.exe "903961885416853812-1721967204-1199083050-653052160621416253717768272061195041
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {EF122B7B-DDE1-4882-959F-1E98767F536E}
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
WLIDSvcM.exe 2408
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\splwow64.exe 8192
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2804.0.1125850049\981157437" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2342 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Control/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2804.1.1924053903\1218827412" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Control/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2804.4.1334082637\363983844" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Control/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2804.5.553094870\1626138250" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Control/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_46/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2804.7.32050823\1657271091" /prefetch:673131151
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\zbytek petr\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\FreeHDSport TV V7.0-chromeinstaller-dev.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-chromeinstaller.exe /installcrx /agentregpath='FreeHDSport TV V7.0' /extensionfilepath='C:\Program Files (x86)\FreeHDSport TV V7.0\49030.crx' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=nddeakeooplfboiehkjlpljmddcooloi /extensionversion=1.26.13 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWneAsTfJQTonlxJ8Y3Dz8VorDb1TgS8MIUx7DjES78Bh7VOsrEXb4kzo65LBnZmJ2LTMq6zLHb0KKgFQTJ/rpqJcRM7K8ri7rZF2Yc4Ecd8PHVhvjkHK1Kshz4soe/5y+lUG75XjT1mPKfgqzEn8GICkIW3LHzU/vOf3WCfE6QwIDAQAB /defbro=ff /allusers /allprofiles /crxidfordevinstall=jpnbcnjminaklpgemhabgehipdlpcono /crxinstalltype=2 /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-codedownloader.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-codedownloader.exe /reinstallapp /runfrom=task /agentregpath='FreeHDSport TV V7.0' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /codedownloaddomain=http://cr.install-daddy.com /defbro=ff /allusers /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-firefoxinstaller.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-firefoxinstaller.exe /installxpi /agentregpath='FreeHDSport TV V7.0' /extensionfilepath='C:\Program Files (x86)\FreeHDSport TV V7.0\49030.xpi' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com /extensionversion=0.93 /prefsbranch=abeed7c57885c4fb094a4dded48027c2a6d3a8558a11e49a3892c3ce3edc559fbcom49030 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /49030.rdf /extensionname='FreeHDSport TV V7.0' /extensiondesc='Turn your pc into a TV! Enjoy endless variety of worldwide sports, movies and news channels.' /publishername='installdaddy' /defbro=ff /allusers /allprofiles /runfrom='task' /externallog=''
C:\windows\tasks\FreeHDSport TV V7.0-updater.job - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-updater.exe /runupdater /agentregpath='FreeHDSport TV V7.0' /appid=49030 /srcid='000859' /subid='0' /zdata='0' /bic=CBF095DF4CDA447C8C91A0DDA27D6FC7IE /verifier=8141edf734df3e4562a17a334c8134b8 /installerversion=1_33_153 /installationtime=1390334301 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http://stats.syncstatsdata.com /runfrom='task' /externallog=''
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\components\
Scriptff.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\extensions\
beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901130}]
FreeHDSport TV V7.0 - C:\Program Files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-bho64.dll [2014-01-21 969216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-01-21 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901130}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-11-12 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-28 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-29 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-29 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-29 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2011-06-06 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-06-06 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-06-06 5908928]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"=C:\windows\system32\cmd.exe [2010-11-21 345088]
"SeznamInstall-uninstall:1e7231d7c57a186430db2e7371173f6b"=C:\Users\ZBYTEK~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2015-03-01 534528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-06-06 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"MSStp"=C:\windows\system32\msstp.vbe []
"mncdksivaSrv"=C:\windows\inf\mncdksiva.vbe [2014-01-19 1342]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\zbytek petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-28 15:23:23 ----D---- C:\ProgramData\Malwarebytes
2015-02-28 15:23:23 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 14:58:31 ----D---- C:\AdwCleaner
2015-02-28 14:26:08 ----D---- C:\rsit
2015-02-28 14:26:08 ----D---- C:\Program Files\trend micro
2015-02-20 14:12:08 ----D---- C:\Program Files\WinRAR
2015-02-15 15:42:42 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-02-15 15:42:41 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-02-15 15:42:40 ----A---- C:\windows\system32\jscript9diag.dll
2015-02-15 15:42:40 ----A---- C:\windows\system32\jscript9.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\invagent.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\generaltel.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\devinv.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\appraiser.dll
2015-02-11 11:30:29 ----A---- C:\windows\system32\aeinv.dll
2015-02-11 11:30:28 ----A---- C:\windows\system32\aitstatic.exe
2015-02-11 11:30:28 ----A---- C:\windows\system32\aepdu.dll
2015-02-11 11:30:27 ----A---- C:\windows\system32\aepic.dll
2015-02-11 11:30:23 ----A---- C:\windows\system32\schannel.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-02-11 11:30:22 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-02-11 11:30:22 ----A---- C:\windows\system32\kerberos.dll
2015-02-11 11:30:21 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\wdigest.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\TSpkg.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\ncrypt.dll
2015-02-11 11:30:21 ----A---- C:\windows\system32\msv1_0.dll
2015-02-11 11:30:20 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-02-11 11:30:20 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-02-11 11:30:19 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-02-11 11:30:19 ----A---- C:\windows\system32\credssp.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-02-11 11:30:12 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 11:30:12 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-02-11 11:30:12 ----A---- C:\windows\system32\ieetwcollector.exe
2015-02-11 11:30:11 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-02-11 11:30:11 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-02-11 11:30:11 ----A---- C:\windows\system32\iernonce.dll
2015-02-11 11:30:11 ----A---- C:\windows\system32\ie4uinit.exe
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 11:30:10 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-02-11 11:30:10 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-02-11 11:30:08 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\urlmon.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-02-11 11:30:08 ----A---- C:\windows\system32\iedkcs32.dll
2015-02-11 11:30:07 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-02-11 11:30:07 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-02-11 11:30:07 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-02-11 11:30:06 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-02-11 11:30:06 ----A---- C:\windows\system32\msfeeds.dll
2015-02-11 11:30:06 ----A---- C:\windows\system32\dxtrans.dll
2015-02-11 11:30:05 ----A---- C:\windows\system32\iesetup.dll
2015-02-11 11:30:05 ----A---- C:\windows\system32\ieapfltr.dll
2015-02-11 11:30:04 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 11:30:04 ----A---- C:\windows\system32\iertutil.dll
2015-02-11 11:30:01 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-02-11 11:30:00 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-02-11 11:30:00 ----A---- C:\windows\system32\jsproxy.dll
2015-02-11 11:29:59 ----A---- C:\windows\system32\ieUnatt.exe
2015-02-11 11:29:58 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\ieui.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\ieframe.dll
2015-02-11 11:29:57 ----A---- C:\windows\system32\dxtmsft.dll
2015-02-11 11:29:56 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-02-11 11:29:56 ----A---- C:\windows\system32\mshtmled.dll
2015-02-11 11:29:55 ----A---- C:\windows\system32\wininet.dll
2015-02-11 11:29:55 ----A---- C:\windows\system32\vbscript.dll
2015-02-11 11:29:54 ----A---- C:\windows\system32\msrating.dll
2015-02-11 11:29:54 ----A---- C:\windows\system32\MshtmlDac.dll
2015-02-11 11:29:52 ----A---- C:\windows\system32\mshtml.dll
2015-02-11 11:29:27 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-02-11 11:29:26 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-02-11 11:29:22 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\sspisrv.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\sspicli.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\secur32.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\lsass.exe
2015-02-11 11:29:22 ----A---- C:\windows\system32\lsasrv.dll
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\drivers\cng.sys
2015-02-11 11:29:22 ----A---- C:\windows\system32\auditpol.exe
2015-02-11 11:29:22 ----A---- C:\windows\system32\adtschema.dll
2015-02-11 11:29:21 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-02-11 11:29:21 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-02-11 11:29:20 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-02-11 11:29:20 ----A---- C:\windows\system32\msobjs.dll
2015-02-11 11:29:20 ----A---- C:\windows\system32\msaudite.dll
2015-02-11 11:29:12 ----A---- C:\windows\system32\cryptsvc.dll
2015-02-11 11:29:12 ----A---- C:\windows\system32\crypt32.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2015-02-11 11:29:11 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-02-11 11:29:11 ----A---- C:\windows\system32\wintrust.dll
2015-02-11 11:29:06 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2015-02-11 11:29:06 ----A---- C:\windows\system32\oleaut32.dll
2015-02-11 11:29:05 ----A---- C:\windows\system32\mstscax.dll
2015-02-11 11:29:04 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-02-11 11:29:02 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-02-11 11:28:38 ----A---- C:\windows\SYSWOW64\scesrv.dll
2015-02-11 11:28:38 ----A---- C:\windows\system32\scesrv.dll
2015-02-11 11:28:31 ----A---- C:\windows\system32\ntoskrnl.exe
2015-02-11 11:28:30 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 11:28:29 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-02-11 11:28:28 ----A---- C:\windows\system32\srcore.dll
2015-02-11 11:28:28 ----A---- C:\windows\system32\rstrui.exe
2015-02-11 11:28:27 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-02-11 11:28:27 ----A---- C:\windows\system32\srclient.dll
2015-02-11 11:28:05 ----A---- C:\windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-01 19:17:46 ----D---- C:\windows\winsxs
2015-03-01 19:17:46 ----D---- C:\windows\Tasks
2015-03-01 19:17:46 ----D---- C:\windows\SysWOW64
2015-03-01 19:17:46 ----D---- C:\windows\system32\wfp
2015-03-01 19:17:46 ----D---- C:\windows\system32\DriverStore
2015-03-01 19:17:46 ----D---- C:\windows\system32\drivers\etc
2015-03-01 19:17:46 ----D---- C:\windows\system32\catroot2
2015-03-01 19:17:46 ----D---- C:\Windows
2015-03-01 19:17:45 ----D---- C:\windows\SYSWOW64\WNLT
2015-03-01 19:17:45 ----D---- C:\windows\system32\wbem
2015-03-01 19:17:45 ----D---- C:\windows\system32\Tasks
2015-03-01 19:17:45 ----D---- C:\windows\system32\drivers
2015-03-01 19:17:45 ----D---- C:\windows\system32\CodeIntegrity
2015-03-01 19:17:32 ----HD---- C:\ProgramData
2015-03-01 19:17:32 ----D---- C:\ProgramData\OptimizerPro1
2015-03-01 19:17:32 ----D---- C:\ProgramData\McAfee Security Scan
2015-03-01 19:17:32 ----D---- C:\ProgramData\CoolYou
2015-03-01 19:17:31 ----RD---- C:\Program Files (x86)
2015-03-01 19:17:31 ----D---- C:\Program Files (x86)\Seznam.cz
2015-03-01 19:17:31 ----D---- C:\Program Files (x86)\LSHunter.TV
2015-03-01 19:17:31 ----D---- C:\Program Files (x86)\FreeHDSport TV V7.0
2015-03-01 19:17:24 ----D---- C:\windows\registration
2015-03-01 19:17:07 ----D---- C:\windows\Microsoft.NET
2015-03-01 19:12:19 ----D---- C:\windows\system32\LogFiles
2015-03-01 11:04:27 ----D---- C:\windows\Prefetch
2015-03-01 11:03:48 ----D---- C:\windows\Temp
2015-03-01 10:59:27 ----D---- C:\Users\zbytek petr\AppData\Roaming\Skype
2015-03-01 10:45:31 ----D---- C:\windows\system32\config
2015-03-01 10:33:44 ----SHD---- C:\System Volume Information
2015-03-01 10:25:15 ----D---- C:\windows\System32
2015-03-01 10:25:15 ----D---- C:\windows\inf
2015-03-01 10:25:15 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-01 10:22:47 ----D---- C:\Users\zbytek petr\AppData\Roaming\Seznam.cz
2015-03-01 10:21:56 ----D---- C:\windows\tracing
2015-03-01 10:21:56 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-01 10:19:20 ----D---- C:\ProgramData\VeriFace
2015-02-22 22:15:28 ----D---- C:\Users\zbytek petr\AppData\Roaming\uTorrent
2015-02-22 14:45:57 ----D---- C:\Users\zbytek petr\AppData\Roaming\vlc
2015-02-21 19:51:54 ----SHD---- C:\windows\Installer
2015-02-21 19:51:54 ----SHD---- C:\Config.Msi
2015-02-21 19:51:54 ----D---- C:\ProgramData\Skype
2015-02-21 19:51:50 ----RD---- C:\Program Files (x86)\Skype
2015-02-20 14:12:08 ----RD---- C:\Program Files
2015-02-20 09:46:39 ----RSD---- C:\windows\assembly
2015-02-20 09:45:14 ----D---- C:\ProgramData\Microsoft Help
2015-02-15 19:39:42 ----D---- C:\windows\rescache
2015-02-15 17:22:47 ----D---- C:\windows\SYSWOW64\en-US
2015-02-15 17:22:47 ----D---- C:\windows\system32\en-US
2015-02-15 17:00:16 ----D---- C:\windows\system32\MRT
2015-02-15 16:49:24 ----A---- C:\windows\system32\MRT.exe
2015-02-15 16:11:13 ----SD---- C:\windows\system32\CompatTel
2015-02-15 16:11:12 ----D---- C:\windows\system32\appraiser
2015-02-12 16:15:13 ----D---- C:\windows\system32\catroot
2015-02-12 16:14:18 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-02-12 16:14:18 ----D---- C:\windows\system32\cs-CZ
2015-02-12 16:14:18 ----D---- C:\Program Files\Internet Explorer
2015-02-12 16:14:17 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-12 15:54:36 ----A---- C:\windows\win.ini
2015-02-12 15:52:05 ----D---- C:\Program Files\Microsoft Security Client
2015-02-12 15:52:03 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-09 21:33:04 ----D---- C:\windows\Minidump
2015-02-05 20:12:24 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 16:03:41 ----D---- C:\ProgramData\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-06-06 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-06-06 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-06-06 13408]
R1 tnetfilter2;tnetfilter2; C:\windows\system32\drivers\tnetfilter2.sys [2014-01-17 60096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R1 wStLibG64;wStLibG64; C:\windows\system32\drivers\wStLibG64.sys [2014-03-25 61120]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-06-06 29792]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-10-28 4716608]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-02-14 1581184]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\windows\syswow64\pwdspio.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-10-16 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#12 Příspěvek od Márty84 »

Odstranena havet je zpatky.

Pouzijte znovu ADWCleaner a pak rovnou ComboFix.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#13 Příspěvek od RaiderR »

ComboFix 15-03-01.01 - zbytek petr 01.03.2015 11:25:48.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2508 [GMT 1:00]
Spuštěný z: c:\users\zbytek petr\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{049A44E8-CF40-47A4-A363-E86597AB33CE}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{101ADCF2-0CDB-4693-B91A-062AC4C8AC83}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4920A9BF-554B-40BB-9D33-386C0BB92C1A}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6329866F-B2CA-430B-892B-20465FA49AD6}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{77C14097-5ECB-477C-A9B7-524A0471B401}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7C49D243-70A4-465F-9284-1CE59ADE7EB4}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7ED77317-5547-41E3-BD60-BB9F85E0A64B}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9A8CDBBE-ABD8-4314-B1EB-5746F57E9720}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9BE64719-180C-4BF7-B836-115266E8DE2F}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A064A07F-CFF3-4B52-ABC8-6FFCEA86F99B}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BC53EDFE-D4B4-46E2-A485-CA119CFC9D05}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C4882D28-0D47-41CC-8639-31852F39ED7B}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C4ECD530-CE2B-4576-8C0B-829DFDE458D2}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C91700A6-EACC-4860-B4EA-B773D23C7CFB}.xps
c:\users\zbytek petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DA69B565-7A6B-430F-8665-1DB6D7D83FB3}.xps
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\defaults\preferences\prefs.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\1_base.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\1000020_analytics.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\1000025_analyticsFront.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\1000030_mz.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\17_jQuery.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\175_coolmirage_m.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\182_openUrl.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\183_tabsWrapper.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\21_debug.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\22_resources.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\28_initializer.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\47_resources_background.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\64_appApiMessage.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\72_appApiValidation.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\plugins\98_omniCommands.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\userCode\background.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\extensionData\userCode\extension.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome.manifest
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\asyncDB.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\background.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\browserAction.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\contextMenu.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\dbManager.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\dom_bg.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\fileManager.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\firefox.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\firefoxNotifications.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\firefoxOmnibox.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\message.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\pageAction.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\request.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\tabs.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\webRequest.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\api\windowsMessagingHandler.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\baseObject.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\addressBarChangeObserver.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\console.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\consts.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\delegate.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\extensionDataStore.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\folderIOWrapper.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\httpObserver.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\IDBWrapper.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\installer.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\logFile.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\prefs.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\progressListenerObserver.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\registry.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\reloadObserver.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\reports.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\requestObject.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\searchSettings.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\uninstallObserver.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\updateManager.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\utils.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\core\xhr.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\dialog.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\main.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\options.js
c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\4gx1ied7.default-1408696380481\extensions\beed7c57-885c-4fb0-94a4-dded48027c2a@6d3a8558-a11e-49a3-892c-3ce3edc559fb.com\chrome\content\platformVersion.js
c:\windows\s.bat
c:\windows\SysWow64\msstp.vbe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-01 do 2015-03-01 )))))))))))))))))))))))))))))))
.
.
2015-03-01 10:33 . 2015-03-01 10:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-01 09:33 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C94B6432-C67B-4A49-AFF7-AD6E1274B66D}\mpengine.dll
2015-03-01 09:18 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-28 14:23 . 2015-03-01 18:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-28 14:23 . 2015-02-28 14:23 -------- d-----w- c:\programdata\Malwarebytes
2015-02-28 13:58 . 2015-03-01 10:13 -------- d-----w- C:\AdwCleaner
2015-02-28 13:26 . 2015-03-01 10:04 -------- d-----w- c:\program files\trend micro
2015-02-28 13:26 . 2015-02-28 13:26 -------- d-----w- C:\rsit
2015-02-21 19:10 . 2014-09-10 14:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{295BB9DC-8B46-4FB5-A176-E7526D2CA904}\gapaengine.dll
2015-02-20 13:12 . 2015-02-20 13:12 -------- d-----w- c:\program files\WinRAR
2015-02-15 14:42 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-15 14:42 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-15 14:42 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-15 14:42 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 10:29 . 2015-01-12 02:34 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-02-11 10:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 10:28 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 10:28 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 10:28 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 10:28 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 10:28 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 10:28 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 10:28 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 10:28 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 10:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-15 15:49 . 2011-10-24 06:04 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-05 19:12 . 2013-10-03 19:09 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-05 19:12 . 2011-10-15 17:53 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 10:01 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 10:01 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 10:01 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 10:01 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 10:01 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 10:01 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-01-23 31087200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-06-06 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"mncdksivaSrv"="c:\windows\inf\mncdksiva.vbe" [2014-01-19 1342]
.
c:\users\zbytek petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-11-12 222384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswKbd;aswKbd; [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 tnetfilter2;tnetfilter2;c:\windows\system32\drivers\tnetfilter2.sys;c:\windows\SYSNATIVE\drivers\tnetfilter2.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys;c:\windows\SYSNATIVE\Drivers\usbvideo.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-20 18:27 1084744 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-03 19:12]
.
2015-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 18:47]
.
2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 18:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-06-06 09:37 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-06-06 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-06-06 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-06-06 5908928]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 188.95.56.2 188.95.56.3
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{11111111-1111-1111-1111-110411901130} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-MSStp - c:\windows\system32\msstp.vbe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110411901130} - c:\program files (x86)\FreeHDSport TV V7.0\FreeHDSport TV V7.0-bho64.dll
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-03-01 11:35:50
ComboFix-quarantined-files.txt 2015-03-01 10:35
.
Před spuštěním: Volných bajtů: 207 720 767 488
Po spuštění: Volných bajtů: 208 405 540 864
.
- - End Of File - - B45B24B225B0AE8143B521BC0943499D
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zpomalený počítač

#14 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\inf\mncdksiva.vbe
C:\Windows\inf\mncdksiva\mncdksiva.exe
C:\Windows\inf\msmwiukt\msmwiukt.exe
C:\Windows\Tasks\FreeHDSport TV V7.0-chromeinstaller-dev.job
C:\Windows\Tasks\FreeHDSport TV V7.0-codedownloader.job
C:\Windows\Tasks\FreeHDSport TV V7.0-firefoxinstaller.job
C:\Windows\Tasks\FreeHDSport TV V7.0-updater.job
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\inf\mncdksiva\diablo130302.cl
C:\Windows\inf\mncdksiva\diakgcn121016.cl
C:\Windows\inf\mncdksiva\libcurl-4.dll
C:\Windows\inf\mncdksiva\libeay32.dll
C:\Windows\inf\mncdksiva\libidn-11.dll
C:\Windows\inf\mncdksiva\librtmp.dll
C:\Windows\inf\mncdksiva\libssh2.dll
C:\Windows\inf\mncdksiva\phatk121016.cl
C:\Windows\inf\mncdksiva\poclbm130302.cl
C:\Windows\inf\mncdksiva\scrypt130511.cl
C:\Windows\inf\mncdksiva\ssleay32.dll
C:\Windows\inf\mncdksiva\zlib1.dll
C:\Windows\inf\mncdksiva\bitstreams\fpgaminer_top_fixed7_197MHz.ncd

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mncdksivaSrv"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Firefox::
FF - ProfilePath - c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=

Driver::
SkypeUpdate
McComponentHostService
c2cautoupdatesvc
c2cpnrsvc

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
RaiderR
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 14 lis 2011 12:18

Re: Zpomalený počítač

#15 Příspěvek od RaiderR »

ComboFix 15-03-01.01 - zbytek petr 01.03.2015 12:15:30.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.1921 [GMT 1:00]
Spuštěný z: c:\users\zbytek petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\zbytek petr\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\inf\mncdksiva.vbe"
"c:\windows\inf\mncdksiva\bitstreams\fpgaminer_top_fixed7_197MHz.ncd"
"c:\windows\inf\mncdksiva\diablo130302.cl"
"c:\windows\inf\mncdksiva\diakgcn121016.cl"
"c:\windows\inf\mncdksiva\libcurl-4.dll"
"c:\windows\inf\mncdksiva\libeay32.dll"
"c:\windows\inf\mncdksiva\libidn-11.dll"
"c:\windows\inf\mncdksiva\librtmp.dll"
"c:\windows\inf\mncdksiva\libssh2.dll"
"c:\windows\inf\mncdksiva\mncdksiva.exe"
"c:\windows\inf\mncdksiva\phatk121016.cl"
"c:\windows\inf\mncdksiva\poclbm130302.cl"
"c:\windows\inf\mncdksiva\scrypt130511.cl"
"c:\windows\inf\mncdksiva\ssleay32.dll"
"c:\windows\inf\mncdksiva\zlib1.dll"
"c:\windows\inf\msmwiukt\msmwiukt.exe"
"c:\windows\SysWOW64\msstp.vbe"
"c:\windows\Tasks\FreeHDSport TV V7.0-codedownloader.job"
"c:\windows\Tasks\FreeHDSport TV V7.0-firefoxinstaller.job"
"c:\windows\Tasks\FreeHDSport TV V7.0-chromeinstaller-dev.job"
"c:\windows\Tasks\FreeHDSport TV V7.0-updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\inf\mncdksiva.vbe
c:\windows\inf\mncdksiva\bitstreams\fpgaminer_top_fixed7_197MHz.ncd
c:\windows\inf\mncdksiva\diablo130302.cl
c:\windows\inf\mncdksiva\diakgcn121016.cl
c:\windows\inf\mncdksiva\libcurl-4.dll
c:\windows\inf\mncdksiva\libeay32.dll
c:\windows\inf\mncdksiva\libidn-11.dll
c:\windows\inf\mncdksiva\librtmp.dll
c:\windows\inf\mncdksiva\libssh2.dll
c:\windows\inf\mncdksiva\mncdksiva.exe
c:\windows\inf\mncdksiva\phatk121016.cl
c:\windows\inf\mncdksiva\poclbm130302.cl
c:\windows\inf\mncdksiva\scrypt130511.cl
c:\windows\inf\mncdksiva\ssleay32.dll
c:\windows\inf\mncdksiva\zlib1.dll
c:\windows\inf\msmwiukt\msmwiukt.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_McComponentHostService
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-01 do 2015-03-01 )))))))))))))))))))))))))))))))
.
.
2015-03-01 11:24 . 2015-03-01 11:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-01 09:33 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C94B6432-C67B-4A49-AFF7-AD6E1274B66D}\mpengine.dll
2015-03-01 09:18 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-28 14:23 . 2015-03-01 18:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-28 14:23 . 2015-02-28 14:23 -------- d-----w- c:\programdata\Malwarebytes
2015-02-28 13:58 . 2015-03-01 10:13 -------- d-----w- C:\AdwCleaner
2015-02-28 13:26 . 2015-03-01 10:04 -------- d-----w- c:\program files\trend micro
2015-02-28 13:26 . 2015-02-28 13:26 -------- d-----w- C:\rsit
2015-02-21 19:10 . 2014-09-10 14:30 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{295BB9DC-8B46-4FB5-A176-E7526D2CA904}\gapaengine.dll
2015-02-20 13:12 . 2015-02-20 13:12 -------- d-----w- c:\program files\WinRAR
2015-02-15 14:42 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-15 14:42 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-15 14:42 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-15 14:42 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 10:29 . 2015-01-12 02:34 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-02-11 10:28 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 10:28 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 10:28 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 10:28 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 10:28 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 10:28 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 10:28 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 10:28 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 10:28 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 10:28 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-15 15:49 . 2011-10-24 06:04 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-05 19:12 . 2013-10-03 19:09 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-05 19:12 . 2011-10-15 17:53 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 10:01 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 10:01 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 10:01 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 10:01 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 10:01 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 10:01 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-19 15:34 222832 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:05 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-06-06 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
.
c:\users\zbytek petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-11-12 222384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswKbd;aswKbd; [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 tnetfilter2;tnetfilter2;c:\windows\system32\drivers\tnetfilter2.sys;c:\windows\SYSNATIVE\drivers\tnetfilter2.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys;c:\windows\SYSNATIVE\Drivers\usbvideo.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-20 18:27 1084744 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-03 19:12]
.
2015-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 18:47]
.
2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-06 18:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-19 15:34 261744 ----a-w- c:\users\zbytek petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-06-06 09:37 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418840]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-06-06 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-06-06 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-06-06 5908928]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 188.95.56.2 188.95.56.3
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\zbytek petr\AppData\Roaming\Mozilla\Firefox\Profiles\yexhb6qz.default-1383998969984\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{11111111-1111-1111-1111-110411901130} - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-03-01 12:37:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-01 11:37
ComboFix2.txt 2015-03-01 10:35
.
Před spuštěním: Volných bajtů: 208 510 652 416
Po spuštění: Volných bajtů: 207 972 745 216
.
- - End Of File - - 327FB2F15A9F6B2660D2DBA8AB31E65E
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“